Cybersecurity Comes under Scanner as Google Chrome Users Hit by Spyware Campaign

Google | June 19, 2020

  • A newly discovered spyware effort attacked users through 32-million downloads of extensions to Google’s market-leading Chrome web browser.

  • Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools.

  • The extensions were designed to avoid detection by antivirus companies or security software that evaluates the reputations of web domains.


A newly discovered spyware effort attacked users through 32-million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security said, highlighting the tech industry’s failure to protect browsers as they are used more for e-mail, payroll and other sensitive functions. Alphabet’s Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers in May.


When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses, Google spokesperson Scott Westover said. Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools.



Read more: 65% OF PHISHING THREATS FACING REMOTE WORKERS IMPERSONATE GOOGLE-BRANDED WEBSITES

When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses.

~ Google spokesperson Scott Westover said


Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, said Awake co-founder and chief scientist Gary Golomb. Google declined to discuss how the latest spyware compared with prior campaigns, the breadth of the damage, or why it did not detect and remove the bad extensions on its own despite past promises to supervise offerings more closely.


It is unclear who was behind the effort to distribute the malware. Awake said the developers supplied fake contact information when they submitted the extensions to Google.“Anything that gets you into somebody’s browser or e-mail or other sensitive areas would be a target for national espionage as well as organised crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security.


We do regular sweeps to find extensions using similar techniques, code and behaviours,” Google’s Westover said, in identical language to what Google gave out after Duo’s report.


The extensions were designed to avoid detection by antivirus companies or security software that evaluates the reputations of web domains, Golomb said. If someone used the browser to surf the web on a home computer, it would connect to a series of websites and transmit information, the researchers found. Anyone using a corporate network, which would include security services, would not transmit the sensitive information or even reach the malicious versions of the websites. All of the domains in question, more than 15,000 linked to each other in total, were bought from a small registrar in Israel, Galcomm, known formally as CommuniGal Communication.


In an e-mail exchange, Galcomm owner Moshe Fogel told Reuters his company had done nothing wrong. “Galcomm is not involved, and not in complicity with any malicious activity whatsoever,” Fogel wrote. “You can say exactly the opposite, we co-operate with law enforcement and security bodies to prevent as much as we can.��� Fogel said there was no record of the inquiries Golomb said he made in April and again in May to the company’s e-mail address for reporting abusive behaviour, and he asked for a list of suspect domains. Reuters sent him that list three times without getting a substantive response. The Internet Corp for Assigned Names and Numbers, which oversees registrars, said it had received few complaints about Galcomm over the years, and none about malware.


Read more: LEVERAGING THREAT INTELLIGENCE TO TACKLE CYBERTHREATS IN TIMES OF COVID-19

Spotlight

In the words of President Obama, it's "fair to say this is not your typical election." Though he was speaking of the choice Americans must make between two very different candidates come November, they also apply to the role cyber security is playing in the election and the way it is shaping the conversation about data protection.


Other News
ENTERPRISE SECURITY

iTecs Enters Into A Partnership With Check Point

iTecs | December 20, 2021

iTecs, a Dallas based IT MSP, Cybersecurity, and Cloud Hosting Provider (https://itecsonline.com) enters into a partnership with Check Point, a leader in enterprise and SMB cybersecurity products and solutions, to provide iTecs clients with efficacious cybersecurity protection. The collaboration between the two parties enables iTecs to deliver the various services and products to clients as a managed service. "The traditional 'perimeter-based' security model is not aging well in this new landscape, and binary access tools are proving to be cumbersome and unscalable. Fixed perimeters no longer govern working environments. Instead, users work on their own devices and sensitive company data stored in third-party cloud services. As a result, companies can no longer rely on binary security models that focus on letting good guys in and keeping bad guys out. The challenge for modern enterprises is how to give users the required access while reducing set-up and maintenance costs without compromising security. Check Point's Zero Trust Network Access model provides the tools to safeguard companies in today's ever-growing work-from-home demand. Especially with the growing popularity and development of 'METAVERSE' work environments, it's essential to adopt new and intelligent ways of protecting your users," says Brian Desmot, CEO & Founder of iTecs. Currently in partnerships with Sophos, SentinelOne, Cisco, CoSoSys, and now Check Point, iTecs' Managed Security Services (MSS) division provides SMB and Enterprises with an array of sophisticated and synergistic threat-preventing solutions. "Our propensity of testing cybersecurity solutions has led us to the conclusion that Check Point is the right partner to provide our clients with maximum ROI. As a result, we are redesigning our website and will include new pages devoted to the broad menu of services our alliance with Check Point is providing," Brian Desmot iTecs is going through a rebranding campaign with the launch of a new logo and website which will be completed by early 2022. About iTecs IT Outsourcing and Support Brian Desmot founded iTecs in 2002, a white-glove IT support, consulting, managed IT services provider. The firm delivers an umbrella of IT services from break-fix, consulting, cybersecurity, to procurement for businesses of all sizes. If you need a professional, customer-centric offsite IT department, iTecs is the best choice.

