IT Security News Blast 01-31-2018

Defending our Nations Cyber

Millions of Fortune 500 email credentials found on the dark web
The VeriCloud report, which included data from a three-year period, that looked at 27 million Fortune 500 staffers and found about 2.7 million credentials among the eight billion stolen credentials found on the dark web. If that is not bad enough VeriCloud found that the stolen data was found in multiple locations thus increasing the possibility it is bought and used by malicious actors. The good news is the number represents a 7.5 percent decline from 2016.
https://www.scmagazine.com/millions-of-fortune-500-email-credentials-found-on-the-dark-web/article/740568/

Secret Service Warns of New Cyber Financial Threat
NBC News Cyber Security Analyst Shawn Henry said that “the types of ATMs being hit are typically these one-offs that you find in small convenience store …they can take out all the cash.” Machines that are older and run Windows XP are said to be among the easiest to hack because they are operated on a system that is no longer supported by Microsoft and no longer getting security patches.
https://www.nbcchicago.com/news/local/secret-service-warns-of-new-cyber-financial-threat-471704064.html

Defending our nation’s cyber services
Russian interference in the 2016 presidential election has drawn Homeland Security further into the spotlight. The revelation that Moscow targeted voter registration databases and other digital systems in 21 states has been a major sticking point of concurrent investigations into Moscow’s meddling, spurring legislation to provide federal grants to states to replace outdated voting technology. It also drove the Obama administration to label election infrastructure a “critical” system.
http://thehill.com/business-a-lobbying/lobbyist-profiles/371311-defending-our-nations-cyber-services

Hospitals warned: Imaging devices open to cyberattacks
In their paper “Know Your Enemy: Characteristics of Cyber-Attacks on Medical Imaging Devices,” the researchers show the relative ease of exploiting “unpatched” medical devices whose owners and operators don’t download ongoing security updates. The devices include computed tomography (CT) and magnetic resonance imaging (MRI) machines. Hackers can also block access to MIDs or disable them altogether as part of “ransom attacks.”
http://www.jpost.com/HEALTH-SCIENCE/Hospitals-warned-Imaging-devices-open-to-cyberattacks-540172

Avoiding the Epidemic of Hospital Hacks
On January 9, 2005, the Donttrip malware infection hit Northwest Hospital, a large medical facility in Seattle that served thousands of people. The malware clogged up the hospital’s network systems with surges of exploit network scanning. Medical operations ground to a halt as laboratory diagnostic systems couldn’t transfer data. […] That was over 12 years ago. Have things improved?
https://www.darkreading.com/partner-perspectives/f5/avoiding-the-epidemic-of-hospital-hacks/a/d-id/1330877?

‘Winter’ of cyber-threats is coming, experts warn
Cyber threats are growing and the good guys are losing the battle as they are still vastly unprepared. That is the message cyber security experts, both Israeli and international, laid out at a cyber technology conference in Tel Aviv, as they defined 2017 as the worst year yet for cyber-attacks globally, with 2018 shaping up to be perhaps even worse.
https://www.timesofisrael.com/winter-of-cyber-threats-is-coming-experts-warn/

Charlotte Housing Authority hit with W-2 tax breach
The housing authority said an email was sent to an employee purportedly from the CEO asking for all current and former W-2 records. The email was received and acted upon, but the fact that it was fraudulent was not discovered until January 19. The information compromised includes employee names, addresses, Social Security numbers and wage information.
https://www.scmagazine.com/charlotte-housing-authority-hit-with-w-2-tax-breach/article/740570/

War room to boardroom: The new era of cybersecurity
The resources, skill and complexity posed by hackers managed by Russian intelligence agencies, for instance, far surpass the motivations and abilities of typical cyber criminals. In this new era, U.S. companies must bolster their defenses and leverage advanced cyber tools designed to stop state-sponsored attacks. The mounting threat against American commerce — the bread and butter of America — must be addressed. It’s not business as usual anymore.
http://thehill.com/opinion/cybersecurity/371416-war-room-to-boardroom-the-new-era-of-cybersecurity

Army Merging Electronic Warfare, Cyber Ops
The service is planning to prioritize flexibility because as adversaries develop new technology they are not following the Pentagon’s acquisition process and locking in a program of record for the next two decades, he said. “Neither can we,” he added. The Army’s increased focus on integrating cyber, electronic warfare and intelligence operations comes at a time when other nations, such as Russia, are beefing up their own capabilities[.]
http://www.nationaldefensemagazine.org/articles/2018/1/30/army-merging-electronic-warfare-cyber-ops

