IT Security News Blast 11-15-2017

Daily IT News Blast: Radio

Live Panel F5 Webinar: The Evolving Role of CISOs
There’s still time to register! Join me tomorrow, 11/16/17, 10 AM PST, for a riveting discussion on “The Evolving Role of CISOs” with F5 Labs’ Ray Pompon and Kip Boyle of Cyber Risk Opportunities. Bring your most burning questions regarding the role of the CISO for a lively Q&A session at the end.
https://interact.f5.com/2018ALLWTheEvolvingRoleofCISOsNOV16_2-RegistrationPage.html

 

Financial services firms buckle down on data security
“More than 15 million Americans were victims of cyber-fraud or identify theft last year,” said Subcommittee Chairman Blaine Luetkemeyer (R-Mo.).  “While data security has been a hot topic since the latest breach, Equifax isn’t where the problem started and, if we don’t act, it isn’t where the problem will end. With each attack more dangerous and more advanced than the last, it is crucial that every aspect of data security is examined.”
https://www.complianceweek.com/news/news-article/financial-services-firms-buckle-down-on-data-security

 

Equifax Data Breach Costs Financial Giant $87.5 Million Dollars
As a result of the data breach Equifax has entered into various agreements with many firms including IBM and Tata Consultancy Services. These agreements are outsourcing agreements for data processing operations, app development, continuity services and recover services. Equifax expects that they will have to meet new compliance measures as a result of this data breach, which they expect will carry a heavy cost as well.
https://itsecuritycentral.teramind.co/2017/11/14/equifax-data-breach-costs-financial-giant-87-5-million-dollars/

 

At Texas Health Resources, A Strategic Approach to Evolving Cybersecurity Challenges
Healthcare CI­SOs face complex and challenging issues with respect to information security, including rapidly evolving mal­ware threats, insider data breaches and the increasing use of medical Internet of Things (IoT) devices across their organizations. […] The health system’s CISO, Ron Mehring, says the or­ganization is migrating data centers housed in individual hospitals to “sophisticated, advanced co-location facili­ties” and the new data centers provide increased secu­rity controls and protections.
https://www.healthcare-informatics.com/article/cybersecurity/texas-health-resources-strategic-approach-evolving-cybersecurity-challenges

 

Funding, fiber, cyber: A recipe for smarter cities
For cities across the country to embrace smart technology, the federal government will have to help make that happen, according to experts on a Digitizing Infrastructure panel hosted by The Hill. […] The reality is the federal government has not come to table with enough money for about a generation of infrastructure building,” Pallasch said. “So it’s about time for the federal government to step up and spend a little bit more.”
https://gcn.com/articles/2017/11/14/smart-tech-federal-help.aspx

 

U.S. government shares technical details on North Korean hacking campaign
Tuesday’s alert included the publication of IP addresses the FBI said were linked to the hacking campaign and was intended to help private industry guard against the attacks. The FALLCHILL malware was described as providing hackers with wide latitude to monitor and disrupt infected systems. The malware typically gained access to systems as a file sent via other North Korean malware or when users unknowingly downloaded it by visiting sites compromised by the hackers.
http://www.reuters.com/article/us-usa-cyber-northkorea/u-s-government-shares-technical-details-on-north-korean-hacking-campaign-idUSKBN1DE2V4

 

North Korea’s latest weapons of mass disruption REVEALED
It comes as the ex-director of the Government Communications Headquarters, Robert Hannigan, warned that the WannaCry ransomware attack on the NHS in May is only the beginning of despot leader Kim Jong-un’s cyber war. He said: “They will get better at using those tools, and there are far more sophisticated tools out there, and they will start to use them. “The technical sophistication of the threats is going to get worse, without question.” The attack saw 81 hospitals in the UK have their systems come to a standstill, which led to the cancellation of 20,000 medical appointments.
http://www.express.co.uk/news/world/879546/North-Korea-news-World-War-3-weapon-of-mass-disruption-cyber-attack

 

