IT Security News Blast 05-09-2018

Millennials and Cybersecurity

Time to ditch DIY security: How managed security service providers will make you stronger
In an era that is bringing in the power of collective defence, collective threat intelligence, collaboration, and a plethora of security services and products, it’s an era like nothing we’ve ever seen before. Organisations may not have the budget, the resources, and the skill sets to provide the best levels of cyber protection on their own – and it may not be the wisest idea to go the way of DIY security.
https://securitybrief.com.au/story/time-ditch-diy-security-how-managed-security-service-providers-will-make-you-stronger/

Cyber Attacks and Approaches to Protecting Health Data
The conventional approaches include using signature-based detection and isolated security devices. However, advanced intelligence not only detects cyber attacks but diagnoses the techniques used in breaching vulnerabilities. Furthermore, certain artificial intelligence-based algorithms can detect anomalies and instantly communicate detected malware and shrink the attack.
http://www.medicaltourismmag.com/cyber-attacks-approaches-protecting-health-data/

Financial sector cyber-related laws are a bellwether, says Deloitte
“We think financial services is the canary in the coalmine,” Bonner told delegates at the 2018 IISP Congress in London. “We see that whatever regulation starts in financial services ends up being copied in other industries,” he said. “So what we see starting to be developed in financial services around the management of cyber risk, we expect to see implemented in other industries.”
https://www.computerweekly.com/news/252440707/Financial-sector-cyber-related-laws-a-bellwether-says-Deloitte

Inside New York City Cyber Command — a government agency most people know nothing about that’s leading America’s biggest city into the future
Since de Blasio’s executive order in July 2017, the Command has been featured only sparingly in the press. […] But such a lack of awareness isn’t likely to last. During a press conference with de Blasio last month, Brown made his biggest public appearance yet to announce a new mobile phone app— conceived by the NYC3 team — that New Yorkers will be able to download starting this summer to help protect themselves online.
http://www.businessinsider.com/nyc-cyber-command-protecting-new-yorkers-2018-4

Colorado Passes Bill Advocating Blockchain For Gov’t Data Protection And Cyber Security
Senate Bill (SB) 18-086 requires the governor’s office of information technology (OIT), the department of state, and the department of regulatory agencies to consider using encryption techniques and blockchain tech in order to protect confidential state records from criminal, unauthorized, or inadvertent manipulation or theft. The bill outlines threats to government data that blockchain could potentially mitigate[.]
https://cointelegraph.com/news/colorado-passes-bill-advocating-blockchain-for-govt-data-protection-and-cyber-security

Deal issues 2018 veto statements
Under the proposed legislation, it would be a crime to intentionally access a computer or computer network with knowledge that such access is without authority.  However, certain components of the legislation have led to concerns regarding national security implications and other potential ramifications.  Consequently, while intending to protect against online breaches and hacks, SB 315 may inadvertently hinder the ability of government and private industries to do so.
https://gov.georgia.gov/press-releases/2018-05-08/deal-issues-2018-veto-statements

FBI: Cyber-Fraud Losses Rise to Reach $1.4B
Whaling, a.k.a. business email compromise, made up the bulk of the complaints for the department, with 15,690 individuals affected and accounting for adjusted losses of more than $675 million. In these cases, criminals masquerade as company executives to request a change in account information for wire transfers in order to siphon off money to their own accounts, or to request for personally identifiable information or W-2 form data for employees. In 2017, the real estate sector was in particular heavily targeted, IC3 said.
https://threatpost.com/fbi-cyber-fraud-losses-rise-to-reach-1-4b/131783/

The cyber battlefield isn’t all about Russia
Moscow hysteria aside, let’s examine Iran. Tehran has long been considered a cyber backwater — less advanced, and technologically and intellectually inferior to other adversaries such as China and Russia. This is a dangerous misconception. Iran’s cyber army is young, adroit and their attacks are complex, aggressive and strategic. Iran has poured billions of dollars into creating offensive cyber capabilities which could potentially paralyze America’s government and military operations.
http://thehill.com/opinion/cybersecurity/386666-the-cyber-battlefield-isnt-all-about-russia

