IT Security News Blast 10-26-2017

Class-actions still a reality for U.S. financial firms with bad press
The U.S. Senate killed a rule late on Tuesday that allowed consumers to band together to sue banks and credit card companies even when the small print of their contracts forced them into closed-door arbitration with their grievances. It was a huge win for banks, who feared a flood of costly lawsuits. But for financial firms already in the spotlight for poor treatment of customers, the bad publicity may make it difficult for them to avoid court.


Financial institutions launch their own cyber range to train defenders, test tools
The initiative, by the Financial Sector Information Sharing and Analysis Council, or FS-ISAC, has already built out the first range and will stage the first exercise on it at the end of November at the Federal Reserve Bank of Boston, according to Shaun Brady, a consultant with FS-ISAC. […] The sector “does a great job with table top exercises,” said Brady, but those are more policy and management orientated. There was a dearth of “hands-on-keyboards” style war games, he said. Eventually, FS-ISAC wants to stage two regional exercises a month on the range, each based at one of the 12 regional Federal Reserve Banks, he said.


Rich people can now buy insurance to protect against what Warren Buffett calls the ‘number one problem with mankind’
After the massive Equifax data breach that exposed the personal data of nearly half the US population, one company has created a product to quell the fears of a community most vulnerable to the threat of a cyber hack: rich people. Rubica, a startup based out of Silicon Valley, has partnered with PURE insurance to offer customers of its 24/7 cyber security monitoring up to $1 million in insurance coverage to protect assets and personal data if they’re hacked.


How big data can predict, detect and respond to cyber threats
Traditional perimeter controls remain essential to a network’s security and are still highly capable of protecting against conventional cyberattacks. These types of defenses traditionally operate on a set of rules or filters that function in a binary way—data is flagged as either trusted or untrusted. As long as a threat does not trigger a pre-defined filter, it goes undetected. To predict and prevent advanced modern threats, there needs to be an additional security layer that has the ability to view threats in a non-binary way, which is where big data comes in.


Heart-stopping cybersecurity threats — literally
As our physical and virtual worlds continue to meld, bad actors are not only attempting to steal sensitive information but also manipulate life-sustaining internet-connected medical devices, such as internal defibrillators, pacemakers and automated insulin pumps. The interoperability of these devices is critical in helping doctors monitor patients and detect problems with implanted devices. However, the ability for these technologies to adapt through internet connectivity — their greatest strength — is also their greatest vulnerability.


Beazley reports massive growth in breaches due to social engineering
According to the specialist insurer, during the first three quarters of 2016 these forms of attacks only made up about 1% of the incidents it handled. Now they have soared to 9% during Q1-Q3, 2017. Professional services firms are regularly targeted – representing 18% of the total, followed by financial institutions, higher education and healthcare organisations.


Cyber Threat Intelligence (CTI) – Part 1
To use it as a strategic asset, CISOs and their organizations must first understand CTI, and then know where it can be acquired and why it’s important. The answers to these questions provide insight into why CTI is a valuable service and how organizations can be efficient in using this tool to mature their security programs management of today’s threat.


The Dark Web Goes Mobile—and More Untrackable
“The anonymity promised by dark web networks such as TOR and i2p was the key reason for their popularity among cyber criminals,” said Guy Nizan, IntSights CEO and co-founder. “Now that the dark web is no longer safe for hackers and threat actors, they are moving to messaging platforms and brazenly conducting their illicit activities on the same apps that millions use every day.”


Cambridge Analytica CEO approached Assange about publishing missing Clinton emails
Assange verified the contact by Alexander Nix to the Daily Beast, noting he rebuffed the offer. “We can confirm an approach by Cambridge Analytica and can confirm that it was rejected by WikiLeaks,” Assange said. While the hack of the missing 30,000 emails has never been confirmed, they were hotly debated during the 2016 presidential campaign with then-candidate Donald Trump famously saying, “Russia, if you’re listening, I hope you’ll be able to find the 30,000 emails that are missing.”


Company offers cybersecurity scholarships for returning vets
Engility Holdings and the Center for Cyber Safety and Education are offering a scholarship program to help returning veterans gain cybersecurity certifications to reenter the workforce. […] Military experience is one of the most desired traits for cybersecurity job candidates and veterans who were honorably discharged from one of the five branches of the military by Dec. 21, 2017, and those currently serving as active members in the National Guard or Reserves are eligible for the program.


