IT Security News Blast 02-01-2018

Israeli Spotting Drone Surveillance

DHS Invests in Securing Finance Infrastructure
The Next Generation Cyber Infrastructure Apex was established last March by the Cyber Security Division of the department’s Science and Technology (S&T) Directorate. The program seeks to identify mostly mature technologies in five key areas identified by finance sector experts. Those areas are dynamic defense, network characterization, malware detection, software assurance and insider threat.
https://www.afcea.org/content/dhs-invests-securing-finance-infrastructure

UK Financial Firms Admit to “Shocking” Cybersecurity Practices
There also appears to be a sense of frustration in the direction those responsible for defending against security threats received, alongside a lack of understanding from leadership teams of the potential for breaches. Over half (53%) of the respondents said that they don’t believe their leadership team understands the complexity of today’s threats.
https://www.infosecurity-magazine.com/news/financial-firms-admit-to-shocking/

Cybersecurity Command Center offers real-world security info
Increased awareness is essential, cybersecurity experts say, as hackers have started targeting smaller healthcare organizations, which typically are not as well defended as large healthcare organizations or payers. Thus, hackers have moved away from large targets, such as Anthem (which suffered a data breach in 2015) and moved on to smaller hospitals, group practices or business associates.
https://www.healthdatamanagement.com/news/cybersecurity-pros-say-hackers-now-are-targeting-even-small-providers-for-ransomware-attacks

Cyber Security Looming Larger for Med Practices
Smaller practices also are ideal targets because they might consider themselves below hackers’ radar, and often they don’t have the infrastructure to support a large IT staff. “Physicians don’t go into medicine to become information technology security professionals, so on one hand, it’s a matter of lacking security resources of all types. But mostly it’s a lack of awareness that they are vulnerable, too,” Mr. Piechowski said.
http://www.clinicaloncology.com/Current-Practice/Article/01-18/Cyber-Security-Looming-Larger-for-Med-Practices/46831

How Healthcare Organizations Can Reduce Cyber Extortion Risk
“Implementing and testing robust contingency and disaster recovery plans to ensure the organization is capable and ready to recover from a cyber-attack,” will help organizations reduce their changes of being a cyber extortion victim. Additionally, robust audit logs should be implemented. Healthcare organizations need to regularly review their audit logs for any suspicious activity.
https://healthitsecurity.com/news/how-healthcare-organizations-can-reduce-cyber-extortion-risk

Will Robots Fight the Next War? U.S. and Russia Bring Artificial Intelligence to the Battlefield
“Now, more than 30 years after the end of the Cold War, the U.S. and Russia have decommissioned tens of thousands of nuclear weapons. However, tensions are growing. Any modern-day cold war would include cyberattacks and nuclear powers’ involvement in allies’ conflicts,” wrote Straub, who was also associate director of the university’s Institute for Cyber Security Education and Research, in his article.
http://www.newsweek.com/will-robots-fight-next-war-us-russia-bring-artificial-intelligence-battlefield-795555

DoD’s Network Defense Headquarters Achieves Full Operational Capability
“The JFHQ-DoDIN team has worked hard since inception in 2014 to reach this milestone,” said Army Lt. Gen. Alan R. Lynn, commander of the joint force headquarters, who also serves as director of the Defense Information Systems Agency. “A highlight for me was to see the organization take the reins of actively defending the DoDIN in real-world threat and attack conditions.”
https://www.defense.gov/News/Article/Article/1429130/dods-network-defense-headquarters-achieves-full-operational-capability/

Pompeo: ‘I have every expectation’ Russia will meddle in 2018 midterms
“I have every expectation that they will continue to try and do that,” Pompeo said when asked during an interview with the BBC on Monday whether he anticipates a Russian influence campaign later this year. He added: “But I am confident that America will be able to have a free and fair election — that we’ll push back in a way that is sufficiently robust that the impact they have on our election won’t be great.”
https://www.politico.com/story/2018/01/30/russia-2018-election-meddling-376826

