IT Security News Blast 10-30-2017

Which Breaches Should Dirty Your Breeches?
Our press and industry overuse the word, “breach,” and it causes confusion. Not all security breaches are alike. The things we label as a “breach” can have remarkably different impacts. Some are annoying, some impact services, and others mean important data was stolen. Our overuse of the word, “breach,” does us all a disservice. For those that aren’t information security specialists, I will mine into the mountain of things we call “breaches” here.
https://criticalinformatics.com/which-breaches-should-dirty-your-breeches/

 

Malware That Can Empty Bank Accounts
CERTCC has reported that the downloaded file is named ‘E-Dadsara’ (e-judiciary in Persian). When users click on the file, without noticing it they authorize the malware to record all of their activities. The malware will collect data on the user, including keyboard input and online activities. Based on the gathered data, criminals can access users’ bank accounts and empty them within seconds.
https://financialtribune.com/articles/economy-sci-tech/75163/malware-that-can-empty-bank-accounts

 

Cyberattacks top concern for Bank of Canada boss amid rapidly changing tactics
The central bank warned Canadians in June that the country’s interconnected banks are vulnerable to a cascading series of cyberattacks, something that could undermine broad confidence in the financial system. The report, known as the financial system review, also said such structural vulnerability could allow for the easy spread of an initial attack into other sectors, such as energy or water systems. The report urged commercial banks to co-operate on countering the threats, which aren’t going away any time soon.
https://globalnews.ca/news/3827296/cyberattacks-bank-of-canada/

 

Panama Papers 2? The financial secrets of the super-rich may be about to be leaked after an offshore law firm was hacked
Super-rich clients of offshore law firm Appleby are bracing themselves for the exposure of their financial secrets, after the firm admitted data had been stolen in a cyber attack last year. […] The International Consortium of Investigative Journalists (ICIJ) has since approached the firm with allegations of wrongdoing, after it was handed data obtained in the hack, which Appleby strongly refutes.
http://www.businessinsider.com/financial-secrets-of-super-rich-stolen-offshore-appleby-2017-10

 

Kaspersky CEO says hack claims cutting U.S. cyber security sales
Eugene Kaspersky told Reuters on Friday that the Moscow-based cyber security firm that bears his name would see a ‘single-digit’ drop in U.S. sales this year as a result of suspicions about his company’s ties to the Russian government, but its global revenue should still increase.
http://www.reuters.com/article/us-cyber-summit-kaspersky/kaspersky-ceo-says-hack-claims-cutting-u-s-cyber-security-sales-idUSKBN1CW2P1

 

NHS cyber attack far more extensive than thought, says report
The scale of the cyber attack on the National Health Service was far larger than previously appreciated, according to a report by the spending watchdog that lays bare the health service’s poor preparation to cope with such a threat. The National Audit Office says the department was warned of the risks to its IT systems a year before the May assault, but only published a formal response to security recommendations two months afterwards. The report also discloses that every NHS trust whose cyber security arrangements were checked before the breach had failed the inspection.
https://www.ft.com/content/4110069a-ba3d-11e7-8c12-5661783e5589

 

Healthcare Cyber Security Market to grow at the highest CAGR according to New Research Report 2022
The service segment includes end-user spending on consulting, designing & integration, risk assessment, and training. The solution segment includes deployment of healthcare cybersecurity solutions such as breach detection, business continuity & disaster recovery, cloud & data centers, data loss protection, identity & access management, mobile devices, and risk & compliance management cyber security solutions in healthcare organizations across the globe.
https://www.medgadget.com/2017/10/healthcare-cyber-security-market-to-grow-at-the-highest-cagr-according-to-new-research-report-2022.html

 

Intelligence Agency at Ohio Base Keeps Tabs On Threats to US
Analysis by NASIC keeps the White House, Congress and the Pentagon aware of air, space and cyber threats and determine what dangers a missile from the rogue country has for the U.S. and its allies. […] The agency workforce has mostly science, engineering and technology skills, and high demands in cyber, and data processing experts as the volume of intelligence to interpret and evaluate grows.
http://www.military.com/daily-news/2017/10/29/intelligence-agency-at-ohio-base-keeps-tabs-on-threats-to-us.html

 

UK.gov joins Microsoft in fingering North Korea for WannaCry
“North Korea was the state that we believe was involved in this worldwide attack on our systems,” Wallace said, before adding (when challenged on this attribution by presenter John Humphries): “We can be as sure as possible… I can’t go into the details of our intelligence.” He added: “It is widely believed across the community and in a number of countries that North Korea had taken this role.”
https://www.theregister.co.uk/2017/10/27/uk_gov_wannacry_blame_north_korea/