New wave of cyber attacks hits Russia, other nations
Cyber attacks using malware called “BadRabbit” hit Russia and other nations on Tuesday, affecting Russian Interfax news agency and causing flight delays at Ukraine’s Odessa airport. […] The attacks are disturbing because attackers quickly infected critical infrastructure, including transportation operators, indicating it was a “well-coordinated” campaign, said Robert Lipovsky, a researcher with cyber firm ESET.


Russian cybersecurity company admits taking NSA code
Moscow-based Kaspersky Lab on Wednesday acknowledged that its security software had taken source code for a secret American hacking tool from a personal computer in the United States. The admission came in a statement from the embattled company that described preliminary results from an internal inquiry it launched into media reports that the Russian government used Kaspersky anti-virus software to collect National Security Agency technology.


Examining The Three Classes Of Cybersecurity Needs
In recent years, organizations have shown an increasing interest in transferring some of their excessive breach risks via cyberinsurance. Unfortunately, insurance firms are finding it quite hard to price cyber coverage for two reasons: 1) They do not really understand the cybersecurity posture of their clients, and 2) most organizations (including security-mature firms) are not cyber-resilient, and insurers don’t want to accumulate all that risk.


Cybersecurity is a mess, mobile chip chief says
Along with designing chips that are faster and consume less energy, ARM also has turned its attention to security. It wants to make sure that devices are secured through their hardware, not just their software. […] Hackers are able to tap into insecure televisions, phones and even antivirus itself. Segars noted that even a fish tank in Las Vegas got hacked. While security experts fight to stay ahead of cybercriminals, it’s much messier getting manufacturers and the average person to follow secure practices.


There’s a ‘gold rush’ for cyber security solutions to meet coming demands, conference told
Canadian towns and cities aren’t prepared for the coming global clash of restless young, urban mobile users, the rise of the digital economy, online social networks and cyber security, an IT conference has been told. […] More than a trillion dollars will be spent in the next five years “looking for those brass rings” that solve a range of fundamental technological and societal problems, he said. “There’s a new form of empowerment that is fundamentally altering the relations between citizens and states that has an impact down to local level and municipalities[.]”


Legal hack back lets you go after attackers in your network
Security teams can perform actions such as delivering a payload, wiping data, and setting up a beacon to see what attackers are doing next. Hack back is a controversial topic among security professionals, because so much can go wrong and the massive collateral damage that can result. Going after attacker infrastructure isn’t as straightforward as grabbing IP addresses and domain names; attackers regularly commandeer machines belonging to other individuals and launch attacks without the owners’ knowledge.


Data-driven analysis of vulnerabilities in real-world OT networks
To obtain this data, CyberX analyzed production traffic from 375 representative OT networks worldwide across all sectors — including energy & utilities, manufacturing, pharmaceuticals, chemicals, and oil & gas — using its proprietary Network Traffic Analysis (NTA) algorithms.
·       Forget the myth of the air-gap
·       Unpatchable Windows boxes
·       Weak authentication
·       No anti-virus protection
·       Rogue devices and wireless access
·       Remote control


Hackers Prepping IOTroop Botnet with Exploits
Hackers moved one step closer to launching full-scale DDoS attacks using millions of IoT devices herded into the botnet known as Reaper or IOTroop.Researchers at NewSky Security warn that hackers are swapping scripts on forums that can scan the internet for vulnerable IoT devices and dump default or weak credentials from them. “This is an important next step for hackers who have taken the concept of an attack and turned it into the foundation of a real one,” said Ankit Anubhav, principal security researcher at NewSky Security.


Hacker Hijacks CoinHive’s DNS to Mine Cryptocurrency Using Thousands of Websites
[Coinhive] has been hacked — a popular browser-based service that offers website owners to embed a JavaScript to utilise their site visitors’ CPUs power to mine the Monero cryptocurrency for monetisation. Reportedly an unknown hacker managed to hijack Coinhive’s CloudFlare account that allowed him/her to modify its DNS servers and replace Coinhive’s official JavaScript code embedded into thousands of websites with a malicious version. Apparently, hacker reused an old password to access Coinhive’s CloudFlare account that was leaked in the Kickstarter data breach in 2014.



Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.