Includes F-Secure CosmicDuke/MiniDuke Announcement & Sean Sullivan Quote - "At the moment, crimeware which targets consumers is under attack by international law enforcement. It is quite possible that the displaced crimeware vendors found a new buyer of information," speculated F-Secure security advisor, Sean Sullivan.
Free Avast Vs F-Secure which one is the better AntiVirus?
"Let’s begin with perhaps the most significant difference between the two programs – Avast includes a Virtual Sandbox feature, whereas F-Secure does not ... “Incase anyone is starting to feel a little sort for F-Secure, they do have the best and most user friendly control panel and also include parental controls for those happy to let their kids surf alone online. For some users this will be an important consideration, and while Avast has a perfectly functional interface it does not offer such filtering ... "In regards to customer service and support F-Secure have an excellent reputation not just for being typically able to resolve issues swiftly but also in being really simple to get in touch with. They offer not just phone or online form submission (As Avast does), but also email and chat ... “Those looking for a clean, deceptively powerful, family and customer friendly product may find their heads turned towards F-Secure.”
REFILE-Israel's Nation-E sees revenue of up to $400 mln by year end
“Researchers with F-Secure of Finland and Symantec reported last week that they believe the "Energetic Bear" hacking group was behind a campaign to infect energy and industrial firms with malicious software.”
International Business Times
CosmicDuke: The Latest Strand to Russia’s Cyber-Espionage Campaign
Includes F-Secure CosmicDuke Announcement & Tirmo Hirvonen (Labs Blog) Quoted - "Moreover, we found that the loader was updated at some point, and both malware families took the updated loader into use," a blog post by F-Secure security researcher Timo Hirvonen explains. "Since Cosmu is the first malware known to share code with MiniDuke, we decided to name the samples showing this amalgamation of the MiniDuke-derived loader and Cosmu-derived payload as CosmicDuke."
Sean Sullivan Quoted - “The Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, issued the request after researchers with F-Secure … “ “The request follows another alert last week on Havex from ICS-CERT, which said that the agency and F-Secure had learned that the malicious software was designed to send a map of the network infrastructure back to the hackers' command-and-control server.” “F-Secure and Symantec said they believed the malicious software had so far only being used for spying, but that it had the capability to be used for sabotage. "They are scanning and mapping out industrial control system networks," said F-Secure researcher Sean Sullivan. "They are probably passing on the ones that are of interest to other groups."
US companies warned against “Energetic Bear” virus
“Meanwhile, F-Secure has claimed that the attackers used a remote access trojan (RAT) named Havex to hunt for vulnerable industrial control systems (ICS) with a view to ultimately accessing critical infrastructure used to manage electrical, water, oil, gas and data supplies.”
“Technical assistance was provided by Dell SecureWorks and CrowdStrike. Numerous other companies also provided assistance, including facilitating efforts by victims to remediate the damage to their computers inflicted by Gameover Zeus. These companies include Microsoft Corporation, Abuse.ch, Afilias, F-Secure, Level 3 Communications, McAfee, Neustar, Shadowserver, Anubis Networks, Symantec, Heimdal Security, Sophos and Trend Micro.”
Evolved Cridex cyber attack found with 50,000 stolen credentials
“Cridex is one of many old attack tools to receive a technical upgrade in recent weeks. Researchers at F-Secure uncovered a fresh BlackEnergy hack campaign believed to be targeting European governments with a wave of spear-phishing emails masquerading as IT alerts in June.”
U.S. Urges Energy Companies To Be On Guard Against Russian Cyberattacks
“The group is known to private malware researchers as “Energetic Bear” because it operates during Russian working hours and mostly targets Western energy companies. The U.S. security firm Symantec and F-Secure of Finland report that the group was responsible for an effort to implant the Havex Trojan infect in their victims’ computers” … “Symantec and F-Secure say the malware ordinarily is used only for spying, but can be modified to sabotage a machine.”
Wondering where our story on Russians hacking energy companies is?
Links to previous article which mentions F-Secure: Attackers fling Stuxnet-style RATs at critical control software in EUROPE
Mix 96 / Bridge FM / Radioaire / Radiocity / CFM Radio / City Talk FM / 9.74 Rock FM / Radio Borders / Central FM / North Sound / Basingstoke The Breeze / Andover The Breeze / Key103 / Clyde1 / Hallam FM / 2br / Juice Brighton / Gaydio / Forthone / Tayam / LBC.co.uk / Sky.com / Jack Bristol / My Gold Music / Radio Pembrokeshire / Virus BFN / Minster FM / Kerrang Radio / Three FM / My Gold Music / Sun FM / Stray FM / Cool FM / Orange.co.uk / KLFM 967 / Viking FM / Metro Radio / 964 Eagle / Yorkshire Coast Radio / Wessex FM / Manchester’s Magic / Viking FM / North Sound / Pirate FM
Sean Sullivan, a mobile security expert at F-Secure, believes that the integration is a "move in the right direction" but is unconvinced that it will solve all the problems. "I don't know if this will be the 'killer app' which makes the difference," Sullivan told IBTimes UK. "Many security-minded businesses are already allowing personal devices in their networks. Perhaps Knox won't move them further, but it could allow them to more easily manage what they've already allowed. And things can then evolve from there."
Brief Mention of the European Press Trip & Mikko Hypponen Quote - "Victoria's finest are not alone in their clingy love for XP; a new three-month BitDefender study declared one in five small to medium sized businesses still used the operating system while F-Secure security thinker Mikko Hypponen declared he "can't wait for Windows XP to die".
eBay bans sales of smartphone with built-in spyware
Brief Mention of the Mobile Threat Report - “According to 2013 figures from F-Secure, around 97 per cent of new mobile malware targets Android smartphones as opposed to iOS, BlackBerry and Windows Phone devices. Of these threats, almost nine in ten (88 per cent) are trojans.”
