IT Security News Blast 11-10-2017

Human and Cyber Security

Why human-machine teaming is the future of cybersecurity
Federal cybersecurity workers shouldn’t worry about job security with artificial intelligence looming. In fact, it’s quite the opposite: They should be excited, as their jobs should become more interesting and challenging with automation taking over lower-level tasks. The optimum state of federal cybersecurity is not simply automation, artificial intelligence or machine learning; it’s human-machine teaming.


Equifax Is Haunted By Its Costly Cyber Attack
Extra spending on security and lawyers in the wake of the hacking helped push third-quarter operating expenses to the highest on record, the Atlanta-based company said Thursday in a statement. The company also said it’s facing more than 240 class-action lawsuits and more than 60 regulatory or governmental inquiries. […] Equifax said it incurred $27.3 million of costs related to the incident last quarter.


Charities unprepared for cyber attack risk
Yet while the chances of being hacked are as high for a charity as for any other organisation, the non-profit sector is unprepared to meet cyber threats. […] While it is not surprising that charities want to spend scarce resources on housing the homeless or feeding the hungry, some argue that those very services could be at risk if they fail to invest in cyber security tools and practices.


Increased Patient Data Access Requires Strong Health Data Security
As more healthcare organizations offer increased options for patient data access, it is crucial that health data security measures do not become an afterthought. HIPAA regulations allow for patients to access their own health data, but there are still crucial privacy and security considerations that must be adhered to.


‘NHS Cyber Security Batsignal’ peer-to-peer alerting system to launch next month
The new community-developed incident and alerting service is designed to provide immediate alerts of future cyber security incidents and enable sharing of information on how to respond, ensuring digital leaders across the NHS can remain in contact even if official channels are out of action.


Cyber Security Skills Crisis Causing Rapidly Widening Business Problem
“While there are many studies on the cyber security workforce gap, this is the only one to identify and go after the root cause of the deepening cyber security skills gap and provide actionable steps that every organization can take. The findings are clear that, while organizations have been investing in new cyber security technology, they are not investing enough in their people.


Security, privacy issues we need to solve before non-medical implants become pervasive
The cybernetic revolution is happening, and it’s imperative that civil liberties and privacy issues are addressed by system designers, innovators, regulators, and legislators, says James Scott, a Senior Fellow at cybersecurity think tank ICIT (Institute for Critical Infrastructure Technology). […] If we fail to do that, he says, there may not be any way to mitigate the onslaught of privacy and security harms poised to disrupt humanity’s potential evolution.


Eavesdropper Vulnerability Exposes Mobile Call, Text Data
The so-called Eavesdropper vulnerability, disclosed today by Appthority, has been around since 2011 and in apps downloaded likely more than 200 million times. […] “The affected Android apps had been downloaded up to 180 million times,” Appthority said. “Approximately 33 percent of the Eavesdropper apps found are business related. The exposure has been present since 2011. The scope of the exposure is massive including hundreds of millions of call records, minutes of calls and audio recordings, and text messages.”


Amid growing threats, Iowa lawmakers push for better state and local cybersecurity
The two legislators’ visit to Microsoft headquarters follows two recent serious breaches of cybersecurity in Iowa: The theft of hundreds of thousands of dollars from 103 retirees’ accounts with the Iowa Public Employees’ Retirement System and a cyberattack involving the Johnston school district that was identified after several parents received anonymous text messages that threatened violence to schools and students.


Cyber Experts Sound the Alarm
Actors that the United States has not thought of, non-nation states, anonymous, proxy adversaries, will have an impact as antagonists against countries, the general predicted. They are not only going after military networks, they are going after the economic might of that nation. “They are going after the key terrain that they know is fundamental to how a country operates.”


Joyce: Civilian cyber could use more discipline
“One of the best things we got out of CyberCom was really a centralization of the Defense Department where now they have a four-star commander who can order things quicker,” Joyce said. “When they decided they wanted to get [rid of] Kaspersky, somebody writes an order and they execute. With the civilian side, we knew we needed to do it, but we studied the problem a bit, we get the lawyers involved in the binding operational directive and it was harder.”


NATO just added cyber weapons to its armoury
The NATO Secretary General wouldn’t say where cyber weapons were likely to be used next but said: “We are now integrating cyber effects into NATO missions and operations to respond to a changed and new security environment where cyber is part of the threat picture we have to respond to.” It will be up to member states to decide what kinds of cyberwar capabilities they are willing share with NATO.


North Korea going online with heavy surveillance
Any attempt to change its core functions or disable virus checkers results in an automatic reboot cycle. Files downloaded from USBs are watermarked so that authorities can identify and trace criminal or subversive activity, a security measure that takes aim at the spread of unauthorized content from South Korea, China and elsewhere. Red Star also uses a trace viewer that takes regular screenshots of what is being displayed. The screenshots can’t be deleted or accessed by the typical user but are available for checking if a trained government official decides to take a look.


Fine-Tune Your CyberSecurity Budget for the Changing Threat Landscape
Security analytics is another growing area of promise that deserves investment consideration. Four out of five respondents to the AT&T survey said their organizations have been breached within the past year, indicating that detection and response are at least as important as prevention. Attackers typically lurk undetected for months as they siphon away data. Security analytics addresses this problem by applying machine learning techniques to log data to spot suspicious patterns such as large file transfers or repeated login attempts.


Americans Perceive Cyber Crimes As Being On The Rise
[Cyber] attacks on a big level that jeapordise individuals’ privacy and data security (which includes their financial security) happen far more frequently than the typical individual supposes. What’s more, the Internet of Things (IoT) world that we’re gradually moving into is very likely to just make individuals’ cyber security far more uncertain, as has already been demonstrated. Yet, even among respondents who show concern over their cyber security, the vast majority are still thinking of cyber hackers in the “old” way.


Microsoft Provides Guidance on Mitigating DDE Attacks
Despite a rash of attacks leveraging Dynamic Data Exchange fields in Office, including some spreading destructive ransomware, Microsoft has remained insistent that DDE is a product feature and won’t address it as a vulnerability. Microsoft on Wednesday did, however, put some guidance in admins’ hands as to how to safely disable the feature via new registry settings for Office.


Google just can not get rid of BankBot malware from Play Store
This time, researchers discovered BankBot in an app called “Cryptocurrencies Market Prices” claiming to provide up to date price for cryptocurrencies. But the real price was paid by those who downloaded the app from app store and got their banking data stolen. Researchers also noted that despite being malicious, it still got a shiny “verified by Play Protect” tag on it. Google Play Protect is supposed to check apps and device for harmful behavior.


Extortion-based cyber attacks: The next evolution in profit-motivated attack strategies
In 2018, the environment for cyberattacks will be considerably more destructive as hackers aim to create even more chaos in order to continue to turn profits. IT security teams will inevitably witness more guerilla-like tactics where cyber criminals may use more extortion-based methods. This means we’ll see hackers threaten to destroy data, launch DDoS attacks, and other forms of threats to get payment from their victims.


Vault 8
Source code and analysis for CIA software projects including those described in the Vault7 series. This publication will enable investigative journalists, forensic experts and the general public to better identify and understand covert CIA infrastructure components. Source code published in this series contains software designed to run on servers controlled by the CIA.



Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.