IT Security News Blast 10-17-2017

Choosing a cybersecurity vendor after the Equifax and Yahoo breaches
Security and day-to-day information technology operations, such as network maintenance, should be treated as separate functions, and more often than not, they should be assigned to different vendors, Meyer says. […] [Our] experience is firms are specialized, and a firm that might be excellent at the IT function might not have the security focus,” Meyer says.

Financial Services Cybersecurity Systems and Services Market – Global Industry Analysis, Size, Share, Growth, Trends and Forecast 2017 – 2022
The global financial services cybersecurity systems and services market is prognosticated to be pampered by reportedly a large count of financial organizations taking to managed security services for solutions such as real-time monitoring and analytics and authentication.—global-industry-analysis-size-share-growth-trends-and-forecast-2017—2022-300537276.html

JP Morgan security chief warns that cyber defences ‘will fail’
Major financial institutions have been told to focus less on the prevention of cyber attacks and more on dealing with the inevitable breaches by a panel of security experts. […] “Shift investment from preventative to regular exercise for your teams,” he added. “Test them out; who will make decisions and when. Prepare for eventuality.”–will-fail-/

A Dragonfly in the Ointment: Cyber Attacks on the Energy Sector May Signal Dark Days Ahead
With mounting evidence of preparatory attacks against the energy sector, owners and operators of critical infrastructure cannot solely rely on governments to protect them — even though there is much that governments can and must do. Organizations within the energy sector must be more vigilant than ever if hacking groups like Dragonfly are to be kept out of both IT and industrial control systems.

SMEs more vulnerable than ever to cyber attacks, survey shows
Among the bad practices cited are using the same passwords for access to multiple accounts and servers; sharing passwords in highly insecure ways; and failing to use strong passwords, settling instead for 123456 or other very easily compromised passwords. Less than half – 43% – of SMEs surveyed have any sort of password policy in place.

Beazley publishes special US healthcare data breach insights report
In the first nine months of 2017, unintended disclosure accounted for 41% of data breach incidents reported to Beazley by healthcare organization clients and shows no signs of abating. The high level of unintended disclosure incidents remains more than double that of the second most frequent cause of loss, hack or malware (19%).

How Visibility Provides Stronger Healthcare Cloud Security
Solutions that take a more proactive approach to cloud security are becoming more popular in healthcare. Security net approaches, threat intelligence, and security information and event management (SIEM) help organizations gain much needed visibility into cloud environments. Both threat intelligence and SIEM give organizations visibility by producing massive amounts of data.

NHS ransomware: Microsoft says North Korea was behind WannaCry attack
Smith also said cyber-attacks conducted by nation-states have become more frequent and more severe. He added that governments around the world should do more to protect people from harm. “We need governments to come together as they did in Geneva in 1949 and adopt a new digital Geneva Convention that makes clear that these cyber-attacks against civilians, especially in times of peace, are off-limits and a violation of international law,” said Smith.

North Korea’s Most Powerful Weapon Is Its Cyber Apparatus
The use of skilled hackers to disrupt international relations is lost-cost and high-yield, especially since the country is already under heavy economic sanctions; many of the North Korea–linked attacks originate outside of the country, primarily from China and India, reducing the need for the North Korean government to build out its own internet infrastructure.

CyberWarrior Scholarships Debut for Returning Vets
The Engility CyberWarrior Scholarship program is open to military veterans honorably discharged from one of the five branches of the military by December 21, or those serving as active members in the National Guard or Reserves. The scholarships will include everything the recipients need to prepare to become certified for a career in cybersecurity, including training classes, textbooks and materials, and exam vouchers for the (ISC)2 certification of their choice.

Jensen: No such thing as personal info
I get this from internationally renowned cyber security expert Josh Marpet, who suggests we should all freeze our credit so no one opens up a bunch of credit cards in our names. You may have read about some of his exploits, such as using his skills to prove Recep Erdogan, the prime minister of Turkey, was taking bribes. He has revelations for those of us not immersed in issues like everyday surveillance of U.S. citizens.