Read More

SOFTWARE SECURITY

Contrast Security Joins Foojay Advisory Board to Accelerate Java Developer Community Growth, Raise Security Perspective

Contrast Security | April 13, 2022

Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announces its commitment to helping Java developers build code securely by joining the Foojay Advisory Board. "Prior to the creation of Foojay, the ecosystem of OpenJDK users lacked a vendor-neutral community platform for many years. It is wonderful to see more and more individuals and organizations, such as Contrast Security, getting involved since the foundation's inception in April 2020. Contrast Security not only shares their insights about the OpenJDK, but also provides valuable security tips and tricks as well as helps collaborate around Foojay, the place for friends of OpenJDK." said Geertjan Wielenga, Senior Director of Open Source Projects at Azul, the initiator of Foojay. Contrast Security along with the other Foojay Advisory Board Members will help guide the direction, content and oversight of Foojay.io, the community site for developers who use, target, and run their applications on top of Java and OpenJDK, with a focus on growing the community and meeting its mission to provide free information for everyday Java developers. "We're honored to join the Foojay Advisory Board because we know Java developers rely on the Foojay community and the foundation's mission of sharing information and improving the entire market as a whole. Contrast is proud to help progress security within Java applications and assist developers to build securely without having to change the way they work." Steve Wilson, Chief Product Officer at Contrast Security Contrast Secure Code Platform is the only platform on the market that embeds intelligent agents directly into the code to enable developers to detect vulnerabilities during and post-production. In addition to Java support, Contrast Secure Code Platform supports .NET, Ruby, Python, Node, PHP and Go. About Foojay: Foojay, a place for Friends of OpenJDK, is a fast-growing community focused around the OpenJDK, providing tips and insights for Java developers, and user-focused Java and OpenJDK technical dashboards with free information on all things Java. A dedicated blogging area is available on Foojay to anyone who has thoughts or code to share on topics relevant to the Java ecosystem. About Contrast Security: Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive Code Security Platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.