InfoCom shows that loud-based security for SMEs is offered as value-added to FTTx
“The most common security solution adopted by SME customers worldwide is software-based with basic features based on software of ESET, F-Secure, McAfee, Symantec and Trend Micro. F-Secure and McAfee are, by far, the most popular choices with McAfee being dominant in North America and Latin America, while F-Secure has a stronger foothold among providers in the Asia Pacific, Eastern Europe and Western Europe.”
(Includes mention of the European Press Trip currently taking place in Helsinki, Finland and Link to above article. - “The warnings around XP come as F-Secure’s chief security researcher Mikko Hypponen voiced his frustration XP is still so embedded in company’s, during a press event attended by V3’s sister site The Inquirer.”)
Chinese smartphone on sale on Amazon and eBay contains built-in malware
(Includes small mention of the F-Secure Mobile Threat Report. - "Android accounted for 97% of the malware targeted at mobile devices last year, according to data from security firm F-Secure, an increase of 20% year on year.”)
(Mikko Hypponen briefly quoted - “Intriguingly, the flaw isn't entirely new: F-Secure's Mikko Hypponen reported the same issue to Tweetdeck in 2011, when it was apparently fixed. It's unclear how the same problem could be allowed to happen again.“)
TweetDeck users urged to restart app to avoid XSS attack
(Mention of the Mobile Threat Report - "The other big enhancement to Windows Phone 8.1 is in regards to security. The current biggest OS in the Enterprise, Android, is always making the headlines for its vulnerabilities – the latest from an F-Secure report shows 91% of mobile malware targets Google’s platform. In 8.1, Microsoft added the ability for device storage to be encrypted using trusted BitLocker technology.”)
Summer is upon us for the F-Secure UK & Ireland team and we welcome you back with brand new June coverage as well as another new logo! Apologies for the lack of regular updates throughout May and we predict a lot of strong coverage for June! Here is our coverage from 4th June.
F-Secure UK's insight:
What Spotify’s Data Breach Teaches Us About Android and Streaming Services
(“Security expert Mikko Hypponen, founder of F-Secure, joked that the most secure operating system is Windows 3.1 because no one makes viruses for it anymore.” & Congratulations to Mikko on his job title change.)
Mention of Mobile Threat Report - “A study from security specialist F-Secure found that Android-based malware accounted for 97% of all mobile malware in 2013. The remaining 3% targeted Nokia's discontinued Symbian OS, while iOS, BlackBerry, and Microsoft Windows Phones accounted for 0% of all malware attacks.”
Allen Scott Quoted - "MD Allen Scott, MD of security experts F-Secure said: "We understand that many people are a bit lost when it comes to online protection, which is why we've compiled advice to give some guidance."
Sean Sullivan quoted - "On the JP Morgan figure, F-Secure researcher Sean Sullivan said that it wasn't clear what the money is for: “It's difficult to tell what exactly the increase is for. I get the sense it's just added costs related to DDoS mitigation, and not for actually improving core security principals.”
Mobile Threat Report quoted - "Android's security as a health-care platform is also questionable. F-Secure recently reported that out of all the malware discovered during the first quarter of 2014, Android was targeted by 275 out of 277 "threat families" (malware-infected apps sharing a common code). iOS and Symbian were each only targeted by a single threat family."
(Mikko Hypponen of rival security firm F-Secure recently said, "I can't wait for Windows XP to die. I’m glad Microsoft stopped shipping updates. I'm mad at Microsoft for shipping updates after end of support, it should try and kill this beast. But it's not dead yet.")
Mikko Hypponen says John Kerry should 'shut the f*** up' about Snowden
(Mikko Hypponen has slammed US Secretary of State John Kerry for branding Edward Snowden a "coward" and a "traitor," and saying that the US National Security Agency (NSA) document leaker should "man up" and return to the United States from Russia to "make his case".)
(Brief Mention - “Helsinki-based F-Secure' s Personal Cloud Service has been selected to power BT Cloud, a service enabling BT's UK customers to safely store and share photos, videos and personal files across their smartphones, tablets and PCs.” )
(F-Secure Briefly Mentioned (Gameover Botnet & Tweetdeck Patch) - “Details of how it works are revealed in the announcement, for those interested in the technical aspects behind this. F-Secure says it is the first time it has used this particular technology.”)
Sponsored Video: The Hoff goes in search for Digital Freedom
(Quote from Sean Sullivan - Speaking to SCMagazineUK.com, F-Secure researcher Sean Sullivan applauded the move and said that the most transparent telcos will end up ‘winning'. He added that it would be easy for companies with few requests to submit their transparency requests, but harder for those – like BT – with close-government ties. “…It's a very promising trend for companies that haven't got many requests, but other larger telcos are going to follow and it's going to be more difficult to move forward.”
Microsoft demands NSA reform on anniversary of Snowden leaks
(Quote from Mikko Hypponen - Mikko Hypponen of security firm F-Secure said: "Practically all the changes we've seen have been to improve the privacy of US citizens, not foreigners. Politicians have to keep their voters satisfied, and we foreigners won't be able to vote them out of their positions.")
Mikko Hypponen, F-Secure - 'I hope we get more Snowdens'
(Article saying that AV companies collect data on users. F-Secure is mentioned as being part of the study by AV-Comparatives, but is not singled out. AhnLab and Emsisoft are listed as the two vendors which collect the least amount of data.)
(“In August 2010, after Microsoft required customers to upgrade from XP SP2 to SP3 to continue to receive security updates, a security adviser with antivirus vendor F-Secure revealed a Windows registry hack that tricked Windows Update into "seeing" an XP SP2 PC as an XP SP3 system.”)