IT Security News Blast 02-08-2018

Business Wire DDoS Attack

US DoJ leads global arrests in bust of cyber crime ring
The DoJ announced charges against dozens more individuals, saying the gang caused losses of more than $530m to consumers and small businesses. Intended losses were much bigger, the DoJ said, running to more than $2.2bn. Online aliases of the gang members, based in Australia, the UK, France, Italy, Kosovo and Serbia as well as in the US, included “Guapo”, “Moneymafia” and “TonyMontana”.
https://www.ft.com/content/74e24066-0c34-11e8-8eb7-42f857ea9f09

The cyber attacks lurking on private equity’s doorstep
As attacks have moved from major institutions, such as JPMorgan, to central banks and regulatory bodies, it has become clear that cyber crime will inevitably touch every corner of the financial industry. Yet, a sizeable proportion within private equity continues to believe that — in spite of the evidence — they are too small to be on any hacker’s radar.
https://www.fnlondon.com/articles/the-cyber-attacks-lurking-on-private-equitys-doorstep-20180208

Business Wire under sustained DDoS attack, traffic slowed
A persistent distributed denial of service (DDoS) attack over the past week has prompted a slowdown on the Business Wire website, but seemingly hasn’t exposed client data, company Chief Operating Officer (COO) Richard DeLeo told customers in a Tuesday alert. […] He also noted that the attack hasn’t had any impact on the portal’s ability to disseminate content.
https://www.scmagazine.com/business-wire-under-sustained-ddos-attack-traffic-slowed/article/742578/

Regulate yourself, a top U.S. official tells crypto companies
Regulation is a fraught topic in the cryptocurrency world. Some purists feel the main virtue of cryptocurrencies is the ability to evade government regulation and the myriad rules that govern most financial markets. But others feel regulation is inevitable, and say it’s in the industry’s interest to be proactive and accept—or even promote—sensible regulation.
https://finance.yahoo.com/news/regulate-top-u-s-official-tells-crypto-companies-211659905.html

Bangladesh to Sue Philippines Bank Over $81-Million Cybertheft
The money was sent to Manila-based Rizal Commercial Banking Corp. (RCBC) and then disappeared into the Philippines’ casino industry. Bangladesh Finance Minister AMA Muhith on Wednesday confirmed Bangladesh’s plan to file a lawsuit. The Federal Reserve Bank of New York and SWIFT will be parties to the lawsuit, with the case being filed in New York in two to three months, Hassan said.
https://www.voanews.com/a/bangladesh-sue-manila-eighty-one-million-cyber-heist/4242776.html

No, You Don’t Have To Give Your Doctor Your Social Security Number
[No], you don’t legally have to provide it unless you are a Medicare or Medicaid recipient. Nor should you, experts say. In fact, not even the American Medical Association wants you to. “Healthcare providers and others ask for your SSN because it’s easier for them to track unique individuals that way,” said Mark Nunnikhoven, vice president of cloud research for TrendMicro, an information security company.
https://www.huffingtonpost.com/entry/doctor-social-security-number-medical_us_5a7222e7e4b05253b2753682

NHS computer problems could be to blame for ‘hundreds of deaths’, academics claim
Devices in hospitals – which are used for a range of applications from storing patient records and making appointments to systems embedded in devices like MRI scanners and dialysis machines – are “unnecessarily buggy” and “susceptible to cyber-attack”, according to Harold Thimbleby, professor emeritus of geometry at Gresham College in London and professor of computer science at Swansea University.
http://www.independent.co.uk/news/health/nhs-computer-problems-blame-hundreds-deaths-harold-thimbleby-martyn-thomas-gresham-college-a8197986.html

Overnight Cybersecurity: DOJ charges 36 in cyber crime takedown | Russian hackers reportedly targeting defense contractors | Equifax, Dem senator spar over data breach
Russian hackers targeted employees at major defense contractors working on sensitive U.S. military programs, The Associated Press reported on Wednesday. Hackers with cyber-espionage group Fancy Bear used phishing emails to target no less than 87 contractors working on military technology projects such as drones, missiles and fighter jets for the U.S. government, according to the AP.
http://thehill.com/policy/cybersecurity/overnights/372829-overnight-cybersecurity-justice-charges-36-in-massive-cyber

Russian hackers hunt hi-tech secrets, exploiting US weakness
Russian cyberspies pursuing the secrets of military drones and other sensitive U.S. defense technology tricked key contract workers into exposing their email to theft, an Associated Press investigation has found. What ultimately may have been stolen is uncertain, but the hackers clearly exploited a national vulnerability in cybersecurity: poorly protected email and barely any direct notification to victims.
https://www.cnbc.com/2018/02/07/russian-hackers-hunt-hi-tech-secrets-exploiting-us-weakness.html

Too Busy To Train? The Navy’s Cyber Dilemma
They’re already there. It’s Russian and Chinese hackers, not the Taliban or ISIS, who are probing Defense Department networks every day — what insiders call the Advanced Persistent Threat (APT). But just because you face an adversary every day, that doesn’t mean you’re trained for everything they could do the day they decide to go all-out. Think of submariners: They shadow Russian and Chinese subs all the time, but they aren’t doing torpedo runs. The same holds true in cyber/electronic warfare, where an enemy may save his most powerful software exploits or radio jamming for a major crisis.
https://breakingdefense.com/2018/02/too-busy-to-train-navys-cyber-dilemma/