Read More

WEB SECURITY TOOLS

Star Atlas Launches Initiative to Establish Web3 Security Framework

Star Atlas | May 25, 2022

Star Atlas, a next-gen metaverse with triple-A game design and Unreal Engine 5 graphics built on the Solana blockchain, today announced an expanded focus on security to ensure consumer protection and digital safety in the metaverse. This multi-pronged initiative includes signing Kudelski Security, the cybersecurity division of the Kudelski Group - the world leader in digital security, and the forefront leader in providing security solutions for major blockchain-based applications, exchanges, and ecosystems - as its security partner. Kudelski Security will perform ongoing audits and analysis to help ensure the integrity of the Star Atlas metaverse is maintained and both partners will work together to explore setting standards for web3 security. "We are pleased to partner with the team at Kudelski Security to advance the digital security of our fast-expanding metaverse," said Michael Wagner, Co-Founder and CEO of ATMTA, Inc., the principal development studio of Star Atlas. "We understand there is a lot of skepticism when it comes to web3 and security, so we want to be proactive by partnering with one of the top cybersecurity firms to help make sure our community feels safe. Protection of assets is paramount, and we look forward to working with Kudelski Security to establish the best practices for security when it comes to web3 gaming." As security auditor of record, Kudelski Security will increase the safety and security of the Star Atlas metaverse by testing the protocols and looking for potential vulnerabilities to be addressed. Star Atlas players will have greater assurance that the metaverse has been built securely and tested rigorously, and that Star Atlas has taken the necessary action to become the leader in the web3 space when it comes to security. The relationship with Kudelski Security goes beyond the hardening of the Star Atlas environment. Star Atlas is looking to expand collaborations with the wider Group to focus on new standards that can help to transition companies and projects into web3, including security standards, tokenization, and best practices in web3 gaming. By developing standard technology and processes that enable safe and secure on-chain gaming, players will be protected from the hacks that currently plague web3 and some of the main barriers to wider stakeholder adoption will be lowered. "Web3 is growing rapidly, and we are seeing more need for developing a security standard that is adopted across the industry to act as a framework. This is why we are excited to partner with a native web3 leader like Star Atlas and to come together to solve potential security issues before they arise." Andrew Howard, CEO of Kudelski Security In addition to Kudelski Security's blockchain and cybersecurity experience, the Kudelski Group is recognized as global leaders in digital security – with specialized expertise in encryption, anti-piracy, watermarking, cryptography, and digital rights management. Executives from Star Atlas, the Kudelski Group, Kudelski Security, and NAGRA Kudelski are meeting during the World Economic Summit in Davos, Switzerland, to further discuss establishing a framework for securing the web3 ecosystem. ABOUT STAR ATLAS Star Atlas is a next-gen gaming metaverse emerging from the confluence of state of the art blockchain, real-time graphics, multiplayer video game, and decentralized financial technologies. Real-time graphics technology using Unreal Engine 5's Nanite allows for cinematic quality video game visuals. Blockchain technology using the Solana protocol establishes a largely serverless and secured gameplay experience. Non-fungible tokens obtained and traded within Star Atlas creates an economy that replicates the tangibility of real world assets and ownership.

Read More

ENTERPRISE SECURITY

M.C. Dean launches Enterprise Security SaaS

M.C. Dean | March 25, 2022

M.C. Dean, a leader in cyber-physical solutions and systems integrator for enterprise-class security systems, today announced the launch of its Enterprise Security software as a service (SaaS) on AWS commercial and GovCloud. "Our Enterprise Security SaaS offering provides integrated access control, intrusion detection, and video surveillance managed services with the ease, flexibility, and resiliency of the cloud." Eric Dean, M.C. Dean chief technology officer M.C. Dean's fully managed Enterprise Security SaaS runs on high availability AWS Cloud with leading commercial-off-the-shelf security systems combined with 24x7x365 service monitoring and customer support. The service supports web-based and client software access with enterprise-level system integrations such as single sign-on and standard or custom options. Flexible & Resilient: Benefit from cloud-enabled system self-restoration and managed database capabilities. Automated deployments can build and rebuild systems within seconds. Active directory integrations provide secure, seamless access. Take advantage of centralized support for low-cost, high-performance nationwide installation and maintenance. Highly Secure: Enterprise Security SaaS is designed to meet FedRAMP, FICAM, and other industry requirements. Keep application data separate and secure while accelerating cybersecurity authorizations for commercial and government clients. Time & Cost Effective: Replace costly CapEx with utility-based pricing and immediate availability. Streamline setup costs and timelines, while reducing the price per site and device. About M.C. Dean M.C. Dean is Building Intelligence®. We design, build, operate, and maintain cyber-physical solutions for the nation's most recognizable mission-critical facilities, secure environments, complex infrastructure, and global enterprises. The company's capabilities include electrical, electronic security, telecommunications, life safety, automation and controls, audio visual, and IT systems. M.C. Dean is headquartered in Tysons, Virginia and employs more than 5,100 professionals who engineer and deploy automated, secure, and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability.

Read More

Spotlight

In the words of President Obama, it's "fair to say this is not your typical election." Though he was speaking of the choice Americans must make between two very different candidates come November, they also apply to the role cyber security is playing in the election and the way it is shaping the conversation about data protection.

Resources