IT Security News Blast 1-24-2017

Smart cities must prepare for cyber war

Here are some examples of what hackers and attackers can do:

  • Take control of parking, traffic lights, signage, street lighting, and automated bus stops, etc. For example, changing highway signs to read “terrorist threat in area” or “danger, toxic spill ahead” could seriously disrupt traffic and cause panic among drivers.
  • Direct all cars and buses to a specific area to create congestion and gridlock.
  • Disable local transportation, thereby disrupting businesses and services, such as banking, because employees can’t get to work.
  • Open causeways to spill sewage and untreated waste water into parks, rivers, and communities.
  • Cut off access to drinking water.
  • Send fake SMS directing to people to a specific location, such as a targeted business or government agency
  • Remotely switching off air conditioners or furnaces during extreme temperature days
  • Randomly turning on fire and burglar alarms throughout the city

IBM Just Bought This Startup to Boost Cybersecurity

The business technology giant said Monday that it would buy a small cyber security startup Agile 3 Solutions for an undisclosed price. The San Francisco startup sells software that clues business executives on cyber security threats and risks to sensitive information, like merger and acquisition plans, sales strategies, and intellectual property data. IBM (ibm, +0.28%) said it would incorporate the startup’s technology into its own security products once the deal closes in a few weeks.

Magic WebEx URL Allows Arbitrary Remote Command Execution

The extension works on any URL that contains the magic pattern “cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html”, which can be extracted from the extensions manifest. Note that the pattern can occur in an iframe, so there is not necessarily any user-visible indication of what is happening, visiting any website would be enough.

Donald Trump just named a net neutrality foe to head the FCC

Pai has served as a Republican member of the five-member FCC since 2012. He’s known for his deregulatory views generally and his opposition to network neutrality in particular. In a December speech, he complained that there was too much “regulatory underbrush” at the FCC, and vowed to “fire up the weed whacker and remove those rules that are holding back investment, innovation, and job creation.”

Massive Twitter Botnet Dormant Since 2013

Compounding the issue is a larger botnet of more than a half-million bots that the researchers have uncovered since their initial research. That research, the two academics said, will be shared in a future paper. In the meantime, the Star Wars botnet dataset is available for study; the researchers said the data is tens of times larger than any public collection on Twitter bots.

Many Organizations Still Opt for “Good Enough” Cybersecurity

It’s 2017 and cybersecurity issues are a major international issue.  Despite this reality, many organizations continue to maintain the same “good enough” security attitude of the past.  These organizations have no one else to blame when they are inevitably breached but unfortunately, we the people must deal with the consequences of their irresponsible actions.  If this isn’t a reason for changes in public cybersecurity policies, nothing is.

Apple Patches Critical Kernel Vulnerabilities

The most critical of the bugs were a pair of kernel vulnerabilities, CVE-2017-2370 and CVE-2017-2360, which could allow a malicious application to execute code with the highest kernel privileges. The two bugs, a buffer overflow and use-after-free vulnerability, were reported by Google Project Zero’s Ian Beer and were patched in iOS 10.2.1 and macOS Sierra 10.12.3.

Federal contracting trends toward defense and efficiency in 2017

Building on his commitment to slashing budgets, Trump has asked his team to implement 10 percent cuts on discretionary spending. […] In addition, fields like technology spending will likely get more attention as risks of new cyber-attacks on outdated systems rise. Outright cuts of government spending are less likely than a shifting of funds toward defense and technology. However, some of Trump’s ambitious campaign spending promises may take the form of tax incentives for private investment, rather than direct federal spending.

Senate Armed Services Committee launches new subcommittee on cybersecurity

“Of particular concern to me is the Defense Department’s role in responding to an attack on our nation’s civilian critical infrastructure and in deterring bad actors from conducting such an attack in the first place.” Nelson said that in addition to ensuring proper policies, strategies and resources are in place to defend U.S. cyber infrastructure, the new subcommittee will hold the administration accountable if it fails to respond to a future attack.

Advancing the science of cybersecurity

Today, the National Science Foundation (NSF) announced $76 million in research grants through its Secure and Trustworthy Cyberspace (SaTC) program to study the scientific, engineering and socio-technical aspects of cybersecurity. The grants support 241 projects across 36 states and 129 institutions, and touch on all aspects of the field. These include hardware, software, network security, human incentives and behaviors, and the integration of computation with the physical world.

GRIZZLY STEPPE – Russian Malicious Cyber Activity

The Department of Homeland Security (DHS) has released a Joint Analysis Report (JAR) that details Russian malicious cyber activity, designated as GRIZZLY STEPPE. This activity by Russian civilian and military intelligence services (RIS) is part of an ongoing campaign of cyber-enabled operations directed at the U.S. Government and private sector entities. DHS recommends that network administrators review the Security Publication [Link] for more information and implement the recommendations provided.

Cyber attack locks Lloyds customers out of accounts: Online assault took down bank’s digital services for more than two days

A cyber attack on some of the UK’s largest banks left customers of Lloyds Banking Group unable to access their accounts. The online assault brought down digital services at Lloyds for more than two days a fortnight ago. The Financial Times reports the attack was carried out by an international criminal gang. It is understood that a number of high street lenders were targeted but only Lloyds customers had trouble accessing their accounts.

Virulent Android malware returns, gets >2 million downloads on Google Play

“Users must realize that they can no longer trust in installing only apps with a high reputation from official app stores as their sole defense,” the researchers wrote in an e-mail to Ars. “This malware employs several tactics to keep its activity hidden, meaning users might be unaware of its existence on their device.” goes down; dark web domain is up and running

You are not alone; the (TPB) domain is offline worldwide. The reason for this outage is unclear, but the good news is that you can still access the site on the dark web through Tor browser, thanks to ThePirateBay’s .onion link. Currently, visitors can see a CloudFlare warning message on TPB domain revealing that the site is offline but since the site uses CloudFlare’s Always Online™ technology they can continue to surf a snapshot of the site.

This Bug Could Allow Hackers to Delete Any Video On Facebook

In order to exploit this vulnerability, Melamed first created a public event on the Facebook page and uploaded a video on the Discussion part of the event. While uploading the video, the researcher tampered the POST request using Fiddler and then replace the Video ID value of his video with Video ID value of any other video on the social media platform. Although Facebook responded to this issue with a server error, i.e. “This content is no longer available,” but the new video was successfully got posted and displayed just fine.

China announces mass shutdown of VPNs that bypass Great Firewall

China’s announcement said the country’s Internet service market “has signs of disordered development that requires urgent regulation and governance” and that the crackdown is needed to “strengthen cyberspace information security management,” according to the Post. The government said its crackdown would begin immediately and run until March 31, 2018.

Trump nominee suggests IRS cybersecurity and staffing boosts

“And I’m also very concerned about the lack of first-rate technology at the IRS and the issue of making sure we protect the American public’s privacy when they give information to the IRS … and also customer service for the many hard-working Americans that are paying taxes.”