IT Security News Blast 2-28-2017

Manafort’s Ukrainian ‘blood money’ caused qualms, hack suggests

The texts, posted on a darknet website run by a hacktivist collective, appear to show Manafort’s family fretting about the ethics, safety and consequences of his work for Yanukovych. And they reveal that Manafort’s two daughters regarded their father’s emergence as a key player on Trump’s presidential campaign with a mixture of pride and embarrassment.

Evolved Version of MongoDB Ransomware Caught Targeting MySQL Databases

Earlier in January, we heard about MongoDB ransomware that erased data from not hundreds but thousands of computers and forced the victims to pay ransom money. The same MongoDB ransomware is now back in the news but this time, it is even more powerful and the campaign is also quite sophisticated in design. In the recent attack spree, hundreds of MySQL databases have been targeted and attackers are demanding 0.2 bitcoin (approx. $234) from each victim.

Stuffed toys leak millions of voice recordings from kids and parents

A security vulnerability allowed anyone to view personal information, photos and recordings of children’s voices from CloudPets toys. And at one point, some people tried to hold all of that information for ransom. According to a report compiled by security researcher Troy Hunt, over 820,000 user accounts were exposed. That includes 2.2 million voice recordings. “I suspect one of the things that will shock people is that they probably didn’t think through the fact that when you connect the teddy bear, your kids voices are sitting on an Amazon server,” Hunt said.

Necurs Botnet Learns New DDoS Trick

According to BitSight’s Anubis Labs, the malware was modified in September to include a module that adds DDoS capabilities and new proxy command-and-control communication functions. Necurs is the malware that makes up the botnet that goes by the same name and is currently active on one million Windows PCs, according to researcher Tiago Pereira, threat intel researcher with Anubis Labs.

The AI is Always Watching

Yes, for a personal AI to be truly useful it must have nearly unrestricted access to collect data by watching you in daily life. But I think it goes even a step further. An AI can’t speed-run your Monday over and over the way it would a level of Super Mario World. For machine learning to work in this case it needs to share data across large populations to get a useful set. It would definitely work, but that’s a peeping-tom network of epic proportions. That’s not an uncanny valley, it’s a horror movie plot.

Google Releases E2EMail to Open Source

The project integrates OpenPGP into Gmail via a Chrome extension. KB Sriram, Eduardo Vela Nava, and Stephan Somogyi, of Google’s security and privacy engineering teams, said that engineers have been contributing to the code from inside and out of Google during the past year. They point out that E2EMail targets non-technical users without the need to run an email or OpenPGP client.

Simple and Effective Car Lock Jammer Detector

Operating on the principle that most remote locks work at 433MHz, [Nohawk] describes how criminals ‘jam’ the frequency by holding down the lock button on another device, hoping to distort or outright interrupt the car from receiving the signal to lock the doors. [Nohawk] picked up a cheap 433MHz receiver (bundled with a transceiver), tossed it on a breadboard with an LED connected to the data channel of the chip on a 5V circuit, and voila — whenever the chip detects activity on that frequency, the LED lights up.

Cybersecurity: computers or humans – where does the threat lie?

Corporates may feel relatively safe behind these walls of digital security. But threats still remain. Often, the weak link in security is not digital, but human. […] This means that the most common risk faced today is what is known as “social engineering”, which involves a scammer working as a so-called “man in the middle” – deceiving staff employees to glean sensitive financial information, and manipulating them to unwittingly perform fraudulent transactions.

Virginia businesses could be subject to New York cyber regulation

The new regulation is perhaps the most detailed in the country to date and sets forth unprecedented requirements for covered entities.  Yet, it also provides a good degree of flexibility for companies for implementation.  The regulation becomes effective as of March 1.  For those entities that sat back during the rule making and comment period, they may be behind the eight-ball at this point.

20 Questions for SecOps Platform Providers

The security operations platform is quickly emerging as a favorite talking point for 2017, even for organizations that do not find themselves with an expansive budget to improve their security maturity and posture. Of course, doing so is a complex undertaking with a wide variety of moving parts. Or is it? Historically, advanced SecOps has been beyond the reach and resources for all but the most elite organizations. Today, the cloud has opened up new possibilities for these enhanced capabilities at reduced cost. This, in turn, creates new opportunities for mid-sized and smaller enterprise-sized organizations.

