IT Security News Blast 12-07-2017

Top 5 Department Security Risks

Online Fraud Dropped 33 Percent Between Black Friday and Cyber Monday
The average online fraud rate in 2016 was 1.181 percent, dropping to 0.993 percent in 2017. During the Black Friday to Cyber Monday period in 2016, the online fraud rate was 1.373 percent — it dropped to 0.921 percent during the same period in 2017. Similarly, fraud using U.S. IDs during the Black Friday to Cyber Monday period grew 182 percent from 2014 to 2016, then dropped 29 percent in 2017.


Risky Business: How The Government Can Reduce Contractor Cyber Risk
The good news is that federal agencies are beginning to catch up to the constantly evolving nature of cyber risk, instituting fresh cybersecurity requirements over the past year for vendors seeking contracts from the federal government. The bad news is that the dozens of new requirements were first mooted as long ago as in 2012 — a regretfully slow pace of reform that, if understandable given the scope and complexity of federal contracting, cannot keep up to the constantly evolving nature of digital threats.


“Malware-free” attacks mount in big breaches, CrowdStrike finds
The majority of attacks the company responded to did not leverage file-based malware but instead exploited a combination of the native software of victims’ systems, memory-only malware, and stolen credentials to gain access and persist on the targeted networks. And the average attack persisted for 86 days before being detected.


Mecklenberg, N.C. county officials consider paying cyberattacker’s ransom demand
Mecklenberg County, which has 1 million residents, joins a growing list of municipalities that have been struck recently. The City of Spring Hill, Tenn. is a recent victim, but had backed up its system and was able to rebuild its network without having to pay the ransom.


NiceHash diced up by hackers, thousands of Bitcoin pilfered
While NiceHash did not put a number or dollar account on the lost cryptocurrency, estimates are that the loss stands to be around $60m. NiceHash says it will relaunch itself with improved security “at the earliest opportunity.” The site’s administrators are also recommending users change any shared passwords they used on NiceHash.


The Cryptocurrency Crackdown
PlexCorps raised $15 million of investor funds from thousands of people who purchased PlexCoins or PlexcCoin Tockens—marketed by PlexCorps as “the next decentralized worldwide cryptocurrency”—since August, according to the complaint filed by the SEC. In doing so, the SEC alleges, PlexCorps defrauded its investors by making unrealistic promises that they would make anywhere from 200 percent to 1,354 percent returns—depending on how early they bought—in less than a month if all 400 million available PlexCoins were sold.


Missouri CISO honored with national award for work in cybersecurity
“The nominations for the 2017 SANS Difference Maker Awards represent some interesting trends in cybersecurity,” Pescatore said in a press release. “From more innovative methods to increase the cybersecurity talent pool to creative, low-cost ways of finding and fixing vulnerabilities, this year’s winners have demonstrated they are working hard and making a difference in advancing security.”


These 3 departments are causing the biggest cybersecurity problems at your office
1. IT
2. Finance
3. The C-suite


Cybersecurity professionals aren’t keeping up with training
Clearly, cybersecurity pros should keep their skills up to date through continuous education and training, but unfortunately, the research also indicates this isn’t happening:
·       Two-thirds (67 percent) admit they try to keep up with training but lament that it is hard to do so because of the demands of their jobs.
·       Only 38 percent of cybersecurity pros say their organizations provide the right level of training and education on the latest threats and TTPs. Alarmingly, 27 percent of survey respondents say their organization should provide significantly more.


BlackBerry calls for stricter internet of things security standards
Speaking to Computer Weekly in Singapore, Manea said such standards should detail specific security requirements, such as mandating that every IoT device supports software updates. […] “The fundamental concepts of authentication and data encryption should apply to all internet-connected devices, but at the same time, there will be standards that make sense for some IoT devices and not others,” he said.


