IT Security News Blast 11-02-2017

Daily Cybersecurity News Blast

Reaper: The Professional Bot Herder’s Thingbot
This isn’t your mama’s botnet. This is a proper botnet. If you were the world’s best IoT botnet builder and you wanted to show the world how well-crafted an IoT botnet could be, Reaper is what you’d build. It hasn’t been seen attacking anyone yet, and that is part of its charm. But, what is it doing? We’ve got some ideas.
https://f5.com/labs/articles/threat-intelligence/cyber-security/reaper-the-professional-bot-herders-thingbot

 

Hacking group targets banks with stealthy trojan malware campaign
The initial attack techniques of Silence campaigns are similar threat actors including the infamous Carbanak group – initial victims are tricked by phishing emails which give the attackers a foothold into the network. They’ll remain there for a long time, only striking when they have enough information to steal large amounts.
http://www.zdnet.com/article/hacking-group-targets-banks-with-stealthy-trojan-malware-campaign/

 

How smart cities can protect against IoT security threats
The security issues facing smart cities are unlike anything ever before seen, and solutions to these problems haven’t yet sprung up en masse, meaning many different interest groups have proposed their own respective plans. By combing through some of today’s proposed solutions, we can identify some of the leading trends that will come to dominate the future of smart city security.
https://www.networkworld.com/article/3231988/internet-of-things/how-smart-cities-can-protect-against-iot-security-threats.html

 

Banks fearing North Korea hacking prepare defenses: cyber experts
Global banks are preparing to defend themselves against North Korea potentially intensifying a years-long hacking spree by seeking to cripple financial networks as Pyongyang weighs the threat of U.S. military action over its nuclear program, cyber security experts said.
https://www.reuters.com/article/us-cyber-summit-northkorea-banks/banks-fearing-north-korea-hacking-prepare-defenses-cyber-experts-idUSKBN1D0320

 

Let the Cyber Wars Begin: Federal Regulators Prepare Their Arsenal
According to the SEC, the defendants styled certain ICOs as sales in club memberships in order to evade securities laws, including registration requirements. The Cyber Unit also will investigate misconduct perpetrated using the dark web where cryptocurrencies are used to pay for illicit goods.  This is likely to be an area of great activity given that the number of cryptocurrencies being traded is at an all-time high and their financial value reached a historic peak in 2017.
https://www.forbes.com/sites/insider/2017/11/01/let-the-cyber-wars-begin-federal-regulators-prepare-their-arsenal/#7604eb0e191e

 

The nasty future of ransomware: Four ways the nightmare is about to get even worse
This could mean the ransomware infection could being the least of your problems. Trojan malware or stolen credentials could give attackers outright access to the network, even after the ‘ransomware’ infection has been dealt with, so organisations could potentially give in and pay a ransom to criminals who then remain able to exploit vulnerabilities in the network.
http://www.zdnet.com/article/the-nasty-future-of-ransomware-four-ways-the-nightmare-is-about-to-get-even-worse/

 

3 Common Cybersecurity Threats to Healthcare
Many attacks on health systems are targeted: Hackers don’t just prey on a hospital to get patient data, but to get specific patient data. “At times, they are interested in a certain patient’s information, whether for blackmail or otherwise,” Kim said. “So the attacks are targeted against a specific healthcare organization because they know that John or Jane Doe frequent that institution.”
http://www.hcanews.com/news/3-common-cybersecurity-threats-to-healthcare

 

Brits demanding urgent government intervention to improve IoT device security
According to statistics shared by the firm, the amount of money that IoT vendors in the UK invest in device security is the second lowest globally, with just 9% of their resources committed towards cyber security. Considering that almost next to nothing is being spent on their security, devices sold by such vendors also rank poorly when it comes to encrypting customer data.
https://teiss.co.uk/news/iot-device-security-government/

 

Hospitals, don’t wait to address these little-known IoT security issues
“Devices are purchased with the expectation they will last for years. However, as threats evolve, there is not always a vendor expectation to maintain these devices and provide patches,” said Ryan Spanier, director of research at Kudelski Security. “To complicate matters, many of these devices cannot be taken down for regular maintenance.”
http://www.healthcareitnews.com/news/hospitals-dont-wait-address-these-little-known-iot-security-issues

 

North Korea’s Plenty Scary Without an Overhyped EMP Threat
Coyle acknowledges that EMPs can be a problem—the electromagnetic pulse from an 1859 solar storm, known as the Carrington Event, would have devastating consequences if repeated today—but he and others remain skeptical as to the true impact of the type of nuclear-based attack outlined by the EMP Commission. “I don’t know how the proponents of EMP get such huge results. I just don’t follow their logic[.]”
https://www.wired.com/story/north-korea-emp-threat/

 

