IT Security News Blast 12-11-2017

Network Security as a Differentiator

The 4 Forces Accelerating Infosec as a Competitive Differentiator
Although it is true that businesses can use security to gain an increasingly relevant advantage over slower moving competitors, that differentiation isn’t tracked as “ROI” that security delivers.  Rather, delivering trust and privacy to consumers is becoming table stakes for all business, and security is slowly becoming a market-driven assumption, instead of a perfunctory line item on an expense report.
https://www.csoonline.com/article/3241119/data-protection/the-4-forces-accelerating-infosec-as-a-competitive-differentiator.html

 

Companies must focus on managing cyber-attacks, not eliminating them
At a minimum, organizations should ensure that mechanisms are in place to minimize the damage caused by inevitable cyber-infiltrations so that if criminals are able to breach a system they won’t necessarily be able to exit with anything of value.
http://business.financialpost.com/pmn/business-pmn/companies-must-focus-on-managing-cyber-attacks-not-eliminating-them

 

Swiss Brace for Bank Cyber Hacks
The recommendations (in German) come shortly after U.S. banks have reportedly launched a doomsday shield dubbed «Sheltered Harbor» against a potentially debilitating cyberattack. A hack of American consumer credit agency Equifax, made public three months ago, compromised data of as many as 145 million Americans.
https://www.finews.asia/finance/26134-swiss-banking-cyber-attacks-private-banking-banking-secrecy-defenses

 

Henry Ford Health System data breach compromised data of nearly 20,000 patients
Patient names birthdates, medical record numbers, provider names, dates of service, department names, locations, medical conditions and health insurers were compromised in the incident.  On Oct. 3, 2017, officials learned someone gained access to or stole the email credentials of a group of employees. These credentials enabled access to employee’s emails which contained the patient health information.
https://www.scmagazine.com/henry-ford-health-system-data-breach-compromised-data-of-nearly-20000-patients/article/713052/

 

A Trove of 1.4 Billion Clear Text Credentials File Found on Dark Web
The dump was discovered on a dark web forum on December 5th, 2017 in which the total amount of data is 1,400,553,869 with usernames/emails and their clear text password. “This database makes finding passwords faster and easier than ever before. As an example searching for “admin,” “administrator” and “root” returned 226,631 passwords of admin users in a few seconds,” explains 4iQ’s Julio Casal.
https://www.hackread.com/billion-of-credentials-found-on-dark-web/

 

German intelligence warns of increased Chinese cyber spying
Hans-Georg Maassen said his agency, known by its German acronym BfV, believes more than 10,000 Germans have been targeted by Chinese intelligence agents posing as consultants, headhunters or researchers, primarily on the social networking site LinkedIn. “This is a broad-based attempt to infiltrate in particular parliaments, ministries and government agencies,” Maassen said.
http://www.livemint.com/Politics/gCy5Bvn4EUsxZgDIBGJnJP/German-intelligence-warns-of-increased-Chinese-cyber-spying.html

 

North Korea Trying to Hack Bitcoin Exchanges
North Korea used to focus their cyber espionage on traditional state activities. That all began to change in 2016, when the cyber security company FireEye began to note that North Korea began to target banks and the global financial system. 2017 has seen several attacks against South Korean cryptocurrency exchanges, and this activity has since spread to banking groups in Europe and South Korea, Bitcoin exchanges, and even an ATM company.
https://bitcoinist.com/north-koreas-hackers-now-targeting-bitcoin/

 

ISIS hackers take down one US township website after threatening global cyber attack starting today
They threatened a massive cyber attack on governments and armies around the world starting with ‘the cursed Unites States’ today. But ISIS hackers have only managed to take down a US township website. A group called Electronic Ghosts of the Caliphate hacked the Gloucester Township site and posted threats on its homepage, writing: ‘You will see the lions of the Caliphate in your homes roasting your bodies.’
http://www.dailymail.co.uk/news/article-5160089/ISIS-hackers-local-council-website.html

 

Twitter and Facebook will be fined up to £20million if they fail to tackle cyber-bullying in government crackdown
Digital Minister Matt Hancock last night said a package of new powers would force social media giants for the first time to make their software and products “age appropriate”. Websites will have to be tailored for younger users, and children’s accounts will have the highest possible privacy settings as a ‘default setting’. Mr Hancock said companies which did not abide by a new code of practice written into Government legislation could face fines of as much as £20 million.
https://www.thesun.co.uk/news/5109617/twitter-and-facebook-will-be-fined-up-to-20million-if-they-fail-to-tackle-cyber-bullying-in-government-crackdown/

 

Exposing Russian Interference – The Value of Real-Time Forensics
Bringing transparency to Russia’s efforts to soil our democratic process would inoculate the American public against Russian influence not by censoring or blocking Kremlin-linked accounts, but rather by disseminating the truth. The Kremlin has been focused on not only sowing divisions within American society, but also acquiring followers on social media and networking sites and, by extension, gaining a position of influence to more effectively spread their views on geopolitical issues such as Ukraine and Syria.
https://www.thecipherbrief.com/column/cyber-advisor/exposing-russian-interference-value-real-time-forensics

 

