IT Security News Blast 10-10-2017

SiteLock: Website Attacks Surged 186% in Q2

Websites belonging to small- to midsized (SMB) businesses experienced an astonishing 63 attacks per day in the second quarter of this year, a study by SiteLock showed. That number, which extrapolates to some 23,000 attacks annually, represented an increase of 186% over the 22 attacks per day that websites averaged during the same period last year. Automated bots were responsible for more than 85% of these attacks.

https://www.darkreading.com/attacks-breaches/sitelock-website-attacks-surged-186–in-q2/d/d-id/1330079?

More Businesses Accidentally Exposing Cloud Services

Researchers determined 38% of organizations have experienced the potential compromise of an administrative user account in their public cloud computing environment. More than 80% of businesses are not managing host vulnerabilities in the cloud, and 37% of databases accept inbound connection requests from the Internet. Seven percent of those receive requests from suspicious IP addresses, a sign they have been compromised.

https://www.darkreading.com/cloud/more-businesses-accidentally-exposing-cloud-services-/d/d-id/1330072?

U.S. Banking Regulator Hit by 54 Breaches in 2015, 2016

The U.S. Federal Deposit Insurance Corporation (FDIC) in the last two years may have suffered as many as 54 data breaches involving personally identifiable information (PII), revealed a report from the FDIC Office of Inspector General (OIG). […] The report, made public last week, focuses on the FDIC’s processes for responding to data breaches, and it’s based on an audit conducted in response to concerns raised by the chairman of the Senate Committee on Banking, Housing, and Urban Affairs.

http://www.securityweek.com/us-banking-regulator-hit-54-breaches-2015-2016

SEC Cyber Police Force to Oversee FinTech, ICOs

In 1972, the SEC (the Securities and Exchange Commission) created its Enforcement Division to enforce federal securities laws. And now the SEC has to update its system to address cybercrime that has reached unprecedented proportions, especially to oversee Blockchain and protect retail investors. On Sept. 25th, 2017, the SEC issued a press release where it announced the launch of two new initiatives that, in complementing its ongoing law-enforcing efforts, will be dedicated to targeting DLT and ICO violations.

https://edgylabs.com/sec-cyber-task-force-to-oversee-fintech-icos/

City of London ‘cyber court’ to tackle online fraud in financial sector

Ministers say the court will enhance Britain’s reputation as a country where banking and finance is underpinned by the rule of law, and help the authorities tackle the growing menace of computer crime. The City of London Corporation will on Monday announce plans for the court to be based in the Square Mile.

http://www.telegraph.co.uk/news/2017/10/08/city-londoncyber-court-tackle-online-fraud-financial-sector/

Report: Malware-Wielding Hackers Hit Taiwanese Bank

Almost $60 million was stolen from Far Eastern International Bank in Taiwan last week, with funds being routed to accounts in Cambodia, Sri Lanka and the United States, Taiwanese state-owned news agency Central News Agency reports. The bank reportedly detected the suspicious transactions Tuesday and has been able to recover much of the stolen funds with the help of its banking counterparts in other countries, with only $500,000 remaining outstanding.

https://www.bankinfosecurity.com/report-malware-wielding-hackers-hit-taiwanese-bank-a-10368

Healthcare Cyber Security Market show exponential growth by 2023

On the basis of the solution type, the healthcare cyber security market has been segmented into risk and compliance management, identity and access management, security information and event management, and intrusion detection system (IDS)/intrusion prevention system (IPS), firewalls, antivirus, antimalware software, data encryption software, and others.

https://www.medgadget.com/2017/10/healthcare-cyber-security-market-show-exponential-growth-by-2023.html

New Bill to Tackle Medical Device Cybersecurity

U.S. Representatives Dave Trott (MI-11) and Susan Brooks (IN-05) introduced the Internet of Medical Things Resilience Partnership Act last week, with the aim to collect and centralize all existing, relevant cybersecurity standards, guidelines, frameworks, and best practices, identified the current high-priority gaps and problems, and pinpoints actionable solutions while providing a framework for IoMT (Internet of Medical Things) developers for which to reference.

https://www.healthcare-informatics.com/news-item/cybersecurity/new-bill-tackle-medical-device-cybersecurity

EHR Interoperability to Transform Healthcare in Decade Ahead

“Many of these use case concepts and technologies already are in play,” wrote authors. “Hospital executives should be planning how to integrate technology into newly built facilities and retrofit it into older ones. A well-crafted strategy can lay the foundation for future investments in care delivery, talent, data management, and cyber security.”

https://ehrintelligence.com/news/ehr-interoperability-to-transform-healthcare-in-decade-ahead

The 20-year climb to an elevated CyberCom

A no-notice military exercise in 1997, dubbed Eligible Receiver 97, dramatically demonstrated that government authorities had little ability to recognize — much less defend against — a coordinated network attack and that our nation’s critical infrastructure was vulnerable to cyber disruption. The exercise combined simulated denial of service attacks on the 911 systems in nine large U.S. cities and actual penetration and disruption of military networks to the very top of the national command system.

https://fcw.com/articles/2017/10/09/comment-cohen-cyber.aspx

White House believes Kelly’s personal phone possibly compromised at transition office

Although many of Trump’s high-profile meetings with lawmakers and potential Cabinet members before his inauguration occurred in New York at Trump Tower, much of his transition staff worked out of the office space about three blocks from the White House. Officials have tried to determine whether Kelly signed onto an insecure wireless network there or whether a hacker, foreign government or some other outside force could have accessed the phone there.

http://www.politico.com/story/2017/10/08/john-kelly-phone-security-hacked-243585

FormBook Malware Targets US Defense Contractors, Aerospace and Manufacturing Sectors

