IT Security News Blast 2-6-2017

Online card fraud up as thieves avoid more secure chip cards for in-store payments

Hackers have taken the path of least resistance, moving from in-store fraud to e-commerce fraud, according to security experts. Deterred by the security capabilities of chip cards for in-store payments, thieves have resorted to stealing credit-card numbers and passwords or opening new accounts with false credentials to use in making online payments for purchases, according to recent studies. Botnets also comprise some of the biggest increases in online card fraud.

http://www.csoonline.com/article/3166084/security/online-card-fraud-up-as-thieves-avoid-more-secure-chip-cards-for-in-store-payments.html

Many organizations lack direction on cyber security

“As we’ve seen with the recent attacks, DDoS is extremely disruptive, and on the rise,” says Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “When hackers launch a DDoS attack, the damage can be devastating for the business that’s being targeted because it disables a company’s online presence. As a result business workflow comes to a halt, mission-critical processes cannot be completed and reputations can be ruined.”

http://www.healthdatamanagement.com/news/many-organizations-lack-direction-on-cyber-security

U.S. citizen sues Ethiopian gov’t for planting spyware

“Mr. Martinez argued that the location where the harm was inflicted upon Mr. Kidane was in Maryland, where his computer and he were the entire time he was spied upon,” the EFF said in a Feb. 2 report. “The question of whether U.S. courts can provide a remedy to an American who was wiretapped shouldn’t turn on where the eavesdropper was sitting, but rather where the actual wiretapping occurred, which in this case was Silver Spring, Md.”

https://www.scmagazine.com/us-citizen-argues-for-right-to-sue-ethiopian-govt-for-cyberespionage/article/636163/

Cisco Warns Consumers on Cybersecurity Threats

According to Cisco Systems Inc. (CSCO), the amount of malicious spam in average email mailboxes is piling up. The legacy tech firm released its annual 2017 cybersecurity report in January indicating that in the U.S., IP connection blocks, which occur when a detection program recognizes spam, rose from 1.35 million in 2015 to 2.05 million in 2016. Countries around the world saw large spikes in IP connection blocks, as the number of spam detections doubled in France, Mexico and Brazil and increased a whopping sixfold in India.

http://www.investopedia.com/news/cisco-warns-consumers-cybersecurity-threats-csco/

Norway Accuses Russia of Cyber-Attack 

“Nine different email accounts were targeted in an attempt at what is called spear phishing, in other words malicious emails,” Arne Christian Haugstoyl, an official with Norway’s intelligence service PST, told television channel TV2. “It’s difficult to know what the goal” of the operation was, he said, adding that Norway was alerted to the attack by an allied country. He described APT 29 as a group “with links to the Russian authorities”.

http://gadgets.ndtv.com/internet/news/norway-accuses-russia-of-cyber-attack-1656051

The Real Threat Is Machine Incompetence, Not Intelligence

The problem is that the public doesn’t really get this because no one bothers to explain it. We have general intelligence and so we see a simulacrum of intelligence on TV and assume that it too involves something like general intelligence, even though a Go-playing computer is more or less doomed to an existence as a Go-playing computer. In Bundy’s words: “Many humans tend to ascribe too much intelligence to narrowly focused AI systems.”

https://motherboard.vice.com/en_us/article/the-real-threat-is-machine-incompetence-not-intelligence

The Next Big Encryption Fight

Similar to how it tried to get Apple to build custom software that would help investigators access data stored on an iPhone, the FBI could try to compel a messaging service provider to provide some sort of technical assistance to help investigators read encrypted messages, says Andrew Crocker, staff attorney at the Electronic Frontier Foundation. The New York Times reported last March that the Justice Department was “privately debating” how to approach a standoff with WhatsApp over encryption.

https://www.technologyreview.com/s/603534/the-next-big-encryption-fight/

Dayton proposes cybersecurity upgrade

Gov. Mark Dayton is proposing a $125 million technology upgrade for Minnesota government that includes tighter cybersecurity protections. Dayton’s budget proposal includes $74 million to boost Minnesota’s cybersecurity defenses, Minnesota Public Radio News reported. The funds would help Minnesota create secure data centers and hire more cybersecurity experts. Myron Frans, the state’s management and budget commissioner, says Dayton is also proposing $51 million for improvements to Minnesota’s IT infrastructure.

http://www.sctimes.com/story/news/local/minnesota/2017/02/04/governor-poses-cybersecurity-upgrade/97498756/