Memes That Kill: The Future Of Information Warfare
And this threat is only intensifying as artificial intelligence tools become more widely available. Consider:
·       Political-bot armies or fake user “sock puppets” are targeting social news feeds to computationally spread propaganda.
·       Online, the line between truth and falsehood is looking fragile as AI researchers develop technologies that can make undetectable fake audio and video.
·       Within a year, it will be extremely easy to create high-quality digital deceptions whose authenticity cannot be easily verified.
Below, we detail the technologies, tactics, and implications of the next generation of war.
https://www.cbinsights.com/research/future-of-information-warfare/

Inside the new, state-of-the-art U.S. cyberwarfare bunker
Last week, NSA and U.S. Cyber Command leaders posed together and smiled for pictures during a ribbon-cutting ceremony to celebrate the completion of a new, state-of-the-art spy bunker named the “Integrated Cyber Center,” or ICC. Bland in name alone, the groundbreaking facility located inside Fort Meade in Maryland represents the latest step taken by the federal government to equip U.S. spies and a growing force of “cyberwarriors” with the physical infrastructure necessary to combat foreign threats online.
https://www.cyberscoop.com/nsa-integrated-cyber-center-paul-nakasone/

Researchers detect rise in attacks from Nigerian cyber criminals
According to a report released Tuesday by Palo Alto Networks, hackers working out of Nigeria initiated an average of 17,600 attacks per month over the past year — an increase over the 12,200 per month average detected in 2016. “As a group, these actors continue to exhibit noteworthy year-over-year technical growth as they adopt new tools and techniques,” the report from Palo Alto Networks says.
http://thehill.com/policy/cybersecurity/386591-researchers-detect-rise-in-attacks-from-nigerian-cyber-criminals

Russian hackers sent death threats to US army wives posing as ISIS: Report
The information is part of a case study called brazen flag that assesses the difficulties associated with assigning blame in an era where cybercriminals can easily carry out identity theft to mislead investigators. The same thing happened during the US presidential elections campaigning when the threat of radical Islam was used to spread chaos among votes and spread provocative messages.
https://www.hackread.com/russian-hackers-sent-death-threats-to-us-army-wives-posing-as-isis/

UK Manufacturing Is Top Target For Cyber Attackers – NTT Security 2018 Global Threat Intelligence Report
Manufacturing has become the most attacked industry sector in the UK, representing almost half (46 per cent) of all cyber attacks in 2017 – more than double that of attacks on manufacturing across EMEA. This is according to the 2018 Global Threat Intelligence Report (GTIR) from NTT Security, the specialised security company and centre of excellence in security for NTT Group. The majority of attacks on UK manufacturers came from China, representing 89 per cent of attacks on this sector.
https://www.informationsecuritybuzz.com/study-research/uk-manufacturing-is-top-target/

A Smart Doorbell Company Is Working With Cops to Report ‘Suspicious’ People and Activities
Ring seems to believe that it’s a force for good. “At Ring, we come to work every day with the mission of reducing crime in neighborhoods,” Ring founder Jamie Siminoff said in a press statement. But ill-conceived neighborhood-watch platforms can also be breeding grounds for racial profiling, giving people safe (and poorly moderated) spaces to discriminate. On the website for Nextdoor, an app that works similarly to Neighbors—which notoriously saw users profiling minorities, and also partnered with law enforcement—I’ve witnessed my own neighbors trying to evict someone for simply looking weird.
https://motherboard.vice.com/en_us/article/evkgpw/smart-doorbell-company-ring-is-working-with-cops-to-report-suspicious-people-and-activities