Attackers spreading new malware called FormBook are singling out aerospace firms, defense contractors and some manufacturing organizations in the United States and South Korea. […]         “One of the malware’s most interesting features is that it reads Windows’ ntdll.dll module from disk into memory, and calls its exported functions directly, rendering user-mode hooking and API monitoring mechanisms ineffective,” according to the FireEye report.

https://threatpost.com/formbook-malware-targets-us-defense-contractors-aerospace-and-manufacturing-sectors/128334/

Russian propaganda engaged U.S. vets, troops on Twitter and Facebook, study finds

“We’ve found an entire ecosystem of junk news about national security issues that is deliberately crafted for U.S. veterans and active military personnel,” said Philip Howard, a professor of internet studies who led the research. “It’s a complex blend of content with a Russian view of the world – wild rumors and conspiracies.” However, the study found that Russia’s communication inroads with the military community on Twitter “are not presently very deep,” and that it has had more success gaining influence through Twitter than Facebook.

http://www.mcclatchydc.com/news/nation-world/national/article177744986.html

The one change we need to surveillance law

Section 702 should be used in the way it was designed — to obtain information about foreign targets while preserving the privacy of Americans. It should not offer an easy route for federal law enforcement agents, specifically the FBI, to obtain evidence about Americans to which they would not be otherwise entitled. We urge Congress to end this practice. Such a step would reduce any incentives for government agents to misuse Section 702 without harming legitimate surveillance of foreign nationals operating overseas.

https://www.washingtonpost.com/opinions/the-one-change-we-need-to-surveillance-law/2017/10/09/53a40df0-a9ea-11e7-850e-2bdd1236be5d_story.html?utm_term=.ca7254658fc9

World’s largest child porn site was run by police for undercover op

In April 2016, ‘Childs Play’ surfaced on the dark web however in October 2016 Australian authorities took over the site after tracking down its owner Benjamin ‘WarHead’ Faulkner in the United States and ran the site until September this year. […] The police also allowed pedophiles to share content and even shared images themselves to make sure the users have no trust issue and so that eventually authorities could track and arrest them. Simply put, police used the site as bait.

https://www.hackread.com/worlds-largest-child-porn-site-was-run-by-police-for-undercover-op/

Smart Dust: What future of Surveillance Looks Like

Leaps and bounds have been made from human spies to today’s digital bugs, and as far as surveillance goes this is just the beginning. AeroVironment Inc, an Unmanned Aircraft Systems and Unmanned Aerial Vehicles manufacturer in the US has designed a drone that looks and manoeuvres like a hummingbird. The ‘Nano Hummingbird’, which weighs less than an AA battery, is also equipped with a camera for surveillance and reconnaissance.

http://www.news18.com/news/tech/rooter-ties-up-with-minerva-punjab-fc-as-official-fan-engagement-partner-1541039.html

How “anonymous” wifi data can still be a privacy risk

The thorny issue of tracking of location data without risking individual privacy is very neatly illustrated via a Freedom of Information (FOI) request asking London’s transport regulator to release the “anonymized” data-set it generated from a four week trial last year when it tracked metro users in the UK capital via wi-fi nodes and the MAC address of their smartphones as they traveled around its network. At the time TfL announced the pilot it said the data collected would be “automatically de-personalised”. Its press release further added that it would not be able to identify any individuals.

https://techcrunch.com/2017/10/07/how-anonymous-wifi-data-can-still-be-a-privacy-risk/

As Hacks Proliferate, New Cybersecurity Roundtable Promotes Women’s Leadership

Bess Hinson became a data privacy lawyer because she was concerned about the way in which people’s data is being disseminated. Now, she has started the Atlanta Women in Cybersecurity Roundtable to help women advance in the fast-growing field. […] Women make up only about 10 percent of the cybersecurity workforce, according to Cybersecurity Ventures and other trade groups. Hinson said this “disheartening” statistic was a major reason she started ATLWIC. The invitation-only group, whose members are women in charge of cybersecurity operations at their companies, will meet quarterly for lunch and discussion.

http://www.dailyreportonline.com/id=1202799772986/As-CyberAttacks-Proliferate-New-Roundtable-Promotes-Womens-Leadership-in-Cybersecurity?mcode=1202617074542&curindex=0&slreturn=20170909202734

Microsoft silently fixes security holes in Windows 10 – dumps Win 7, 8 out in the cold

Microsoft is silently patching security bugs in Windows 10, and not immediately rolling out the same updates to Windows 7 and 8, potentially leaving hundreds of millions of computers at risk of attack. Flaws and other programming blunders that are exploitable by hackers and malware are being quietly cleaned up and fixed in the big Windows 10 releases – such as the Anniversary Update and the Creator’s Update. But this vital repair work is only slowly, if at all, filtering back down to Windows 7 and Windows 8 in the form of monthly software updates.

https://www.theregister.co.uk/2017/10/06/researchers_say_windows_10_patches_punch_holes_in_older_versions/

Flawed BIOS Implementations Lead to Intel Boot Guard Bypass

Poor firmware implementation can lead to the bypass of advanced technologies created to protect Unified Extensible Firmware Interface (UEFI) BIOS, such as Intel Boot Guard, from illegal modifications, security researchers have discovered. […] The OEM sets the final configuration and writes it to one-time-programmable Intel chipset fuses during the manufacturing process, thus making it almost impossible for an attacker to modify the BIOS without knowing the private part of the OEM Root Key.

http://www.securityweek.com/flawed-bios-implementations-lead-intel-boot-guard-bypass

 

 ====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>