IT Security News Blast 01-23-2018

Penetration Testing

Penetration testing is a reference point, not a strategy
If penetration and other testing of your defenses is something you’re prioritizing this year, be aware: the information you will obtain is not revelatory, and simply addressing the specifics of whatever vulnerability was exploited will not appreciably change the outcome for the next penetration test (which may not be a test).

6 ways hackers will use machine learning to launch attacks
“We must recognize that although technologies such as machine learning, deep learning, and AI will be cornerstones of tomorrow’s cyber defenses, our adversaries are working just as furiously to implement and innovate around them[.]” “As is so often the case in cybersecurity, human intelligence amplified by technology will be the winning factor in the arms race between attackers and defenders.”

Cyber attacks push corporate fraud to all-time high
This year was the first where information theft overtook the stealing of physical assets and stock in the decade that Kroll has undertaken its survey. Just under 30 per cent of companies reported they had suffered information theft, loss or attack in 2017, making it the most common type of organisational loss.

Risk of Misunderstanding Cyber Security
Cyber risk can often be considered a non-traditional risk to an institution. However, in reality, cyber risk should be treated as any other risk to an institution. Cyber risks should be part of the enterprise risk management at a holistic enterprise-wide level just like credit, market, operational and liquidity risk.

Allscripts recovering from ransomware attack that has kept key tools offline
Allscripts, the billion-dollar electronic health record (EHR) company headquartered in Chicago, IL said they were still working to recover from a ransomware attack that left several applications offline after data centers in Raleigh and Charlotte, NC were infected on Thursday.

Survey: 42 Percent of Companies Have Experienced Ransomware Attacks
According to the report, the top driver of cyber-attacks is now cyber-crime. Attackers are motivated by financial gain and driven by the prosperity of cryptocurrencies. Meanwhile, attacks are becoming more targeted. A determined enemy will take the time to learn the target by investing in reconnaissance, social engineering and specific tools.

Why 2017’s cyberattacks are leading young women into cybersecurity
In the wake of 2017’s major cyberattacks, including WannaCry and Nyetya, businesses are encouraged to pursue a broader cybersecurity workforce while “interest is still hot,” according to Kaspersky Labs. Currently only 11% of the cybersecurity workforce is comprised of women, something the software vendor says could change in 2018.

The Marine Corps Wants to Make Cyber More Like Special Ops
In a series of conversations with Marines during visits to various deployed units in late December, he laid out a way forward for the Marine Corps that would ensure the service makes the most of these highly trained, specialized Marines and canvasses the population for all available talent.

Chinese Hacking Against Taiwan: A Blessing for the United States?
Infamous Taiwanese hacker-turned-entrepreneur Jeffery “Birdman” Chiu has suggested that “Taiwan is the island of APT.” In his view, an onslaught of attacks produces an abundance of malicious software (“malware”), attack signatures, and other tools, techniques and procedures (TTP) for Taiwanese threat intelligence researchers and cybersecurity firms to analyze.

Japan turns to NATO for improving cyber-defense
Cyber-security dialogue is part of Abe’s efforts to expand the scope of Japan’s collaboration with the Atlantic bloc. This is primarily centered on tackling North Korean nuclear and missile development, but the Japanese government is also looking to NATO for support against China’s military expansion in the China Seas and in the Indian Ocean.

European Parliament votes to restrict exports of surveillance equipment
MEPs in Strasbourg agreed on 17 January to extend EU export controls to include new restrictions on the export of surveillance equipment, including devices for intercepting mobile phones, hacking computers, circumventing passwords and identifying internet users.

A Spyware Company Audaciously Offers ‘Cyber Nukes’
Cyber strike capability is an ‘always online weapon’ that can be fired at any IP connected terminal with power to disable or destroy a target permanently,” a copy of the brochure reads, referring to Aglaya’s self-described “Cyber Strike” product. “This weapon is comparable to a Nuclear Strike that can destroy city wide Cyber infrastructure or render a county wide IP communications ineffective,” the brochure adds.

Sorry, FCC: Montana is enforcing net neutrality with new executive order
Montana will require Internet service providers to follow net neutrality principles in order to receive state government contracts. […] Montana’s attempt to enforce net neutrality rules could be challenged in court. But Bullock is attempting to sidestep the FCC’s preemption by making net neutrality a condition of state contracts rather than a law applying broadly to any Internet service.

A German hacker offers a rare look inside the secretive world of Julian Assange and WikiLeaks
Exactly how the Russians delivered the email trove to WikiLeaks is the subject of an ongoing examination by U.S. and European intelligence officials. As part of their effort to understand the group’s operations, these officials have taken an intense interest in Müller-Maguhn, who visits Assange monthly, U.S. officials said.

Stuxnet: the father of cyber-kinetic weapons
Stuxnet successfully targeted each of the three layers of a cyber-physical system. 1) It used the cyber layer to distribute the malware and identify its targets. 2) It used the control system layer (in this case, PLCs) to control physical processes. 3) Finally, it affected the physical layer, causing physical damage. Stuxnet thus was 1) a cyberattack 2) that created kinetic impacts 3) that resulted in physical destruction.

Security Glossary: Top 12 DDoS Attack Types You Need to Know
The following 12 different DDoS types are among the most common and potentially harmful. Knowing about them will come in handy when evaluating a DDoS mitigation service or otherwise shoring up your application defenses. And, understanding these threats can help your security team—and your CXOs—plan appropriate defense and mitigation strategies.

An App That Encrypts Your Photos From Camera to Cloud
Pixek plans to upload your camera roll, while still letting you keep your selfies and sensitive photo evidence secret. It does so by sending photos to its own servers, while end-to-end encrypting them with a key stored only on the user’s phone. That means it’s designed to ensure that no one other than that user can ever decrypt those pics, not even Pixek itself.

Malicious Chrome and Firefox extensions block removal to hijack browsers
Malicious Chrome and Firefox extensions that block their removal in order to hijack a user’s browser to drive clicks up on YouTube videos and hijack searchers are automatically infecting user devices. The extensions direct users away from pages that would allow the user to disable or delete them either by closing out pages with extensions/add-ons info, or sending users to a different page, such as an apps overview page, where extensions aren’t listed[.]

Intel: Our Spectre patch might break your computer so please don’t download it
“We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of current versions on specific platforms,” Intel executive vice president Neil Shenoy said in a statement, “as they may introduce higher than expected reboots and other unpredictable system behavior.”


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.