IT Security News Blast 10-24-2017

Bank of America Expands Its Use of Biometrics With Intel Hardware-Based Security Technologies
Bank of America announced today it would begin implementing Intel®Online Connect technology into its online banking platform, giving customers added security when they bank online. The two companies will jointly preview the technology at this week’s Money20/20 conference in Las Vegas. Bank of America plans to incorporate the security feature into its online banking authentication process in 2018, and will be the first financial services company to offer the technology to customers.
http://newsroom.bankofamerica.com/press-releases/consumer-banking/bank-america-expands-its-use-biometrics-intel-hardware-based-securit

 

Crime keeps pace with rise in cryptocurrency prices
Demands for at least $25m are likely to increase because technological changes in virtual currencies are making it easier for criminals to move sums anonymously, says MWR InfoSecurity. […] The surge in demand is slowly building the depth and liquidity of the market, with prices rising for bitcoin and Ripple and Ethereum, its emerging competitors, the company argues.
https://www.ft.com/content/02ddd268-b708-11e7-8c12-5661783e5589

 

Tech Firms Seek Washington’s Prized Asset: Top-Secret Clearances
Major players in technology are bolstering their workforces with former government employees holding top-secret and higher clearances needed to share classified information, as congressional probes and a federal investigation led by Special Counsel Robert Mueller continue to unearth information about Russia’s meddling in last year’s election. […] In doing so, companies such as Facebook Inc. are competing with defense contractors, financial firms and the U.S. government itself.
https://finance.yahoo.com/news/tech-firms-seek-washington-prized-080001578.html

 

Healthcare Cyber: House Inquiry Targets Medical Software
The committee also hinted that it was undertaking a broader inquiry into the cybersecurity practices in the healthcare industry. […] Representative Greg Walden (R-Oregon), chairman of the Energy and Commerce Committee, told Nuance CEO Paul Ricci, in a letter dated October 19, 2017, that his committee wanted to “better understand the circumstances surrounding Nuance’s initial infection by NotPetya, as well as what steps it has taken in order to recover and resume full capabilities.”
https://www.lexology.com/library/detail.aspx?g=6a78c1d6-3db6-4c3d-ad59-c96f178675e3

 

Cyberterrorists targeting healthcare systems, critical infrastructure
Critically, cyberterrorist attacks are not the same as hacking or compromising consumer data, as what happened in the recent Equifax data breach. They instead aim to cause global panic or mass loss of life by hacking into critical infrastructure like power networks, trading platforms and healthcare systems. […] But Mr Dembosky said while terror organisations like Islamic State are unlikely to abandon attacks on civilians by traditional means, they will inevitably expand their arsenal into cyberspace.
http://www.abc.net.au/news/2017-10-23/forget-explosives,-terrorists-are-coming-after-cyber-systems/9076786

 

Feds warn of DDoS attack vulnerability for connected medical devices
“Deficient security capabilities, difficulties in patching vulnerabilities and a lack of consumer security awareness provide cyber actors with opportunities to exploit these devices,” the alert said. The concern is the these poorly secured or completely unsecured devices will give hackers easy access to private networks — and in turn gain access to other devices or data that lives on the network.
http://www.healthcareitnews.com/news/feds-warn-ddos-attack-vulnerability-connected-medical-devices

 

IRS: Tax refund fraudsters already had much of that Equifax stolen data
[IRS] Commissioner John Koskinen said Tuesday that he’s doubtful that the Equifax breach will make a noticeable difference in tax-related ID scams. That’s because a significant amount of that data was stolen through earlier breaches in recent years at major employers, cyber attacks on the healthcare sector and even hacking incidents involving the federal government’s computer systems, including records of the Office of Personnel Management. Koskinen estimated personal information for more than 100 million tax filers was already stolen by hackers.
https://www.usatoday.com/story/money/columnist/tompor/2017/10/23/irs-tax-refund-fraudsters-already-had-much-equifax-stolen-data/790732001/

 