Israeli researchers find way to spot drone video surveillance
A new study at Ben Gurion University (BGU) of the Negev unveils a technique for detecting the photographing of a target by drones from an encrypted video stream. “While it has been possible to detect a drone, now someone can also tell if it is recording a video of your location or something else,” a researcher at the BGU Cyber Security Research Center said.
http://www.securityinfowatch.com/news/12394862/israeli-researchers-find-way-to-spot-drone-video-surveillance

Critical Oracle Micros POS Flaw Affects Over 300,000 Payment Systems
If exploited, the vulnerability (CVE-2018-2636) could allow attackers to read sensitive data and receive information about various services from vulnerable MICROS workstations without any authentication. Using directory traversal flaw, an unauthorized insider with access to the vulnerable application could read sensitive files from the MICROS workstation, including service logs and configuration files.
https://thehackernews.com/2018/01/oracle-micros-pos.html

Autosploit marries Shodan, Metasploit, puts IoT devices at risk
Using the Shodan.io API, the program automatically collects targets and lets users enter platform-specific search queries, for instance, Apache. Based on the search criteria it retrieves a list of candidates. The tool then runs a set of Metasploit modules – selected by programmatically comparing module names to the search query – against the potential targets in an effort to exploit them.
https://www.scmagazine.com/autosploit-marries-shodan-metasploit-puts-iot-devices-at-risk/article/740912/

Cisco Patches Critical VPN Vulnerability
Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on affected devices.
https://threatpost.com/cisco-patches-critical-vpn-vulnerability/129694/

Hacking Team Is Still Alive Thanks to a Mysterious Investor From Saudi Arabia
Motherboard has learned that this apparent recovery is in part thanks to the new investor, who appears to be from Saudi Arabia—and whose lawyer’s name matches that of a prominent Saudi attorney who regularly works for the Saudi Arabian government and facilitates deals between the government and international companies. Hacking Team sells hacking and surveillance technologies exclusively to government authorities. And it became infamous for selling its wares to authoritarian regimes such as Ethiopia, Sudan, Kazakhstan, and Bahrain, among others.
https://motherboard.vice.com/en_us/article/8xvzyp/hacking-team-investor-saudi-arabia

Lizard Squad is alive and continuing activities as BigBotPein: Report
Lizard Squad is known for some very disturbing and far-reaching DDoS attacks in the history of digital crimes. This group is responsible for successful disruption of networks of Sony PlayStation, Xbox Live, and Blizzard’s Warcraft. Over the years, various individuals have been alleged to have utilized the LizardStresser DDoS service offered by Lizard Squad, and have ended up getting arrested.
https://www.hackread.com/lizard-squad-is-alive-continuing-activities-as-bigbotpein/

Lazarus Group, Fancy Bear Most Active Threat Groups in 2017
Alperovitch warns businesses to worry about the danger North Korean threat groups pose to their brands and networks. “These adversaries have demonstrated a degree of unpredictability about what they may try to do next,” he says. “It is important for organizations to continually hunt their systems for potential intrusions and swiftly remediate before any damage is done.”
https://www.darkreading.com/vulnerabilities—threats/lazarus-group-fancy-bear-most-active-threat-groups-in-2017/d/d-id/1330954

Most Threatening DNS Security Risks And How To Avoid Them
Here are 4 threats to your DNS security:
·       DDoS Attacks
·       Typosquatting
·       Registrar Hijacking
·       Cache Poisoning
https://www.hackread.com/most-threatening-dns-security-risks-how-to-avoid-them/

Biggest Security Breach In Australian History: Top Secret Files Found In Old Cabinet
ABC published a controversial report earlier on Wednesday, detailing how they obtained hundreds of top-secret and highly classified documents in what they dubbed as an “extraordinary breach of national security.” According to a lengthy report from Australia’s largest broadcasting network, the thousands of pages of documents had been left in two filing cabinets, which the government sold off at a second-hand shop in Canberra.
http://www.valuewalk.com/2018/01/secret-cabinet-files-breach-australia/

 

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.