Month: August 2016

Android Tamer is a free and open source Swiss army knife type of tool for Android security.

The recently released version 4 moves towards Debian package compatibility. Users are able to obtain or use Android Tamer in multiple formats:

1. Download the OVA directly and use it.
2. Configure Debian 8 machines to use tools from Android Tamer repositories.
3. A Vagrant Image can be used to build Android Tamer and see the process transparently.

More options such as ISO and Docker builds are in the works and should be available soon.

“As with any other open source project, I’m faced with multiple challenges. The highly volatile nature of the upstream projects (frequent updates, no release tags, sudden project abandonment), and the fact that each developer has his/her own idea on how to run a tool, are the main reasons we have more than 60 open bugs related to adding new tools to Android Tamer,” Anant Shrivastava, Leader at Android Tamer, told Help Net Security.

The project is looking for contributors in different areas, including writing documentation and testing and bug reporting, to take everything to the next level.

Future plans

The aim of the project is to become a one-stop location for anything related to Android security. The development team is working on the following:

• Android Tamer VM: Standard Linux distribution customized for Android security
• Tools repository: A Debian (and Red Hat in the future) compatible repository of Android security tools
• Custom Android emulator: specifically customized to help with Android security
• Android Play Store equivalent for offensive and defensive software that are not available on Google Play.

If you’re at Black Hat USA 2016 in Las Vegas this week, you can see the tool in action at the Arsenal.

SecurityScorecard released its 2016 Financial Cybersecurity Report, a comprehensive analysis that exposes cybersecurity vulnerabilities across 7,111 global financial institutions including investment banks, asset management firms, and major commercial banks.

Among the report’s findings are the following observations:

• The US Commercial bank with the lowest security posture is one of the top 10 largest financial service organizations in the US (by revenue).
• Only one of the top 10 largest banks, Bank of America, received an overall “A” grade.
• 95 percent of the top 20 US commercial banks (by revenue) have a Network Security grade of “C” or below.
• 75 percent of the top 20 US commercial banks (by revenue) are infected with malware and a number of malware families were discovered within these banks, including Ponyloader, and Vertexnet.
• Nearly 1 out of 5 financial institutions use an email service provider with severe security vulnerabilities.
• The best performing Investment Banks in IT Security include Goldman Sachs, Exchange Bank, BNP Paribas Fortis and Banco Popolare.

Each US financial organization was evaluated based on their overall security hygiene and security reaction time compared to their industry peers. The conclusions and rankings featured in the report are based on data derived from SecurityScorecard’s security rating platform.

The company also analyzed the specific security ratings of Scottrade, Bangladesh Bank, and CharlesSchwab, all of which fell victim to data breaches recently. The analysis provides details on the data breaches as part of a holistic view on the financial industry’s vulnerability to attacks.

Additionally, the company found third party vendors and partners that provide essential services to the financial services industry also pose some of the greatest security risks.

“As banks continue to grow through acquisition, legacy IT systems and their vulnerabilities are also acquired. In many cases, they remain in place for years,” said Sam Kassoumeh, a cybersecurity expert with over 10 years’ experience and COO and Co-Founder of SecurityScorecard.

“Despite major financial institutions spending billions of dollars on cybersecurity annually, this report suggests the financial industry may not be spending those dollars as effectively as possible. A greater level of protection is required, which should be a concern for their customers and partners.”

“Financial companies rely on data exchanges with other vendors and may have limited visibility into the cyber risk associated with these transactions. As cybercriminals find new ways to attack, breach, and exploit organizations, threat patterns such as phishing, spear-phishing, and social engineering evolve and become more sophisticated. Financial organizations need solutions that assess vulnerabilities continuously and have the ability to see risks and vulnerabilities before a breach takes place,” said Dr. Luis Vargas, Sr. Data Scientist at SecurityScorecard.