Who wants to go threat hunting?
A threat hunter is a proactive incident responder. An incident responder waits until they get notified of an incident to get involved. A threat hunter hunts for bad guys before you know there is an incident. They have some information about the bad guy, where they are likely to attack and how, and then go looking for them. Threat hunters are incident responders and forensic investigators actively looking for new threats before traditional intrusion detection methods can find them.
https://www.csoonline.com/article/3269779/cyber-attacks-espionage/who-wants-to-go-threat-hunting.html

Equifax breach exposed millions of driver’s licenses, phone numbers, emails
On May 7, executives of Equifax submitted a “statement for the record” to the Securities and Exchange Commission detailing the extent of the consumer data breach the company first reported on September 7, 2017. The data in the statement, which has also been shared with congressional committees investigating the breach, reveals to a fuller extent how much personal data was exposed in the breach. Millions of driver’s license numbers, phone numbers, and email addresses were also exposed in connection with names, dates of birth, and Social Security numbers—offering a gold mine of data for identity thieves and fraudsters.
https://arstechnica.com/information-technology/2018/05/equifax-breach-exposed-millions-of-drivers-licenses-phone-numbers-emails/

Sierra Wireless Patches Critical Vulns in Range of Wireless Routers
Sierra Wireless has patched two critical vulnerabilities for its range of wireless gateways that would leave the enterprise devices helpless to an array of remote threats, including the charms of the Reaper IoT botnet. The more critical of the two (with a 9.4 CVSSv3 Temp Score) is a privilege-escalation bug (CVE-2018-10251), which could allow a remote attacker with no authentication whatsoever to the device to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges.
https://threatpost.com/sierra-wireless-patches-critical-vulns-in-hundreds-of-thousands-of-wireless-routers/131804/

Half of Global Fortune 100 continue to download flawed Apache Struts used to breach Equifax
8,780 have downloaded vulnerable Apache Struts software in the wake of the Equifax breach. “Seven months should be enough time for organizations to install the necessary patches and it’s unfortunate that so many still choose to download the older vulnerable versions. There is really no excuse for this,” said Nick Bilogorskiy, cybersecurity strategist at Juniper Networks, who noted that CVE-2017-5683”was fixed in the Apache Struts versions 2.5.13 in September 2017,” the same month that the Equifax breach came to light.
https://www.scmagazine.com/half-of-global-fortune-100-continue-to-download-flawed-apache-struts-used-to-breach-equifax/article/764480/

Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links
Dubbed Safe Links, the feature has been included in Office 365 software as part of Microsoft’s Advanced Threat Protection (ATP) solution that works by replacing all URLs in an incoming email with Microsoft-owned secure URLs. […] However, researchers at cloud security company Avanan have revealed how attackers have been bypassing the Safe Links feature by using a technique called, “baseStriker attack.”
https://thehackernews.com/2018/05/microsoft-safelinks-phishing.html

Microsoft Patches Two Windows Zero-Day Vulnerabilities
The more serious of the zero-day vulnerabilities is CVE-2018-8174, a critical issue that allows attackers to remotely execute arbitrary code on all supported versions of Windows. The existence of the flaw was revealed last month by Chinese security firm Qihoo 360, which reported that a known advanced persistent threat (APT) actor had been exploiting the vulnerability via Internet Explorer and specially crafted Office documents.
https://www.securityweek.com/microsoft-patches-two-windows-zero-day-vulnerabilities

Only 9% of millennials are interested in a cybersecurity career
The lack of interest in cybersecurity does not stem from a lack of interest in tech, the report found: Of the 524 millennials and post-millennials surveyed, 48% had been part of a STEM program during their K-12 education. A majority of respondents said they are interested in computer-related careers, including video game development (33%), computer sciences/software development (21%), engineering (15%), scientific research (13%), and information technology (11%).
https://www.techrepublic.com/article/only-9-of-millennials-are-interested-in-a-cybersecurity-career/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2018 Critical Informatics, Inc. All rights reserved.