Managed Security Services Market to 2025 – Global Analysis and Forecasts
The managed security services landscape is growing and evolving with innovative services to efficiently and proficiently secure the IT infrastructure of organization. Due to lack of skilled workforce, many organizations are not capable enough to fully protect their IT infrastructure. […] The global managed security services market is estimated to grow at a CAGR of 14.7% during the forecast period 2017 – 2025 and accounts for US$ 18,030.9 Mn in the year 2025. Increasing cyber threats across industries, digital transformation across industries, and increase in adoption of BYOD are fueling the growth of managed security services market.
http://markets.businessinsider.com/news/stocks/Managed-Security-Services-Market-to-2025-Global-Analysis-and-Forecasts-1005355286

 

Russian Cyberoffense Proves Challenging for U.S., Allies
“Yes, these are attempts to collect intelligence, intimidate NATO allies and rattle foreign troops,” said Jorge Benitez, an expert on European security with the Washington-based Atlantic Council. “The Russians are pushing the envelope through this cyber- and hybrid-warfare campaign to see how much they obtain from it, not just in terms of information and military friction, but most of all increasing political divisions and vulnerabilities for the West.”
http://www.govtech.com/security/Russian-Cyberoffense-Proves-Challenging-for-US-Allies.html

 

Researchers have found an unexpected axis of North Korea’s cyber activity: India
Researchers came to this conclusion by observing the patterns between April and July 2017 of North Korea’s use of the global internet (as opposed to its domestic, state-run internet), which is accessible only to the country’s ultra-elite. […] However, analyzing the same data revealed that one-fifth of the activity emanating from three North Korean IP address ranges was going to and from India. High amounts of activity also occurred to and from New Zealand, Malaysia, Nepal, Kenya, Mozambique, the Philippines and Indonesia.
https://qz.com/1105149/india-is-an-unexpected-axis-of-north-koreas-suspect-cyber-activity/

 

Police body cams had no “statistically significant effect” in DC
The study (PDF) then measured four outcome factors: reported uses of force, civilian complaints, policing activities (which includes tickets, warnings, arrests, etc.), and judicial outcomes, specifically whether MPD arrest charges led to prosecutions. DC Police Chief Peter Newsham told NPR that everybody was expecting a different conclusion about the agency’s $5.1 million program. “I think we’re surprised by the result. I think a lot of people were suggesting that the body-worn cameras would change behavior. There was no indication that the cameras changed behavior at all.”
https://arstechnica.com/tech-policy/2017/10/body-cams-had-no-effect-on-police-use-of-force-in-nations-capital-study-says/

 

Ex-U.S. spy chiefs urge Congress to renew internet surveillance law
The program, authorized under Section 702 of the Foreign Intelligence Surveillance Act, allows U.S. spy agencies to eavesdrop on and store vast amounts of digital communications from foreign suspects living outside the United States. It will expire on Dec. 31 if Congress does not act. “We have personally reported to our Presidents – Republican and Democratic – and to the Congress details of plots disrupted based on information from Section 702,” the former intelligence chiefs said in letters to congressional leaders that were seen by Reuters.
https://www.reuters.com/article/us-usa-cyber-surveillance-security/ex-u-s-spy-chiefs-urge-congress-to-renew-internet-surveillance-law-idUSKBN1CS2GX

 

Best VPN for US citizens to avoid the NSA and FBI
Americans using VPNs, then, require greater security and less access to foreign content. Below we’ve chosen our favorite VPN providers that achieve this equilibrium based on the following criteria:
·       The provider is not based in the United States
·       No traffic logs are stored on the provider’s servers
·       Strong encryption, 128-bit AES or greater, is used by default
·       Shared IP addresses are used to preserve anonymity
·       Bonus points for anonymous payment methods, such as Bitcoin
https://www.comparitech.com/blog/vpn-privacy/best-vpn-for-usa/

 

Hackers are attacking power companies, stealing critical data: Here’s how they are doing it
While it has long been known that state-backed hackers are keen to access critical infrastructure, the report provides one of the most detailed looks at how state-backed hackers are attempting to gather data on critical national infrastructure through a sophisticated and multi-stage project. It details how hackers work their way through the supply chain for these major companies, starting by attacking small companies with low security and small networks, which are then used as a stepping stone into the networks of “major, high value asset owners within the energy sector”.
http://www.zdnet.com/article/hackers-are-attacking-power-companies-stealing-critical-data-heres-how-they-are-doing-it/

