IT Security News Blast 3-21-2017

Cybersecurity – how integrators can protect clients against risks

Delivering secure systems provides opportunity to installers and consultants. Prague adds: “Advising clients on cybersecurity and ensuring the security of proposed systems provides considerable commercial potential. An in-depth knowledge of the field is required, so it is a separate industry with serious training requirements for technicians, policy writers and auditors.”

http://www.installation-international.com/cybersecurity-how-integrators-can-protect-clients-against-risks/

New Wave of Security Acquisitions Signals Start of Consolidation Trend

That’s certainly not to say that the security business is slowing down –  far from it. In fact, Morgan says that the security industry is entirely driven by cybercrime, which he estimates will jump from $3 trillion in 2015 to $6 trillion annually by 2021. Companies looking to serve the growing security market are adding machine learning and analytics capabilities, hands-on expertise from incident response firms, and – in the case of AWS – artificial intelligence capabilities to bolster their security offerings.

http://www.darkreading.com/threat-intelligence/new-wave-of-security-acquisitions-signals-start-of-consolidation-trend/d/d-id/1328431?

S&P warns institutions on cybersecurity

Although no cyberattack has caused a change in a U.S. public finance entity’s rating so far, “we do see these attacks as introducing additional credit risk,” said the report, adding that S&P frowns on institutions keeping data breaches — or attempts — under wraps. “We encourage full disclosure of any attack and will be asking about such events in our rating and surveillance meetings,” the report said. […] But due to the “increasing frequency of these events,” it issued its report to address questions from issuers and industry trade associations, Mr. Buswick added.

http://www.pionline.com/article/20170320/PRINT/303209989/sp-warns-institutions-on-cybersecurity

Latest hacking news heightens cybersecurity concerns

Fund administration is “pretty well known now with the shift over the last 15 years by private equity firms and hedge funds to outsource their back office,” said Chad Burhance, CEO of NewOak Credit Services, a New York fund administration firm targeting private credit. “People who know finance are aware of administrators. Plus, the countries where a lot of these hacks come from have sovereign wealth funds which use third-party administrators. So hackers know this market is there and what administrators have.”

http://www.pionline.com/article/20170320/PRINT/303209984/latest-hacking-news-heightens-cybersecurity-concerns

‘Runaway algorithms’ and the cyber risks facing the global financial system

He told the Australian Securities and Investments Commission’s (ASIC) annual conference in Sydney that financial regulators around the world needed to keep up with emerging technologies and share information to cope with new risks. “Cyber attacks are a growing threat to the financial ecosystem as more financial services are delivered over the internet,” he said.

http://www.abc.net.au/news/2017-03-20/a-cyber-attack-could-cause-the-next-global-financial-crisis/8370860

Cybersecurity industry hopes women will help fill 1.8 million jobs

“Interestingly enough, the corporations involved in Executive Women’s Forum and in engaging women tend to have a higher percentage of women than the norm,” Brocaglia said. “Women who are given opportunities and access to sponsorship and mentoring programs feel more satisfied with their career and job. I can make a leap of faith (and say) that if you feel more satisfied and valued, you tend to stay with a company.”

http://www.denverpost.com/2017/03/19/cybersecurity-industry-hopes-women-will-help-fill-1-million-jobs/

6 Security Measures Every Startup Should Take in 2017

Cyber criminals do not discriminate — every business, regardless of size and reputation, is a potential victim. In fact, small businesses and startups are seen as more appealing to them because they are more vulnerable and usually do not have the security mechanisms of bigger companies. […] Regardless of how small or inconspicuous you may think your business is, having cyber security measures in place  to protect your business’s data is a non-negotiable responsibility of every business owner and startup entrepreneur. Here are a few ways you can go about it.

https://www.entrepreneur.com/article/286840

Possibly the worst mass invasion of internet privacy ever

On Feb. 1, 2017, Hennepin County Judge Gary Larson granted a search warrant for  “any/all user or subscriber information” of anyone in Edina who searched for the “Douglas Junker” from Dec. 1, 2016, and Jan. 7, 2017. The request asks for “name(s), address(es), telephone number(s), dates of birth, Social Security numbers, email addresses, payment information, account information, IP addresses, and MAC addresses of the person(s) who requested/completed the search.”

http://www.networkworld.com/article/3182693/security/possibly-the-worst-mass-invasion-of-internet-privacy-ever.html

Five Creepy Things Your ISP Could Do if Congress Repeals the FCC’s Privacy Protections

Why are we so worried about Congress repealing the FCC’s privacy rules for ISPs? Because we’ve seen ISPs do some disturbing things in the past to invade their users’ privacy. Here are five examples of creepy practices that could make a resurgence if we don’t stop Congress now.