 

Putin Starts Aiming His Cyberweapons Against Individuals
“It is in the national strategic interests of both the United States and Ukraine to cooperate deeply in cybersecurity, because Ukraine is a canary in the cyberspace coal mine,” Islam told The Daily Signal. […] The Ukrainian government recently has been attacked by “undetectable” computer viruses that target “particular individuals, in particular departments, and they’re constructed based on the social understanding of social media by particular people[.]” “Russia recruits psychiatrists, scientists, and neurologists, who construct these things to target particular individuals,” Shymkiv said.
http://www.newsweek.com/putin-starts-aiming-his-cyberweapons-against-individuals-695578

 

US voting server in election security probe is mysteriously wiped
The server in question is based in Georgia – a state that narrowly backed Donald Trump, giving him 16 electoral votes – and stored the results from the state’s voting systems. The deletion of its data makes analysis of whether the computer was compromised impossible to ascertain. There is good reason to believe that the computer may have been tampered with: it is 15 years old, and could have be harboring all sorts of exploitable software and hardware vulnerabilities. No hard copies of the votes are kept, making the electronic copy the only official record.
https://www.theregister.co.uk/2017/10/26/voting_server_georgia_wiped/

 

We’re building a dystopia just to make people click on ads [Ted Talk]
We’re building an artificial intelligence-powered dystopia, one click at a time, says techno-sociologist Zeynep Tufekci. In an eye-opening talk, she details how the same algorithms companies like Facebook, Google and Amazon use to get you to click on ads are also used to organize your access to political and social information. And the machines aren’t even the real threat. What we need to understand is how the powerful might use AI to control us — and what we can do in response.
https://www.ted.com/talks/zeynep_tufekci_we_re_building_a_dystopia_just_to_make_people_click_on_ads

 

Senate intel committee votes behind closed doors bill to re-up Section 702
“It’s unacceptable that an issue of this magnitude was debated behind closed doors. We now know what mischief they were up to in secret,” ACLU Legislative Counsel Neema Singh Guliani, said in a release. “Not only did they fail to curb the litany abuses that have occurred in recent years, in many respects, the bill would expand existing surveillance authorities.” The bill, which reauthorizes Section 702 for eight more years, “would further strip Americans of their constitutional rights,” she said.
https://www.scmagazine.com/senate-intel-committee-votes-behind-closed-doors-bill-to-re-up-section-702/article/703601/

 

Exclusive: U.S. widens surveillance to include ‘homegrown violent extremists’ – documents
The change last year to a Department of Defense manual on procedures governing its intelligence activities was made possible by a decades-old presidential executive order, bypassing congressional and court review. The new manual, released in August 2016, now permits the collection of information about Americans for counterintelligence purposes “when no specific connection to foreign terrorist(s) has been established,” according to training slides created last year by the Air Force Office of Special Investigations (AFOSI).
https://www.reuters.com/article/us-usa-cyber-surveillance-exclusive/exclusive-u-s-widens-surveillance-to-include-homegrown-violent-extremists-documents-idUSKBN1CU1H6

 

Is your high-tech robot vacuum letting hackers into your home?
Security firm Check Point recently alerted consumers to a security flaw in the LG Hom-Bot robot, demonstrating how a hacker can take control of the device and use the built-in camera for covert surveillance of the home or office. What’s more, the vulnerability in the firm’s SmartThinQ phone application allowed them to hijack all the connected devices, such as refrigerators, microwaves, and air conditioners.
https://www.digitaltrends.com/home/lg-hom-bot-vacuum-hacked/

 

Assessing the threat the Reaper botnet poses to the Internet—what we know now
The more nuanced reality is that Reaper exhibits some unusual behavior that makes it impossible to assess the real danger the botnet presents. Some facts that have come to light over the past few days strongly suggest its developers are amateurs and don’t pose the existential Internet threat initially thought, particularly when comparing Reaper to another established IoT botnet that has gone largely ignored for more than a year.
https://arstechnica.com/information-technology/2017/10/assessing-the-threat-the-reaper-botnet-poses-to-the-internet-what-we-know-now/

 

Google Patches ‘High Severity’ Browser Bug
The bug is tied to the browser’s Chrome V8 open-source JavaScript engine used on Windows 7 and later, macOS 10.5 and later and Linux systems that use processors Intel Architecture 32-bit (i386), ARM or MIPS, according to Google. Google is not releasing any details surrounding this stack buffer overflow vulnerability (CVE-2017-15396) stating, “access to bug details and links may be kept restricted until a majority of users are updated with a fix.
https://threatpost.com/google-patches-high-severity-browser-bug/128661/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.