Outlook on Cybersecurity Stocks

The big players in cybersecurity are Cisco, IBM and Symantec, along with a host of smaller companies, such as Palo Alto Networks, FireEye Inc. and Fortinet Inc. Sixty percent of Palo Alto’s revenue comes from subscriptions. FireEye’s stock is more volatile, experiencing big gains and losses in 2016. What’s interesting about the smaller players is that all of them are ripe for acquisition, especially in the current climate. In essence, the cybersecurity market is deluged with smaller companies because of venture capital. So expect to see more acquisitions occur during 2017.

http://www.huffingtonpost.com/entry/outlook-on-cybersecurity-stocks_us_589741c7e4b02bbb1816bb97

Hacker hijacks thousands of publicly exposed printers to warn owners

Following recent research that showed many printer models are vulnerable to attacks, a hacker decided to prove the point and forced thousands of publicly exposed printers to spew out rogue messages. The messages included ASCII art depicting robots and warned that the printers had been compromised and they were part of a botnet. The hacker, who uses the online alias Stackoverflowin, later said that the botnet claim was not true and that his efforts served only to raise awareness about the risks of leaving printers exposed to the internet.

http://www.csoonline.com/article/3166054/security/hacker-hijacks-thousands-of-publicly-exposed-printers-to-warn-owners.html

Particle accelerator hacked: Boffins’ hashed passwords beamed up

Hackers of as yet unknown origin hit systems hosting the web portal where researchers from ANSTO and third parties can request time to use the Victorian atom-smashing facility. We’re told miscreants stole brainiacs’ email addresses and scrambled passwords. The facility is used for a broad array of scientific and defense applications, from studying sub-atomic particles to biomedicine, pharmaceuticals, and manufacturing.

https://www.theregister.co.uk/2017/02/03/australian_synchrotron_hacked/?mt=1486396704900

The art of the troll: New tool reveals egg users’—and Trump’s—posting patterns

It’s not exactly something to be handed over blindly to the average tweeter. But in the right hands (and with a little patience due to Twitter API rate-limiting), it can help analyze accounts to identify networks of Twitter bots or trolls concealing their actual location and identity. In addition to examining the metadata associated with Twitter users and their tweets, X0rz added a “friends” analysis feature that skims information from the metadata of the accounts followed by the target account, including language, timezone and location data.

https://arstechnica.com/information-technology/2017/02/dont-tweet-new-tool-gives-insight-into-whos-behind-twitter-eggs-and-trolls/

Jamming WiFi by Jumping on the ACK

The jamming technique presented by [Mathy Vanhoef] at the end 2014 outlined both constant and selective jamming. The selective part involved listening for data packets and analyzing them to determine if they are headed to a MAC the attacker wishes to jam. The problem is that by the time your commodity hardware has decoded that address it’s too late to jam the packet. [Bastian] isn’t trying to jam the data frame, he’s jamming the ACK that the receiver sends back. Without that acknowledgement, the sender will not transmit any new data frames as it assumes there is a problem on the receiving end.

http://hackaday.com/2017/02/03/jamming-wifi-by-jumping-on-the-ack/

Experts debate effects of government cybersecurity executive order

Carson Sweet, CTO and cofounder of CloudPassage, said a 60-day time frame for the audits would not be feasible “if they want the audit to be accurate and practically useful.” […] John Chirhart, federal technical director for Tenable Network Security, said it might be possible to do an audit of government cybersecurity systems in the time allotted, but focusing solely on government agencies could overlook issues with government contractors like those that led to the stolen credentials used in the OPM breach.

http://searchsecurity.techtarget.com/news/450412357/Experts-debate-effects-of-government-cybersecurity-executive-order

In Israel, teaching kids cyber skills is a national mission

The training programs — something of a boot camp for cyber defense — are part of Israel’s quest to become a world leader in cybersecurity and cyber technology by placing its hopes in the country’s youth. To that end, Israel announced this week the establishment of a national center for cyber education, meant to increase the talent pool for military intelligence units and prepare children for eventual careers in defense agencies, the high-tech industry and academia.

http://www.beloitdailynews.com/article/20170204/AP/302049938

InterContinental Confirms Breach at 12 Hotels

In a statement issued late Friday, IHG said it found malicious software installed on point of sale servers at restaurants and bars of 12 IHG-managed properties between August and December 2016. The stolen data included information stored on the magnetic stripe on the backs of customer credit and debit cards — the cardholder name, card number, expiration date, and internal verification code.

https://krebsonsecurity.com/2017/02/intercontinental-confirms-breach-at-12-hotels/

Why You Should Use These 5 VPN Services

  • IPVanish
  • VyprVPN
  • ExpressVPN
  • NordVPN
  • HideMyAss

https://www.hackread.com/5-vpn-services-you-should-use/

//]]>