Start-ups see opportunity in tackling fake news
New Knowledge has seen revenues double in the past six months since it started focusing on misinformation. It uses machine learning technology to identify bots and break down different topics of conversation to spot where people are able to change the language used to discuss a topic, a sign that a community may be changing its beliefs. Mr Morgan says that if organisations spot the misinformation early enough, they can take action.

https://www.ft.com/content/ddc1f4e6-da16-11e7-a039-c64b1c09b482

 

EC amicus brief in Microsoft Irish server case to school SCOTUS on data protection laws
“Given that the transfer of personal data by Microsoft from the EU to the U.S. would fall under the EU data protection rules, the Commission considered it to be in the interest of the EU to make sure that EU data protection rules on international transfers are correctly understood and taken into account by the U.S. Supreme Court,” the commission said in a statement, noting that “the amicus brief will not be in support of either one of the parties.”
https://www.scmagazine.com/ec-amicus-brief-in-microsoft-irish-server-case-to-school-scotus-on-data-protection-laws/article/713067/

 

Cyberattack detector, gunshot sensor and other new inventions cement Pacific Northwest National Lab’s place among elite R&D centers
SerialTap is an “inexpensive, elegant way” to detect cyberattacks on public water and electric utilities and transportation systems, said researcher Thomas Edgar. “It provides us a way to see what is happening and take action if something funny is going on, before a critical event happens.” The device is small and can be plugged straight into systems built decades ago that lack modern-day means of sensing an attack.
https://www.geekwire.com/2017/cyberattack-detector-gunshot-sensor-new-inventions-cement-pacific-northwest-national-labs-place-among-elite-rd-centers/

 

Botnets: how Your Computer Might Be Secretly Doing The Work of International Criminals
Indeed, one of the growing aspects of botnets is devices that aren’t computers – but appliances, home cameras, and other internet-connected bits of kit that might be sitting around the house. People aren’t necessarily even aware that these are connected to the internet, let alone that they need to be updated and kept secure like a computer – what’s more, with many cheap devices there might not actually be an obvious way to do so.
http://www.independent.co.uk/life-style/gadgets-and-tech/features/botnets-security-cyber-andromeda-how-to-stay-safe-update-computer-internet-of-things-a8099996.html

 

Keylogger found in keyboard driver of 475 HP notebook models
In this newest go around, security researcher ZwClose discovered a keylogger in in the keyboard driver – the Synaptics Touchpad driver, or SynTP.sys file, which shipped with nearly 500 HP laptop models. […] As for how it was an “oops,” HP maintained the keylogger was “debug trace” which accidentally was not removed.
https://www.csoonline.com/article/3241237/security/keylogger-found-in-keyboard-driver-of-475-hp-notebook-models.html

 

Microsoft Issues Emergency Patch for ‘Critical’ Flaw in Windows Security
The remote code execution vulnerability (CVE-2017-11937) in the Microsoft Malware Protection Engine would allow an attacker to gain full control of Windows 7, 8, 10, and Windows Server systems via the Windows Defender feature that uses it. Also affected by the flaw are Microsoft Endpoint Protection, Microsoft Exchange Server 2013 and 2016, Microsoft Forefront Endpoint Protection, Microsoft Forefront Endpoint Protection 2010, and Microsoft Security Essentials.
https://www.darkreading.com/vulnerabilities—threats/microsoft-issues-emergency-patch-for-critical-flaw-in-windows-security/d/d-id/1330595

 

Android Flaw Allows Attackers to Poison Signed Apps with Malicious Code
The technique allows an attacker to circumvent device anti-malware protection and escalate privileges on targeted device with a signed app that appears to be from a trusted publisher, according to researchers. The vulnerability, dubbed Janus, was discovered earlier this summer by Eric Lafortune, CTO of GuardSquare. He reported the bug (CVE-2017-13156) to Google in July. Google patched the vulnerability as part of its December Android Security Bulletin. Public disclosure of the bug was Thursday.
https://threatpost.com/android-flaw-poisons-signed-apps-with-malicious-code/129118/

 

Top-selling handgun safe can be remotely opened in seconds—no PIN needed
As the video demonstration below shows, researchers with security firm Two Six Labs were able to open a VT20i safe in a matter of seconds by using their MacBook Pro to send specially designed Bluetooth data while it was in range. The feat required no knowledge of the unlock PIN or any advanced scanning of the vulnerable safe. The hack works reliably even when the PIN is changed. All that’s required to make it work is that the safe have Bluetooth connectivity turned on.
https://arstechnica.com/information-technology/2017/12/top-selling-handgun-safe-can-be-remotely-opened-in-seconds-no-pin-needed/

 

Someone hacked this traffic sign with anti-Trump messages
A traffic sign near North Central Expressway in Dallas was hacked by unknown perpetrator on Friday (November 8th) night and defaced with an obscene message against the President of United States Donald Trump and his voters. The defacement not only shocked people but also caused traffic issues after drivers decided to take snapshots of the sign that said “I got one thing to say fu** Donald Trump bit** A** and fu** ya all for voting for that s***.
https://www.hackread.com/someone-hacked-traffic-sign-anti-trump-message/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>