ITP recently published several security alert items.
The ‘Win32.Flame’ or ‘W32.Flamer’ is a major new cyber attack that targets users in the Middle East and Eastern Europe . Flamer seems to target individuals rather than organisations and has been detected in the Palestinian West Bank, Hungary, Iran, Lebanon, Russia, Austria, Hong Kong, and the United Arab Emirates,
Flamer can steal documents, take screenshots of users’ desktops, spread via USB drives, disable security vendor products, turn on PC microphones, turn on Bluetooth, intercept network traffic and spread to other systems under certain conditions. The threat may also have the ability to leverage multiple known and patched vulnerabilities in Microsoft Windows, in order to spread across a network.
This is perhaps an even greater threat than ‘Wiper’, which can wipe data from hard drives,and Iran’s National Computer Emergency Response Team confirmed it was used to attack Iranian oil plants in April.
Alexander Gostev, chief security expert at Kaspersky Lab, commented: “….the Flame cyber-attack campaign is currently in its active phase, and its operator is consistently surveilling infected systems, collecting information and targeting new systems to accomplish its unknown goals.”
Three UAE banks’ online banking websites were the victims of DDoS attacks in the first quarter of this year, according to Bashar Bashairah, regional director of Fortinet
A smartphone application that is capable of transferring prepaid phone credit without the phone user’s authorisation or knowledge has been discovered by the Network Security Group at the American University of Beirut (AUB). Once installed, the app, which maquerades as a benign messaging app, starts sending and intercepting SMS messages, causing unauthorised credit transfers to another phone number without being detected.