Russia attacked energy, telecom and media in Britain: government official
The remarks follow comments on Monday from Prime Minister Theresa May in which she accused Russia of spreading disinformation and meddling in elections, echoing a heated debate in the United States over alleged Russian interference in the 2016 presidential election. Russian has strongly denied any election interference in the United States. The Russian embassy in Washington did not immediately respond when asked after normal business hours for comment on Martin’s remarks.
http://www.reuters.com/article/us-britain-cyber/russia-attacked-energy-telecom-and-media-in-britain-government-official-idUSKBN1DF01N?il=0

 

Gary Johnson: It’s a Mistake to Trust Our Cyber-Security to the Hacked NSA
Largely missed in all the noise about Russian Facebook ads and Trump Tower meetings has been the fact that incredibly powerful “cyberweapons” developed by our own government have been stolen and sold to North Korea and, yes, Russia. Many of the high-profile “hacks” of recent months, which exposed millions of Americans’ most sensitive information, are likely the result of the NSA’s embarrassing and ironic failure to protect the weapons it has developed in the name of protecting us.
https://www.thejacknews.com/commentary/gary-johnson-mistake-trust-cyber-security-hacked-nsa/

 

Trump administration to release rules on disclosing cyber flaws: source
The move is an attempt by the U.S. government to address criticism that it too often jeopardizes internet security by stockpiling the cyber vulnerabilities it detects in order to preserve its ability to launch its own attacks on computer systems. The revised rules, expected to be published on whitehouse.gov, are intended to make the process for how various federal agencies weigh the costs of keeping a flaw secret more transparent, said the official, who spoke on condition of anonymity because the rules were not yet public.
https://www.reuters.com/article/us-usa-cyber-rules/trump-administration-to-release-rules-on-disclosing-cyber-flaws-source-idUSKBN1DF0A0

 

NSA rocked after The Shadow Brokers Breach
While The Shadow Brokers are still mocking the agency and posting download links to its stolen hacking tools, authorities in the United States are still clueless about the culprits. According to the Times, in order to identify people behind the breach or their links to the hacking group “NSA employees have been subjected to polygraphs and suspended from their jobs.” […] The Times report reveals the scary picture of powerlessness faced by the world’s most powerful intelligence agency. “These leaks have been incredibly damaging to our intelligence and cyber capabilities[.]”
https://www.hackread.com/nsa-rocked-after-the-shadow-brokers-breach/

 

China ranks worst in world for internet freedom, says report
The report ranked countries on a 100-point scale based on three broad categories: obstacles to access, limits on content and violations of user rights. The higher the score, the more restrictive a country’s internet controls — at 87 points, China’s internet was found to be the most restrictive, while web access in Iceland and Estonia were jointly the most free at 6 points.
https://www.ft.com/content/4110a3e8-c915-11e7-ab18-7a9fb7d6163e

 

EDITORIAL: No snooping on American citizens without a court order
Unfortunately, as usually happens when it’s time to discuss this important privacy and security issue, Congress is wrapped up in something else. This time, tax cuts for wealthy people are monopolizing Congress’ attention. Little time remains before the end of the year for thoughtful hearings and debate on the appropriate level of surveillance in a free society and what the nature and scope of the NSA’s program should be.
https://chicago.suntimes.com/opinion/nsa-poe-sessions-congress-liberty-act-no-snooping-american-citizens-court-order/

 

In historic decision, FISA court allows NSA surveillance transparency lawsuit to continue
In a historic en banc decision, the U.S. Foreign Intelligence Surveillance Court ruled last week that there is sufficient standing to proceed with a lawsuit that could require the court to publicly disclose the secret justifications behind the NSA’s electronic surveillance program that was exposed by Edward Snowden. Never before have all 11 FISC judges collectively heard a case in an en banc review. The 6-5 ruling reverses a previous FISA court decision by FISC Judge Rosemary Collyer, who had ruled that the ACLU and Yale Law School’s Media Freedom and Information Access Clinic lacked the necessary standing to pursue their case in court.
https://www.scmagazine.com/in-historic-decision-fisa-court-allows-nsa-surveillance-transparency-lawsuit-to-continue/article/707204/

 