  • Selling your data to marketers
  • Hijacking your searches
  • Snooping through your traffic and inserting ads
  • Pre-installing software on your phone and recording every URL you visit
  • Injecting undetectable, undeletable tracking cookies in all of your HTTP traffic

https://www.eff.org/deeplinks/2017/03/five-creepy-things-your-isp-could-do-if-congress-repeals-fccs-privacy-protections

‘Sorry, I’ve forgotten my decryption password’ is contempt of court, pal – US appeal judges

The US Third Circuit Court of Appeals today upheld a lower court ruling of contempt against a chap who claimed he couldn’t remember the password to decrypt his computer’s hard drives. In so doing, the appeals court opted not to address a lower court’s rejection of the defendant’s argument that being forced to reveal his password violated his Fifth Amendment protection against self-incrimination. […] The defendant’s computer, two external hard drives, an iPhone 5S, and an iPhone 6 Plus had been seized as part of a child pornography investigation.

https://www.theregister.co.uk/2017/03/20/appeals_court_contempt_passwords/

A simple command allows the CIA to commandeer 318 models of Cisco switches

The flaw, found in at least 318 switches, allows remote attackers to execute code that runs with elevated privileges, Cisco warned in an advisory published Friday. The bug resides in the Cisco Cluster Management Protocol (CMP), which uses the telnet protocol to deliver signals and commands on internal networks. It stems from a failure to restrict telnet options to local communications and the incorrect processing of malformed CMP-only telnet options.

https://arstechnica.com/security/2017/03/a-simple-command-allows-the-cia-to-commandeer-318-models-of-cisco-switches/

The New Handbook For Cyberwar Is Being Written By Russia

If the world is currently entering a new era of cyberwarfare, Russian hackers are the pirates of those yet-uncharted seas. Nearly every week brings a new cyberattack, as Russia tests the vulnerabilities of countries around the world. From hacking into the emails of senior members of the Democratic Party to defacing the websites of Eastern European political candidates, Russia is being named as the perpetrator of the most audacious cyberattacks in recent years.

https://www.buzzfeed.com/sheerafrenkel/the-new-handbook-for-cyberwar-is-being-written-by-russia

The FBI Says It Can’t Find Hackers to Hire Because They All Smoke Pot

It’s no secret that the federal government is having a hard time hiring cybersecurity experts, largely because many hackers can find more lucrative deals that don’t involve working for the feds. But there’s another wrinkle: the FBI now says that its drug-testing policies are keeping experts off the payroll. According to the Wall Street Journal, FBI Director James Comey said that in order to pursue so-called cyber criminals, the government would pretty much have to let government hackers get stoned—because who’s going to quit the habit just to work for the FBI?

https://motherboard.vice.com/en_us/article/the-fbi-cant-find-hackers-that-dont-smoke-pot

Hackers Use $5 Speakers To Control Smartphone And Fitbit Using Sound Waves

A team by Kevin Fu at the University of Michigan has devised a way to agitate the spring-suspended capacitive MEMS accelerometer of a device to make it think the device is in motion. Using correctly curated sound waves emitting from a speaker, they can control any app on the smartphone or another device. During their experiments, they made a FitBit band count steps while it was sitting peacefully at one place. They were also able to make a Galaxy S5 spell out the word WALNUT in the graph readings.

https://hackernoon.com/hackers-use-5-speakers-to-control-smartphone-and-fitbit-using-sound-waves-739eeb91b6e2#.xszgrzdjc

