…Conversation – Skype Trojan in the Wild

There is evidence that there is a Skype trojan in the wild:

“Symantec describes how the Trojan intercepts API calls to Skype, capturing and storing audio conversations as MP3 files with caller, date, day and time stamps to identify them, and SkypeOut and SkypeIn call designations. The Trojans then attempts to upload the recordings to pre-defined locations after detecting and attempting to bypass named firewall filters.”

This could be extremely dangerous for companies using Skype for cheap international calls. It should be noted, however, that it isn’t clear whether the trojan actually does all of the things it is designed to do.

Risk is listed as low, but it is interesting to see that someone has done this. There is also talk that it is code that was originally written for commercial purposes that has now found its way to the open source market.

Computer World
Symantec

…Web Site – 130,000+ Pages Infected

A SQL injection attack discovered last week has now infected more than 130,000 web pages. The sites download a mix of trojans, keystroke loggers and other malware to unsuspecting users from legitimate websites.

Security Focus

The New Threat to Oil Supplies: Hackers

I had never heard of fully remote off-shore drilling rigs. However they’re a target as they have wireless communication from the rig back to on-shore facilities for all manner of controls.

Read the article here.

Health Care Breach Notification Mandated

Catching up on a few things from last week.

“Two new rules were created this week requiring health care organizations, and other entities that interact with personal health records (PHRs), to issue notifications in the event of a data breach.
Both rules were created as part of the American Recovery and Reinvestment Act of 2009 (ARRA), signed into law by President Obama in February.”

One rule requires organizations subject to HIPAA regulations to individuals when breaches of information for 500 people or more occur.

The other rule covers web-based business that collect health information from consumers. They must also issue notifications if a breach occurs.

SC Magazine
FTC - 16 CFR Part 318

20 Critical Security Controls V2.0

I was away when this was released but it is a very valuable read. From the introduction:

“This consensus document of 20 crucial controls is designed to begin the process of establishing that prioritized baseline of information security measures and controls. The consensus effort that has produced this document has identified 20 specific technical security controls that are viewed as effective in blocking currently known high-priority attacks, as well as those attack types expected in the near future. Fifteen of these controls can be monitored, at least in part, automatically and continuously. The consensus effort has also identified a second set of five controls that are essential but that do not appear to be able to be monitored continuously or automatically with current technology and practices. Each of the 20 control areas includes multiple individual subcontrols, each specifying actions an organization can take to help improve its defenses.”

20 things that will go a long way to helping ensure that your organizations critical information stays secure.

http://www.sans.org/cag/

Patch Tuesday Has Arrived

Lots of patches again today affecting most versions of Windows and Windows Server as well as Office.

You can read all the details here - http://www.microsoft.com/technet/security/bulletin/ms09-aug.mspx