Are banks ready for the Internet of Things revolution? Part 2: New legal issues created by the Internet of Things
1. Privacy issues become bigger
2. Data anonymization to better exploit data
3. Increased threat of cyberattack
4. Agreements with third parties need to be “adequately” managed

Supreme Court to decide if US has right to data on world’s servers
The Supreme Court on Monday agreed to decide whether law enforcement authorities, armed with a valid search warrant from a federal judge, can demand that the US tech sector hand over data that is stored on overseas servers. In this case, which is now one of the biggest privacy cases on the high court’s docket, the justices will review a lower court’s ruling that US warrants don’t apply to data housed on foreign servers, in this instance, a Microsoft server in Ireland.

Tests on smart home device security and privacy have produced ‘alarming’ results
Engineering faculty researchers laboratory-tested 20 appliances including cameras, light bulbs, power switches, health monitors, a smart TV and a talking doll over the last year. “Our tests were consistent and alarming. Every device we tested showed some form of vulnerability — many allowed potentially serious safety and security breaches,” the Inside Job: Security and Privacy Threats for IoT Devices report states.

Twitter deleted data potentially crucial to Russia probes
Twitter declined to comment on how much relevant data was deleted, whether any of it is potentially retrievable and other questions sent by POLITICO. Instead, spokespeople referred to the fine print of the company’s data retention and privacy policies, which say that, “Once an account has been deactivated, there is a very brief period in which we may be able to access account information, including Tweets.”

Justice Department Drops Request for Names of People Who ‘Liked’ Anti-Trump Facebook Page
Specifically, the warrants target the Facebook profiles of two activists and an anti-Trump Facebook page, and the data turned over could have included the names of an estimated 6,000 people who simply “liked” the page. However, DOJ lawyers said during the hearing that they would no longer seek the list of names, the ACLU said. A Justice Department spokesperson did not immediately respond to a request for comment.

FCC’s DDoS claims will be investigated by government
Senator Brian Schatz (D-Hawaii) and Rep. Frank Pallone (D-N.J.) requested the investigation in August, and the GAO recently confirmed that it accepted the Schatz/Pallone request. Among other things, Schatz and Pallone are looking for evidence that the attacks actually happened. The FCC has not “released any records or documentation that would allow for confirmation that an attack occurred,” they said in their letter to the GAO.

Encryption flaw leaves every Wi-Fi network in the world wide open
A so-called Krack attack targets the four-way handshake in the WPA2 protocol that is executed whenever a client tries to join a protected Wi-Fi network. It confirms that both client and access point (AP) have the right password credentials, and negotiates a new key to encrypt subsequent session traffic. Vanhoef said that by manipulating and replaying these cryptographic handshake messages, a hacker could trick a device into reinstalling an already-in-use key, giving the attacker visibility of any transmitted data.

Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible
A flawed Infineon Technology chipset used on PC motherboards to securely store passwords, certificates and encryption keys risks undermining the security of government and corporate computers protected by RSA encryption keys. In a nutshell, the bug makes it possible for an attacker to calculate a private key just by having a target’s public key.

New Android Ransomware Permanently Changes PIN, Demands Ransom
The ransomware is being distributed as a fake update of Adobe Flash while compromised websites are being used to spread it. When DoubleLocker is downloaded on your device, the fake Adobe Flash app requests for Google Play Services activation because it needs to exploit the phone’s accessibility services. This particular option is present for disable people so that they could easily use their phones.

Delayed delivery? Pizza Hut waits two weeks to disclose payment card data breach
On the positive side, Pizza Hut spotted the anomalous activity in short order and limited the damage to a 28-hour period. […] On the other hand, the chain has also drawn criticism for taking approximately two weeks to actually disclose the incident. Even if investigators were using this period to gather more information about the incident, customers could have been further victimized during this time.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.