What the US Military Can Teach Everyone Else About Cyber Security
Military agencies practice security but overwhelmingly rely on resilience. As the Defense Department Science Board reported in its 2013 Resilient Military Systems and the Advanced Cyber Threat, “There is no single silver bullet to solve the threat posed by cyber-attack or [cyber] warfare … The cyber risk elements cannot be reduced to zero. While the problem cannot be eliminated, resilience capabilities can and must be determinedly managed …”
http://www.defenseone.com/technology/2018/01/what-us-military-can-teach-everyone-else-about-cyber-security/145587/

The 2018 State of the Digital Union: The Seven Deadly Sins of Cyber Security We Must Face
This series of actions, with no firm reactions, have been accompanied by a reversal in the global discussion of cyber security policy. At the very same time that the United States has retreated from its leadership role in global discourse, most symbolically with the literal closing of the State Department’s Cyber Coordinator position, China and Russia reversed years’ worth of work at the United Nations on building respect for the laws of war in cyber, and took key steps to win influence on the overall future of the Internet itself.
https://warontherocks.com/2018/01/2018-state-digital-union-seven-deadly-sins-cyber-security-must-face/

Sweeping powers which let police hack into phones and check anyone’s internet history dubbed a ‘Snoopers’ Charter’ are ruled unlawful by Court
The law, dubbed a Snoopers’ Charter, was hugely controversial and gave British police some of the most far-reaching powers in Europe. Tom Watson, Labour’s deputy leader, mounted a legal case to challenge the law which he said is ‘fundamentally flawed’. And today the Court of Appeal, sitting in the High Court, ruled it is not lawful to access personal data where there was no suspicion of criminal activity or where there was no proper oversight.
http://www.dailymail.co.uk/news/article-5330209/Snoopers-Charter-surveillance-regime-ruled-unlawful.html

Edward Snowden at Tulane: “Whistleblowers are the last resort of democracy.”
Although Snowden is a deeply controversial global figure who has been labeled as both a traitor and a hero after releasing thousands of documents that revealed widespread surveillance on American citizens, he was greeted by cheers from the mostly-student audience and frequently interrupted by applause. […] “In secret, the government had begun violating the rights of every man, woman and child in the United States,” he said, noting that he had taken an “oath of service” — not, he clarified, “an oath of silence.”
https://www.bayoubrief.com/2018/01/30/edward-snowden-at-tulane-whistleblowers-are-the-last-resort-of-democracy/

Trump expected to tap Army cyber warfare chief to lead NSA
It’s unclear when the administration might formally announce the choice, but it’s believed the announcement could come in the next week or two, which means the Senate Armed Services Committee would hold a confirmation hearing in early March. The Senate Intelligence Committee may also hold a hearing, given the job’s heavy surveillance focus.
https://www.politico.com/story/2018/01/30/trump-nsa-cyber-warfare-379207

Cisco drops a mega-vulnerability alert for VPN devices [Updated]
The vulnerability, discovered by Cedric Halbronn of the NCC Group, makes it possible for an attacker to use multiple, specially formatted XML messages submitted to the WebVPN interface of a targeted device in an attempt to “double-free” memory on the system. Executing a command to free a specific memory address more than once can cause memory leakage that allows an attacker to write commands or other data into blocks of the system’s memory.
https://arstechnica.com/information-technology/2018/01/cisco-drops-a-mega-vulnerability-alert-for-vpn-devices/

Cyber security salaries will rise 7% in 2018, says research
“At this point, salaries for IT professionals are highly inflated, with employers having to compete to secure top talent. In this context, the increases for cyber security specialists are particularly noteworthy,” he added. The increasing investment in cyber security professionals across all industries has often been attributed to the growing number of high-profile cyber attacks over the past year, which have brought attention to the importance of being prepared for these occurrences.
http://www.computerweekly.com/news/252434064/Cyber-security-salaries-will-rise-7-in-2018-says-research

Attackers can Bypass Fingerprint Authentication in Lenovo devices
Lenovo has issued a security advisory notice, which reads: “A vulnerability has been identified in Lenovo Fingerprint Manager Pro. Sensitive data stored by Lenovo Fingerprint Manager Pro, including users’ Windows login credentials and fingerprint data, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in.”
https://www.hackread.com/attackers-can-bypass-fingerprint-authentication-in-lenovo-devices/

Feds shut down alleged $600 million cryptocurrency scam
Organizers claimed to have raised $600 million for the project—though we haven’t been able to find independent confirmation of this figure. The project was also endorsed by boxer Evander Holyfield earlier this month. The SEC says that the AriseBank ICO was legally a securities offering, and, as such, it should have been registered with the agency. Beyond that, the SEC says that the founders of AriseBank made at least two fraudulent claims as it sold its new cryptocurrency.
https://arstechnica.com/tech-policy/2018/01/feds-shut-down-alleged-600-million-cryptocurrency-scam/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.