WikiLeaks Won’t Disclose CIA Exploits To Companies Until Certain Demands Are Met

Multiple anonymous sources familiar with the matter told A document included in the email listed “a series of conditions” that the tech companies need to fulfill before gaining access to the actual technical details and code of the hacking tools the anti-secrecy organization has in its possession. Although the exact conditions are still unclear, one of the sources mentioned a 90-day disclosure deadline, which would require tech companies to issue a patch for the vulnerabilities within a three-month timeframe. It’s also not clear if any of the affected tech companies plan to comply with Wikileaks’ demands.

http://thehackernews.com/2017/03/wikileaks-cia-hacking-exploits.html 

Some HTTPS inspection tools might weaken security

HTTPS inspection checks the encrypted traffic coming from an HTTPS site to make sure it doesn’t contain threats or malware. It’s performed by intercepting a client’s connection to an HTTPS server, establishing the connection on the client’s behalf and then re-encrypting the traffic sent to the client with a different, locally generated certificate. […] The problem is that users’ browsers no longer get to validate the real server certificates because that task falls to the interception proxy. And as it turns out, security products are pretty bad at validating server certificates.

http://www.csoonline.com/article/3182704/security/some-https-inspection-tools-might-weaken-security.html

Comey: FBI is investigating Russia, Trump campaign

Comey noted that the FBI is not in the practice of confirming ongoing investigations, but in the “public interest” had decided to break protocol and confirm the probe. The committee is looking into Russian meddling and also allegations by Trump that former President Obama “wiretapped” Trump Tower and his campaign. Democrats and Republicans have roundly dismissed Trump’s claims about Obama, noting that there was no evidence to support them. Over the weekend Committee Chairman Devin Nunes, R-Calif., reiterated that stance.

https://www.scmagazine.com/comey-fbi-is-investigating-russia-trump-campaign/article/645150/

Russia will strike US elections again, FBI warns

Future U.S. elections may very well face more Russian attempts to interfere with the outcome, the FBI and the National Security Agency warned on Monday. “They’ll be back,” said FBI director James Comey. “They’ll be back in 2020. They may be back in 2018.” Comey made the comment during a congressional hearing on Russia’s suspected efforts to meddle with last year’s presidential election. Allegedly, cyberspies from the country hacked several high-profile Democratic groups and people, in an effort to tilt the outcome in President Donald Trump’s favor.

http://www.networkworld.com/article/3182881/security/russia-will-strike-us-elections-again-fbi-warns.html 

FBI, NSA top brass: We’ve seen jack squat to back up Trump’s claims of Obama wiretaps

Both men also shot down wild claims by a Fox News analyst – and later tweeted by Commander in Chief Trump – that then-President Barack Obama ordered that Trump and his associates be wiretapped, possibly by British agents at GCHQ. Director Comey was unequivocal on the matter. “With respect to his tweets: I have no information that supports those tweets, and we have looked carefully inside the FBI,” he said. “The Department of Justice has asked me to share with you that the answer is the same for the Department of Justice and all its components.”

https://www.theregister.co.uk/2017/03/20/fbi_nsa_trump_wiretap/

Russian bank Alfa Says it was Under DNS Botnet Attacks

An Alfa Bank spokesperson said: “The cyber attacks are an attempt by unknown parties to manufacture the illusion of contact between Alfa Bank’s DNS servers and ’Trump servers’’. […] “The cyber attacks are an attempt by unknown parties to manufacture the illusion of contact between Alfa Bank’s DNS servers and ‘Trump servers,” an Alfa Bank representative said in a statement. “We have gone to the U.S. Justice Department and offered our complete cooperation to get to the bottom of this sham and fraud.”

https://www.hackread.com/russia-alfa-bank-target-with-dns-botnet-attacks/

Hacker Reveals Easiest Way to Hijack Privileged Windows User Session Without Password

This trick works on almost all versions of Windows operating system and does not require any special privileges. Korznikov is himself unable to figure out if it is a Windows feature or a security flaw. The issue discovered by Korznikov is not entirely new, as a French security researcher, namely Benjamin Delpy, detailed a similar user session hijacking technique on his blog some six years ago.

http://thehackernews.com/2017/03/hack-windows-user-account.html