“This Is a Very Big Deal”: Feinstein Lights into Big Tech Over Russian Meddling
Feinstein made it clear that, going forward, Big Tech should expect to operate under a microscope. “We are not going to go away, gentlemen,” she said. “And this is a very big deal. I went home last night with profound disappointment. I asked specific questions, I got vague answers. And that just won’t do. You have a huge problem on your hands. And the U.S. is going to be the first of the countries to bring it to your attention, and other countries are going to follow, I’m sure, because you bear this responsibility. You created these platforms, and they are being misused. And you have to be the ones to do something about it—or we will.”
https://www.vanityfair.com/news/2017/11/feinstein-lights-into-big-tech-over-russian-meddling

 

Here are the Kremlin-backed Facebook ads designed to foment discord in US
Today, the House Intelligence Committee finally, and officially, released some of the Facebook ads and the handles of several thousand fake Twitter accounts—all of which were designed to foment discord in the United States. Here is a selected gallery of the advertisements, which bash Hillary Clinton before the election and cap on Donald Trump after he won the election. The ads touch on every hot-button topic, ranging from religion to gun rights, immigration, gay rights, and racial issues.]
https://arstechnica.com/tech-policy/2017/11/here-are-the-kremlin-backed-facebook-ads-designed-to-foment-discord-in-us/

 

Containing Our Intelligence War with Russia
Aggressive actions by intelligence organizations, which by their nature focus on espionage and influence operations, are dim reflections of broader national-level intent. Those who disagree should consider the fact that Russian cyber warriors have not turned out the lights in key U.S. regions or disrupted trading on Wall Street, actions within their technical capability that would be far more damaging to civil order than publishing e-mails, paying Internet “trolls,” or buying social media advertisements.
http://nationalinterest.org/feature/containing-our-intelligence-war-russia-22985

 

Malware is lurking in Outlook invites; DragonFly set to attack
You know how important training users to avoid email phishing attacks is, but there’s another way hackers can get in: Microsoft Outlook calendar invites. That’s right. Malicious code can be spread by exploiting the Dynamic Data exchange protocol via both Outlook e-mails and calendar invites in Rich Text Format, according to the HIMSS Healthcare and Cross-Sector Cybersecurity Report for October 2017. The report recommends keeping e-mail to plain text as a mitigation tactic.
http://www.healthcareitnews.com/news/malware-lurking-outlook-invites-dragonfly-set-attack

 

Internet Trolls, Corporations And Your Personal Data: New Regulations Coming
Dramatic new protections for your personal data rights are on the way. Unfortunately, these protections could threaten other things you value, such as convenience and customization (and they won’t matter much to trolls). A range of data-driven business models, existing and future, might be at risk. How will we balance innovation and service against security? While not always in conflict, they exist in tension. What will be society’s position? What will be yours?
https://www.forbes.com/sites/robertwolcott/2017/11/01/internet-trolls-corporations-and-your-personal-data-new-regulations-coming/#4f678f3629ba

 

Getting rid of social security numbers is not the answer
Replacing the SSN as a key identifier with some other piece of data is a band-aid solution to the overall problem of data theft. The new identifier will quickly become just as sought after—and therefore, just as targeted—as the SSNs have been, and we’ll be back at square one. Instead, it’s time to take a better look at a number of factors, like data encryption tools, oversharing of personal identifiable information, mindless data gathering and failure to store that data securely, and more.
https://www.csoonline.com/article/3235155/data-protection/getting-rid-of-social-security-numbers-is-not-the-answer.html

 

Georgia insists server deletion was “not undertaken to delete evidence”
Marilyn Marks, the executive director of the Coalition for Good Governance, one of the plaintiffs in the case, provided Ars with an annotated copy of the Germany report, in which she disputed many of its assertions. It includes remarks like: “Cannot possibly be true that University System procedure is to delete servers that have been breached.” In a brief phone interview with Ars, she said: “There’s probably way more to the story than it appears to those of us who are on the outside.”
https://arstechnica.com/tech-policy/2017/11/georgia-insists-server-deletion-was-not-undertaken-to-delete-evidence/

 

Fine, OK, no backdoors, says Deputy AG. Just keep PLAINTEXT copies of everyone’s messages
Tech giants are resisting weakening their strong end-to-end and filesystem crypto just to help cops and Feds arbitrarily decipher suspects’ messages and files on devices. So, Rosenstein has another approach: let people send stuff encrypted as normal, but a plaintext copy of everything – from communications to files on devices – must be retained in an unencrypted form for investigators to delve into as needed.
https://www.theregister.co.uk/2017/10/30/encryption_backdoors_plaintext_deputy_ag/

 

Official list of hacker and cyber crime movies
The cybersecurity field offers job security, good pay, interesting work and a solid career path for young people with computer science-, forensics- and other technology-related education. But those points alone aren’t enough to get middle- and high-school students interested in becoming cyber fighters. What’s a parent or teacher to do? Enter Hollywood. For the past 45 years, more than a hundred movies with hacking- and computer security-related themes have hit the big screen.
https://www.csoonline.com/article/3235656/security/official-list-of-hacker-and-cyber-crime-movies.html

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.