Google Chrome 56’s crypto tweak ‘borked thousands of computers’ using Bluecoat security

Six days ago, an IT administrator with Montgomery County Public Schools in Maryland reported that following the update to Chrome version 56, almost a third of the 50,000 Chromebooks he manages became “stuck in a state of flickering between a login screen and a ‘Network not available’ screen.” He also said that some of the roughly 45,000 Windows PCs he manages were affected. The admin said Blue Coat 6.5 doesn’t appear to support TLS 1.3.

126 vBulletin forums hacked; 819,977 accounts leaked on hacking forums

Recently, a hacker going by the online handle of “CrimeAgency” on Twitter is claiming to have hacked 126 vBulletin (vB) based web forum stealing personal data of forum’s administrators and registered users ending up leaking it on an underground hacking forum. The data was scanned by online data mining and breach notification platform Hacked-DB.

How sweet it isn’t: W-2s of 3K Amalgamated Sugar workers exposed

A hacker posing as the company’s CEO sent an email to an employee in the corporate office requesting W-2s. Believing the authentic-looking email was legitimate (the email address appeared to come from the CEO), the unwitting employee complied with the request and emailed 2016 W-2s of employees at several of the company’s facilities to the hacker.

Does Cyber Security Have An Operational Excellence Problem?

Quality security is not just about the strengths of the locks and other mechanisms that make up the anatomy of a cyber security solution. To complete the solution cyber security must also be about enforcing processes. Process discipline can be redundant and monotonous, but it’s how quality protection is implemented and solidified. Just look at the way the Secret Service or the military go about their security procedures – agents and soldiers are trained on how to do the same routines over and over to ensure safety.

Will a cyber crisis add to chaos of Trump’s first 100 days?

The Forrester brief said possible crises could range from a cyber attack by another country to a heightened debate within the country over new digital security and privacy laws. And given the constant barrage of major cyber incidents in both the public and private sectors, such a prediction seems about as certain as predicting that Trump will take to Twitter sometime during the week.

Russia’s Mysterious Cyber Treason Case Just Got Even Sketchier

According to a Reuters source, the treason charges are related to accusations made by a Russian businessman named Pavel Vrublevsky seven years ago. In 2010, Vrublevsky, founder of internet payment firm ChronoPay, reported the suspects to authorities. He claimed that they had passed state secrets to American firms including Verisign, a company that specializes in domain name services and internet security, which then turned them over to US intelligence.

New National Cyber Incident Response Plan

This plan expands on recent policy updates, such as the Presidential Policy Directive/PPD-41, to clarify the Federal Government’s roles and responsibilities for preparing for, responding to, and recovering from significant cyber incidents. It describes a national approach to cyber incidents, and explains the important role that the private sector, states, and multiple federal agencies play in incident response and how those activities fit together.

Apparel, Food Delivery Hardest Hit by Online Fraud Attacks

Attacks against apparel companies rose 69.9% in 2016 and attacks against food delivery companies jumped 49.8%, compared with the year before, according to the research released today by Forter in conjunction with the Merchant Research Council. Domestic orders have also shown a notable rise in fraud attack rate, becoming 79% riskier than they were in 2015. This has had a direct impact on the bottom line risk, resulting in a shift from $2.70 at risk per $100 of sales in Q4 2015, to $4.98 in Q4 2016.

San Francisco Tapped for Hackaday Unconference on March 18th

You can talk about anything you want, but constraints help. The theme of this Unconference is Build Something that Matters, a mantra we take seriously around here. We’ve spent more than our fair share of time hacking and designing without any purpose other than a learning adventure. But sometimes you should direct those mad skills toward something that does some good. As you think of what you might discuss in your eight-minutes-of-glory ask yourself what things matter to you and how your builds could fit into it. We can’t wait to hear your answers to that question.

I’ll never bring my phone on an international flight again. Neither should you.

How many potentially incriminating things do you have lying around your home? If you’re like most people, the answer is probably zero. And yet police would need to go before a judge and establish probable cause before they could get a warrant to search your home. What we’re seeing now is that anyone can be grabbed on their way through customs and forced to hand over the full contents of their digital life.