Welcoming 2015 with Security Predictions

It is that time of the year when every “Expert” / “Consultant” / “Visionary” will have their predictions for 2015. Here are a pick of them for your reading:


1) Websense 2015 Security Predictions Report – highlights of which are:


a) Healthcare will see a substantial increase of data stealing attack campaigns.
b) Attacks on the Internet of Things will focus on business use cases, not consumer products.
c) Credit card thieves will morph into information dealers.
d) Authentication consolidation on the phone will trigger data-specific exploits, but not for stealing data on the phone.
e) New vulnerabilities will emerge from decades-old source code.
f) Email threats will take on a new level of sophistication and evasiveness.
g) As companies increase access to cloud and social media tools, Command and Control instructions will increasingly be hosted on legitimate sites.
h) There will be the new (or newly revealed) players on the global cyber espionage/cyber war battlefield.


2) Trend Micro Security Predictions for 2015 and Beyond – highlights of which are:


a) More cybercriminals will turn to darknets and exclusive-access forums to share and sell crimeware.
b) Increased cyber activity will translate to better, bigger, and more successful hacking tools and attempts.
c) Exploit kits will target Android, as mobile vulnerabilities play a bigger role in device infection.
d) Targeted attacks will become as prevalent as cybercrime.
e) New mobile payment methods will introduce new threats.
f) We will see more attempts to exploit vulnerabilities in open source apps.
g) Technological diversity will save IoE/IoT devices from mass attacks but the same won’t be true for the data they process.
h) More severe online banking and other financially motivated threats will surface.


3) Kaspersky Security Predictions for 2015 – highlights of which are:


a) Cybercriminals Merge with APT Groups, Tactics
b) APT Groups Fragment, Attacks Increase and Diversify
c) New Bugs in Old, Widely Used Code
d) Hackers Target Points of Sale, ATMs
e) The Rise of Apple Malware
f) Targeting Ticketing Machines
g) Pawning Virtual Payment Systems
h) Apple Pay in the Crosshairs
i) Compromising the Internet of Things


Let us see how these pan out in the coming year. Here is wishing you all a very Happy, Prosperous and “Secure” 2015.


SniffPass – Simple Password Sniffer

SniffPass is small password monitoring software (basically a password sniffer) that listens to your network, capture the passwords that pass through your network adapter, and display them on the screen instantly. SniffPass can capture the passwords of the following Protocols: POP3, IMAP4, SMTP, FTP, and HTTP (basic authentication passwords).


You can use this utility to recover lost Web/FTP/Email passwords via your own network adapter.


Read more at Darknet

Staples: Breach May Have Affected 1.16 Million Customers’ Cards

Staples said that nearly 1.16 million customer payment cards may have been affected in a data breach under investigation since October. The office-supply retailer said two months ago that it was working with law enforcement officials to look into a possible hacking of its customers’ credit card data. Staples said in October that it had learned of a potential data theft at several of its U.S. stores after multiple banks noticed a pattern of payment card fraud suggesting the company computer systems had been breached. Now, Staples believes that point-of-sale systems at 115 Staples locations were infected with malware that thieves may have used to steal customers’ names, payment card numbers, expiration dates and card verification codes. At all but two of those stores, the malware would have had access to customer data for purchases made between August 10 and September 16 of this year. At the remaining two stores, the malware was active from July 20 through September 16, the company said.



Gang Hacked ATMs from Inside Banks

An organized gang of hackers from Russia and Ukraine has broken into internal networks at dozens of financial institutions and installed malicious software that allowed the gang to drain bank ATMs of cash. While none of the victim institutions were in the United States or Western Europe, experts say the stealthy methods used by the attackers in these heists would likely work across a broad range of western banks.


Read More

How The Digital Wallet Will Drive Mobile Commerce in 2015

Mobile is on the rise and has helped disrupt many traditional industries, including transportation, accommodations, services and retail. As a result, mobile commerce is on a tear, and is expected to account for global revenues of $204 billion by year end.


As consumers shift to mobile, they’re demanding simple and straightforward buying experiences like those of Airbnb, Trunk Club, Uber and YPlan. The simpler mobile buying becomes, the more mobile commerce will grow. Yet there’s still a steep gap between browsing and buying on mobile. Too many obstacles still stand between consumers and merchants trying to connect via mobile devices.


Here are some predictions on how this environment will shape up in the coming year.


Read More