Our Chips, Code Are More Secure Than Silicon Valley’s: Northrop Grumman
That means, Northrop told visiting reporters here, that commercial cybersecurity solutions may be adequate against casual hackers and criminals, but not against a nation-state that can devote thousands of trained personnel to reverse engineering. Since Northrop builds electronics for military command systems, radars, radios, and weapons, it needs an edge the enemy can’t just buy. “You cannot get this commercially,” said Northrop cyber expert Vern Boyle, showing reporters a thumb-sized processor. “Our government is the only one that can get this.”


Russian Media Outlet Links Treason Case Against Top Cyber-Crime Fighters to American Election Hacking
It was Mikhailov and his team who provided U.S. intelligence officials with information about the GRU’s attack, the Bell’s sources said. […] According to the Bell’s sources, the men are not officially being tried on charges of leaking information on the GRU’s alleged DNC hack. Russia has consistently denied all accusations of election meddling, so trying the men for passing on information on election meddling— even behind closed doors — would be a tacit admission of guilt, says the Bell.


Alleged Cyber Crime Kingpin Arrested in Belarus
Swedish-American cyber security firm Recorded Future said they have “a high degree of certainty” that the arrested Belarussian is “Ar3s”, a prominent hacker in the Russian speaking cybercrime underground since 2004, who the firm has identified as the creator of the Andromeda botnet, among other hacking tools.


Ethiopian Cyber-Spies Left Spyware Operational Logs on Public Web Folder
The Citizen Lab team became more interested in the attacks and eventually discovered that the malware packed with the fake Flash Player and PdfWriter apps was communicating with an online C&C server that was exposing its web folders. Inside these web folders, researchers found everything they needed to understand what attackers were after, including logs of the attackers’ IP addresses, and a detailed list of targets the Ethiopian government operatives were trying to infect and keep under surveillance


Evidence That Ethiopia Is Spying on Journalists Shows Commercial Spyware Is Out of Control
If a government wants to collect evidence on a person in another country, it is customary for it to make a formal legal request to other governments through a process like the Mutual Legal Assistance Treaties. Ethiopia appears to have sidestepped all of that. International norms would suggest a formal démarche to Ethiopia from the governments whose citizens it monitored without permission, but that may happen quietly if at all.


How the NSA could spy on any American phone — without congressional approval
The vulnerability of the SS7, combined with the leeway Section 702 gives to intelligence and law-enforcement agencies, poses a great threat to personal privacy. If this breach has been known for years, why isn’t anyone dealing with it? Telecom companies are well aware of this breach, but are reluctant to fix it since it is expensive and will require huge global investments to update many systems worldwide.


Expert: ISIS video claiming a cyber attack is credible
Terror Warning! A new pro-ISIS video claims a cyber terrorist attack on the United States begins this Friday. A former Central Intelligence Agency agent, Lisa Ruth tells CBS 12 this threat is credible because the terrorist group has hacked into military websites before.Ruth says sophisticated ISIS hackers are looking to make a statement to remind us they’re still relevant after being relatively quiet for a few months.


Preparing for the Coming Hacks
HBO is just the latest victim of unauthorized entry into its video operations. […] These kinds of attacks are becoming more common and more serious, said Rob Caldwell founder and CEO for Obor Digital, which, along with TV Technology, conducted a series of Cyber “boot camps” for broadcasters this fall. “In the case of content producers, the threat is to their bottom line,” he said. “Who will pay to see premium video content if hackers are making it available for free?”


HBO Hacker Was Part of Iran’s “Charming Kitten” Elite Cyber-Espionage Unit
Behzad Mesri, the Iranian national the US has accused of hacking HBO this year, is part of an elite Iranian cyber-espionage unit known in infosec circles as Charming Kitten, according to a report released yesterday by Israeli firm ClearSky Cybersecurity. […] [Parts] of the old Charming Kitten infrastructure, such as malware and credential theft resources, have been reused by another Iranian cyber-espionage unit named Rocket Kittens, and possibly more.


Google and pals rush to repair Android dev tools, block backdoor risks
Security researchers have found several flaws in the developer tools and environments used by Android programmers. The flaws, if exploited, would enable hackers to exploit the developer environments and insert malicious code (like adware or a cryptominer) into legitimate apps, without the developers of those kosher apps knowing about it.



Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.