 

DHS Alert on Dragonfly APT Contains IOCs, Rules Likely to Trigger False Positives
YARA expert Florian Roth warned within hours of the release that some of the IOCs and YARA rules were flawed and could cause a wave of unnecessary alerts for admins. […] This week’s report, Roth points out, contains a few similar issues, most notably around PsExec, a well-known Windows sysinternals utility. Roth said there were two signed hashes for PsExec among the IOCs and YARA rules that would trigger false positives.
https://threatpost.com/dhs-alert-on-dragonfly-apt-contains-iocs-rules-likely-to-trigger-false-positives/128572/

 

Why Cryptojacking Is The Next Big Cybersecurity Threat
Meet the Internet’s latest menace. Hackers and penny-pinching website hosts are hijacking people’s computers to “mine” cryptocurrency. […] The moneymaking phenomenon is more common than you might think. CBS’s Showtime reportedly ran cryptominer tech on viewers’ PCs this year, removing it after security researchers called it out in September. (A Showtime spokesperson declined to comment to Fortune.) The mining code later appeared temporarily on the official website of soccer star Cristiano Ronaldo.
http://fortune.com/2017/10/23/bitcoin-monero-cryptocurrency-mining-security-threat/

 

Kaspersky pledges independent code review to cast off spying suspicions
After reports that data collected by the company’s anti-malware client was used to target an NSA contractor and various accusations of connections to Russian intelligence, today Kaspersky Lab announced the launch of what company executives call a “Global Transparency Initiative.” As part of the effort aimed at regaining the trust of corporate and government customers among others, a Kaspersky spokesperson said that the company would open product code and the company’s secure coding practices to independent review by the first quarter of 2018.
https://arstechnica.com/information-technology/2017/10/kaspersky-pledges-independent-code-review-to-cast-off-spying-suspicions/

 

Kaspersky code review doesn’t solve the spying problem
Anti-virus software is designed to have access to all the files on a customer’s computer. In this case, the customer was an NSA contractor. By design, Kaspersky’s software would have scanned those files, and if there was a signature match, it’s possible they would have collected them for further analysis. “So that is what Kaspersky has been accused of doing: using (or allowing to be used) its legitimate, privileged access to a customer’s computer to identify and retrieve files that were not malware,” Ledgett explained.
https://www.csoonline.com/article/3230558/security/kaspersky-code-review-doesnt-solve-the-spying-problem.html

 

Europol calls for cooperation on Darkweb and IOT use by criminals
The Internet of Things is not only here to stay but expected to significantly expand as more and more households, cities and industries become connected. Insecure IoT devices are increasingly becoming tools for conducting cyber-criminality. We need to act now and work together to solve the security challenges that come with the IoT and to ensure the full potential.”
https://www.scmagazine.com/europol-calls-for-cooperation-on-darkweb-and-iot-use-by-criminals/article/701967/

 

Proposed law would regulate online ads to hinder Russian election influence
A bipartisan group of federal lawmakers wants to make it more difficult for Russia to influence US elections. To that end, the group has drawn up legislation requiring Internet-based companies like Google, Twitter, and Facebook to disclose who is buying political advertisements on their platforms and maintain those records after elections. The Honest Ads Act would heap on the Internet some of the same types of political advertising rules that apply for TV, radio, and print. The legislation is designed to somehow enforce federal election laws that forbid foreign nationals and foreign governments from spending money in the US to influence elections.
https://arstechnica.com/tech-policy/2017/10/proposed-law-would-regulate-online-ads-to-hinder-russian-election-influence/

 

Microsoft’ New Feature to Protect Windows 10 from Ransomware
By enabling Controlled Folder Access (CFA) on a folder, it will be possible to continuously monitor the changes in the system in real-time and timely identify any unauthorized access. In case an unauthorized process attempts to access that folder, which has been protected with CFA, it will immediately be blocked, and the user will be notified.
https://www.hackread.com/microsoft-windows-10-anti-ransomware/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.