Russians penetrated U.S. voter systems, says top U.S. official
“We were able to determine that the scanning and probing of voter registration databases was coming from the Russian government.” NBC News reported in Sept. 2016 that more than 20 states had been targeted by the Russians. There is no evidence that any of the registration rolls were altered in any fashion, according to U.S. officials.
https://www.nbcnews.com/politics/elections/russians-penetrated-u-s-voter-systems-says-top-u-s-n845721

The House That Spied on Me
“Our bed?” asked my husband, aghast. “What can it tell us?” “Our breathing rate, heart rate, how often we toss and turn, and then it will give us a sleep report each morning,” I explained. “Sounds creepy,” he said, as he plopped down on that bed, not bothered enough to relax instead on our non-internet-connected couch.
https://gizmodo.com/the-house-that-spied-on-me-1822429852

Justice Dept. charges 36 alleged scammers for $530 million cyber-fraud scheme
The indictment said the founder billed the forum as the “premier destination for carding, and to 18 direct traffic and potential purchasers to the automated vending sites of its members, which serve as online instruments that traffic in stolen means of identification, personally-identifying information, stolen financial and banking information, and other illicit goods.”
http://www.zdnet.com/article/justice-department-indictment-february-cybercrime-ring/

Russia denies launching cyber attacks against Winter Olympic Games
“We are aware that Western media are planning to throw in pseudo-investigations on the issue of the Russian trace in hacker attacks on information resources related to holding the Winter Olympic Games in South Korea. No evidence will be certainly produced to the world, as before,” the ministry said in a statement on Wednesday. […] Media reports said Wednesday that cyber security researchers had found indications that Russia-based hackers may be planning attacks against anti-doping and other Olympic organizations in retaliation for Russia’s exclusion from the Winter Olympic Games to be held in South Korea’s PyeongChang on Feb. 9-25.
http://www.xinhuanet.com/english/2018-02/08/c_136958695.htm

The Snooper’s Charter: Will the House Fall?
The UK Court of Appeals has deemed the Data Retention Investigatory Powers Act (DRIPA 2014), in addition to the Investigatory Powers Act (2016), as unlawful. Jubilant in the face of the recent court ruling, the human rights group Liberty has renewed calls for the Investigatory Powers Act to be further scrutinized. One particular concern that Liberty cited was the UK’s ‘indiscriminate’ ability to hack devices.
https://themarketmogul.com/uk-hacking-laws/

Cyber ring takedown one of largest, U.S. says
The Justice Department indicted 36 people in a cyber ring created by a Ukrainian national on identity theft trafficking charges. It was from the Infraud online forum that the ring, whose slogan is “In Fraud We Trust,” helped cybercriminals buy and sell Social Security numbers, passwords and other private information, and fleeced victims of more than $530 million.
https://www.scmagazine.com/cyber-ring-takedown-one-of-largest-us-says/article/742845/

Boffins crack smartphone location tracking – even if you’ve turned off the GPS
In their paper, out this week, they explain that PinMe works with “non-sensory/sensory data stored on the smartphone” (the first category includes timezone and network status; the second includes air pressure and heading), and when that’s combined with “publicly available auxiliary information” like elevation maps, it’s able to “estimate the user’s location when all location services, eg GPS, are turned off.”
https://www.theregister.co.uk/2018/02/07/boffins_crack_location_tracking_even_if_youve_turned_off_the_gps/

Intel releases new Spectre microcode update for Skylake; other chips remain in beta
The new microcode is being distributed to hardware companies so that they can include it in a new range of firmware updates. This latest update is only for mobile Skylake and mainstream desktop Skylake chips. It neither fixes the Broadwell or Haswell problems, nor does it apply to Kaby Lake, Skylake X, Skylake SP, or Coffee Lake processors. Intel says that beta testing of other microcodes for these processors is ongoing.
https://arstechnica.com/gadgets/2018/02/intel-releases-new-spectre-microcode-update-for-skylake-other-chips-remain-in-beta/

MacUpdate Hacked to Distribute Mac Cryptocurrency Miner
Cybercriminals apparently infiltrated the MacUpdate website to distribute the malware. They installed modified copies of the cryptomining apps OnyX, Firefox and Deeper and replaced the download links for each of these modified apps with links that led users to malicious domains. According to Thomas Reed from Malwarebytes, the fake domains show URLs that were already modified but looked legit and convincing to users.
https://www.hackread.com/macupdate-hacked-to-distribute-mac-cryptocurrency-miner/

Uber: We had “no justification” for covering up data breach
Uber’s top security official testified at Capitol Hill on Tuesday, saying that Uber had “no justification” for not coming clean sooner when it had been hit by a massive data breach in 2016. In written testimony, John Flynn, Uber’s chief information security officer, told a Senate committee that “it was wrong not to disclose the breach earlier.”
https://arstechnica.com/tech-policy/2018/02/uber-we-had-no-justification-for-covering-up-data-breach/

 

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.