Survey of bug bounty hunters shows who pans for pwns
But now, with even the government embracing “bug bounty” programs in an attempt to close vulnerabilities in systems before attacks happen, companies that manage “crowdsourced” vulnerability-disclosure programs are starting to move deeper into more conservative corporate territory. And as they do, companies like HackerOne, Synack, and Bugcrowd are placed in the position of having to convince people who view all hackers as security risks that their vulnerability hunters come in peace, just as the ranks of their “crowds” of would-be white hats swell.
https://arstechnica.com/information-technology/2017/11/bugcrowd-unmasks-sort-of-hackers-to-cast-vulnerability-hunters-in-better-light/

 

Microsoft Patches 20 Critical Vulnerabilities
Microsoft tackled 53 vulnerabilities with today’s Patch Tuesday bulletin. Remote code execution bugs dominated this month’s patches, representing 25 fixes. In total, 20 of Microsoft’s security fixes were rated critical. Notable are four vulnerabilities with public exploits identified by Microsoft as CVE-2017-11848, CVE-2017-11827, CVE-2017-11883 and CVE-2017-8700. But, according to an analysis of Patch Tuesday fixes by Qualys, none of the four are being used in active campaigns.
https://threatpost.com/microsoft-patches-20-critical-vulnerabilities/128891/

 

Defense Department’s vulnerability disclosure program racks up 2,837 security flaws
Implemented just after the agency introduced its successful Hack the Pentagon bug bounty program, the initiative, spearheaded by the department’s Defense Digital team, has unearthed more than 100 vulnerabilities deemed critical and has attracted about 650 white hat hackers from more than 50 countries who have scoured the Defense Department’s public-facing websites for flaws. HackerOne said that, in addition to the United States, India, Russia, the U.K., France, Pakistan, Canada, the Philippines, Egypt and Australia are the top flaw-reporting countries to date.
https://www.scmagazine.com/defense-departments-vulnerability-disclosure-program-racks-up-2837-security-flaws/article/707036/

 

2017 Has Broken the Record for Security Vulnerabilities
There were some 16,006 vulnerabilities disclosed through September 30, which is more than all of 2016, when there were 15,832, according to new data published today by Risk Based Security. The number of bugs as of Q3 represents an increase of 38% over Q3 2016. According to Risk Based Security, that’s 6,295 more security vulnerabilities than those reported in the CVE and National Vulnerability Database.
https://www.darkreading.com/threat-intelligence/2017-has-broken-the-record-for-security-vulnerabilities/d/d-id/1330410

 

5 Things to Do Now: the USB/JTAG/IME Exploit
On November 8th, a security researcher (twitter: @h0t_max) announced they have found a vulnerability using the JTAG bus via USB to attack the Intel IME.  This vulnerability is present in most, and possibly all, Intel Skylake and newer processors, with some reports claiming that “all Intel procs from 2008 and newer are susceptible.” Let’s pause there.  If you’re wondering what that fearsome word salad means, you’re not alone.  To bring everyone to the same page, here’s a mocha breve we’ve disguised as a skinny latte.
https://criticalinformatics.com/5-things-to-do-now-usb-jtag-ime-exploit

 

Research confirms the cybersecurity skills shortage is an existential threat
41 percent said the cybersecurity staff is forced to spend a disproportionate amount of time on high-priority issues and incident response with limited time spent on planning, strategy, or training. […] Meanwhile, organizations have no time for proactive measures to improve cybersecurity efficacy, streamline operations, or mitigate risk. That means they aren’t prepared for emerging threats and continue to rely on a culture of emergency response.
https://www.csoonline.com/article/3237049/security/research-confirms-the-cybersecurity-skills-shortage-is-an-existential-threat.html

 

Someone hacked N. Korean Radio Station to Play “The Final Countdown”
This incident took place on November 9th and revealed on social media by a pro-USA hacker “The Jester” who previously came in the news for targeting whistleblower Edward Snowden and WikiLeaks’ founder Julain Assange and also for defacing Russian Ministry of Foreign Affairs with a pro-American message. “A god among us has hijacked 6400kHz (North Korean station) and is playing the Final Countdown,” The Jester said in a Tweet along with recording link for hijacked broadcast.
https://www.hackread.com/someone-hacked-n-korean-radio-station-to-play-the-final-countdown/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.