IT Security News Blast 10-12-2017

How Today’s Cyber Risks Affect Corporate Resilience And Revenue
Security and business continuity must go hand-in-hand in order to achieve the necessary resilience to match the risk profile of the company. Over-reliance on technology alone to solve resilience issues is doomed to fail. It takes a balanced approach utilizing People, Process and Technology to achieve security while improving operational abilities.

Hackers target thousands of SuperValu customers’ details
Gardaí are now liaising with Interpol and Europol over the attack on the Musgrave Group, of which SuperValu is a part. The attack involved networks in several countries, but is believed to have originated outside Belgrade, in Serbia. Hackers attempted to access the financial details of tens of thousands of customers and suppliers stored in the Irish retail giant’s data banks.

Growing cyber woes need government fix
Bruce Schneier held up his smartphone in a room full of cybersecurity experts, declaring it “the best surveillance tool ever invented” that is helping usher in an era of “surveillance capitalism.” With other tools that people use being connected into what is called the “Internet of things,” Schneier warned it means risks from cybercrime also are growing and more government regulation must follow. The choice for the industry: Either be at the table or on the menu.

Inside the Molina Healthcare Data Breach: Cause & Solutions
The security flaw was simple – which angered many cyber security professionals in the field – it allowed Molina patient data to be accessed by simply changing a single number in the URL. […] “It’s unconscionable that such a basic, Security 101 flaw could still exist at a major healthcare provider today,” said Krebs. “However, the more I write about these lame but otherwise very serious vulnerabilities at healthcare firms the more I hear about how common they are from individual readers.”

Medical Records and Sensitive Data of 150,000 US Patients Exposed
IT security researchers at Kromtech Security discovered an unprotected Amazon Web Services (AWS) bucket available for public access.  […] According to Kromtech Security blog post, the 47.5 GB data contained patients names, phone numbers, addresses, 316,363 PDF medical records in the form of weekly blood test results and test results. Furthermore, the data contained a backup folder for the firm’s development server and personal details like name of doctors, client data and case management notes.

Is a cyber equivalent of ‘D-Day’ inevitable in the medical industry?
Chief among his concerns is that a failure to do so is now a — potentially life and death — patient safety issue. Chaput cited the opportunity for a cyber-terrorist to hack into a medical file to change blood types, which would be deadly in a transfusion situation. Or using entry into a hospital HVAC system to shut down cooling to compromise imaging suites or blood storage chillers.

North Korean Hack of U.S. War Plans Shows Off Cyber Skills
The episode shows North Korea’s progress in infiltrating computer systems around the world three years after its hackers allegedly pilfered documents from Sony Corp. in retaliation for the film, “The Interview.” If Kim’s cyber warriors have indeed stolen the top-secret intelligence, it raises alarms about the security of U.S.-South Korea information and the effectiveness of potential military options.

North Korean hackers allegedly probing US utilities for weaknesses
“This activity was early-stage reconnaissance, and not necessarily indicative of an imminent, disruptive cyber attack that might take months to prepare if it went undetected.” FireEye has previously detected suspected Nork hackers probing the systems of South Korean utilities. The firm adds that DPRK hackers are yet to display ability to interfere with industrial control systems much less cause power outages. All this probing is nonetheless a cause for concern.

Defence contractor’s cyber security breached
‘The compromise was extensive and extreme,’ Mr Clarke told the Australian Information Security Association national conference in audio obtained by a freelance journalist called Stilgherrian. ‘It included information on the (F-35) Joint Strike Fighter, C130 (Hercules aircraft), the P-8 Poseidon (surveillance aircraft), joint direct attack munition (JDAM smart bomb kits) and a few naval vessels.’

Kaspersky antivirus software was reportedly used as a Google-like search tool for Russian hackers targeting the US
Israeli intelligence agents discovered the exploit after they broke into Kaspersky’s systems in 2014, and later tipped off US intelligence agencies on the matter. The Israeli agents reportedly stole passwords, took screenshots, and collected emails and documents, ostensibly to learn about Russian cyberespionage activities, and in doing so, found that Russian-sponsored hackers were using the Kaspersky software to scan for classified US information that could be relayed back to intelligence agencies in Russia.

What our cyberwall knows
The Department of Homeland Security has even set up a data-swapping mechanism that gives hundreds of private companies access to the government’s digital findings. But corporations are frustrated that it’s not working well enough. The infrastructure is still developing; the massive haystack of data doesn’t yield needles easily, or quickly — a crucial problem in a fast-changing threat environment. And a secrecy-minded Washington bureaucracy is hesitant to share important clues.

Judge says US govt has ‘no right to rummage’ through anti-Trump protest website logs
A Washington DC judge has told the US Department of Justice (DoJ) it “does not have the right to rummage” through the files of an anti-Trump protest website – and has ordered the dot-org site’s hosting company to protect the identities of its users. Chief Judge Robert E. Morin issued the revised order [PDF] Tuesday following a high-profile back and forth between the site’s hosting biz DreamHost and prosecutors over what details Uncle Sam was entitled to with respect to the website.

How to Secure Your Data Connections & Browse the Web Safely
The biggest security weakness in your smartphone is its data connection — sadly, any device with always-on internet access will inherently carry risk. Although there are no foolproof methods, by using the following suggestions, you can better protect yourself from Russian hackers, big data, or even a nosey spouse.

FBI uses PureVPN’s ‘non-existent’ logs to track down internet stalker
What will be of concern to anyone who believed that PureVPN offered complete anonymity is the FBI statement that: Further, records from PureVPN show that the same email accounts — Lin’s Gmail account and the teleprtfx Gmail account — were accessed from the same WANSecurity IP address. While it’s fair to say that this is an interesting case, what’s most interesting is the revelation that PureVPN’s claim of “no logs” is not, strictly speaking, true.

Who’s afraid of… e-Privacy?
Unsurprisingly, companies whose business models rely on tracking individuals online have been busy lobbying against the new regulation. The companies see the proposal as an attempt to undermine their capacity to collect information, and monitor online behaviour. Some companies argue that the new proposal would impact on the users’ expectation (and perception) of free services on the internet.

T-Mobile customer data plundered thanks to bad API
A bug disclosed and patched last week by T-Mobile in a Web application interface allowed anyone to query account information by simply providing a phone number. That includes customer e-mail addresses, device identification data, and even the answers to account security questions. The bug […] was apparently also exploited by others, giving them access to information that could be used to hijack customers’ accounts and move them to new phones.

Microsoft Patches Office Bug Actively Being Exploited
The vulnerability (CVE-2017-11826) could allow remote code execution if a user opens a specially crafted Office file. It was one of 62 vulnerabilities patched by Microsoft as part of its monthly Patch Tuesday updates released today. Of those, 23 of  the vulnerabilities are rated critical, 34 rated as important and 33 can result in remote code execution.

Policing in the future involves citizen detectives and a Pokémon Go-like app
A loose translation of what Akerboom described is that citizens would photograph license plates to find out if the car is stolen via the Pokémon-inspired app Automon. If it is, then the citizen-turned-detective scores points. And if a vehicle is reported stolen,  citizens in that neighborhood might also be tasked to search for that specific license plate. The more you find, the higher your score.



Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.