News Items

  • news

    Visible to the public "Fileless Attacks Designed to Disguise Malicious Activity up 265%"

    It has been discovered that in 2019, there has been a surge in fileless attacks designed to disguise malicious activity. Detections of this threat were up 265% compared to the first half of 2018. Cryptomining malware remained the most detected threat in the first half of 2019. Cryptomining was increasingly being deployed on servers and in cloud environments. Additionally, it was discovered that digital extortion schemes soared by 319% from the second half of 2018. In order for an organization to mitigate these advanced threats, it requires smart defense-in-depth, that can correlate data from across gateways, networks, servers and endpoints to best identify and stop attacks.

    Help Net Security reports: "Fileless Attacks Designed to Disguise Malicious Activity up 265%"

  • news

    Visible to the public "Cybersecurity Vendor That Protects Firms from Data Breaches Hit by Data Breach"

    Cybersecurity vendor, Imperva, recently disclosed information pertaining to the exposure of data belonging to its cloud firewall customers. The number of customers that have been impacted by this data breach has not been specified. The information exposed in the breach includes email addresses, API keys, passwords, and SSL certificates. In response to the incident, Imperva has forced customers to reset their passwords and implemented a 90-day password expiration policy for the Cloud Web Application Firewall (WAF) product. This article continues to discuss the Imperva data breach in regard to its disclosure, impact, and response.

    TNW reports "Cybersecurity Vendor That Protects Firms from Data Breaches Hit by Data Breach"

  • news

    Visible to the public "Websites Have Been Quietly Hacking iPhones for Years, Says Google"

    Security researchers at Google's Project Zero have brought attention to the presence of security flaws in iPhones that have allowed hacked websites to distribute malware to the devices for at least two years. According to researchers, the malware delivered to iPhones through compromised websites allowed hackers to steal sensitive information such as passwords, messages, contacts, location data, and more. The perpetrators behind the hacking campaign have not been identified yet. However, the hacking campaign is believed to be nation-backed because of its scope, persistence, and launch. This article continues to discuss the mass iPhone hack in relation to its discovery, links, targets, and potential impact.

    MIT Technology Review reports "Websites Have Been Quietly Hacking iPhones for Years, Says Google"

  • news

    Visible to the public "New Botnet Targets Android Set-Top Boxes"

    Researchers at the device cybersecurity company, WootCloud, discovered a new internet-of-things (IoT) botnet, called the ARES ABD botnet. The IoT botnet targets Android set-top boxes produced by HiSilicon, Cubetek, Qezy Media, and other vendors. ARES abuses misconfigured Android Debug Bridge (ABD) interfaces on set-top-boxes. An ABD is a command-line tool used to communicate with a device in order to perform installations, debugging, and more. Set-top-boxes compromised by ARES are being used to launch additional attacks such as distributed denial-of-service attacks, cryptomining attacks, brute-force password-cracking attacks, and more, on other devices. This article continues to discuss the ARES ABD Botnet in relation to its impact, targets, and prevention, along with the frequent targeting of other computer IoT devices to build botnets.

    Dark Reading reports "New Botnet Targets Android Set-Top Boxes"

  • news

    Visible to the public "Dangerous Cryptomining Worm Racks Up 850K Infections, Self-Destructs"

    U.S. and French law enforcement with help from researchers at Avast took down a cryptomining worm, called Retadup. Law enforcement efforts resulted in the neutralization of 850,000 infections. The worm was discovered to be distributing XMRig, which is a malicious Monero cryptocurrency miner. Retadup largely targeted computers in Latin America that run the Windows operating system. The Avast Threat Intelligence team conducted an analysis of Retadup, which revealed that the worm's command-and-control infrastructure also had the ability to distribute other malware in addition to the miner. This article continues to discuss the Retadup worm in relation to its impact, process, capabilities, and takedown.

    Threatpost reports "Dangerous Cryptomining Worm Racks Up 850K Infections, Self-Destructs"

  • news

    Visible to the public "App Allows Inspectors to Find Gas Pump Skimmers Faster"

    Fraudsters use skimmers as a physical means to perform data theft. Skimmers are small devices that can be attached to a gas pump or an ATM's card reader to harvest credit and debit card numbers as users swipe their cards. These devices use Bluetooth to transmit the stolen data. An app to detect skimmers at gas pumps, called Bluetana, has been developed by a team of computer scientists at UC San Diego and the University of Illinois with technical input from the United States Secret Service. Bluetana will not be made available to the general public as it is only intended to be used by state and federal inspectors. Through the use of Bluetana, 42 Bluetooth-based skimmers have been discovered in three U.S. states. This article continues to discuss the Bluetana app, the concept of skimmers, and the need to develop more techniques to detect such tools used by criminals.

    Science Daily reports "App Allows Inspectors to Find Gas Pump Skimmers Faster"

  • news

    Visible to the public "Ransomware Attacks Have More Than Doubled This Year"

    There has been a significant increase in ransomware attacks this year. According to McAfee Labs Threats Report for August 2019, ransomware attacks increased by 118% in the first quarter of 2019. In addition, security researchers have observed the use of more powerful malware and the adoption of new attack techniques by cybercriminals in the launch of ransomware attacks. Recent incidents indicate that ransomware remains a significant threat to government agencies, financial institutions, schools, businesses, and individuals. Dharma, Ryuk, and GandGrab are cited as the most productive ransomware families. This article continues to discuss the rise in ransomware attacks, the three most prolific ransomware families highlighted by researchers, and how organizations can avoid falling victim to such attacks.

    ZDNet reports "Ransomware Attacks Have More Than Doubled This Year"

  • news

    Visible to the public "New Ransomware Grows 118% as Cybercriminals Adopt Fresh Tactics and Code Innovations"

    McAfee Labs discovered that on average, their were 504 new threats per minute in Q1 2019, and a resurgence of ransomware along with changes in campaign execution and code. They also discovered that 2.2 billion stolen account credentials were made available on the cybercriminal underground, over the course of the quarter. 68 percent of targeted attacks, utilized spear-phishing for initial access,while 77 percent relied upon user actions for campaign execution. Overall, new ransomware samples had increased 118 percent within the first Q1 2019.

    Help Net Security reports: "New Ransomware Grows 118% as Cybercriminals Adopt Fresh Tactics and Code Innovations"

  • news

    Visible to the public "DHS Asks for Feedback on Vulnerability Disclosure Program"

    The U.S. Department of Homeland Security (DHS) seeks feedback in regard to an enterprisewide vulnerability disclosure program, which will allow ethical hackers to safely and legally disclose hackable vulnerabilities found in the department's systems. Information pertaining to vulnerabilities contained by Homeland Security systems will help the agency fix security gaps before they uncovered and exploited by adversaries. This article continues to discuss the planned structure of the vulnerability disclosure program and how this program will benefit security researchers.

    NextGov reports "DHS Asks for Feedback on Vulnerability Disclosure Program"

  • news

    Visible to the public "Hackers Could Steal a Tesla Model S by Cloning Its Key Fob—Again"

    In 2018, researchers from Belgium's KU Leuven university discovered a security vulnerability in the Tesla Model S that could allow hackers to create a duplicate of the car's key fob in order to unlock and steal the car. In response to this discovery, Tesla created a new version of its key fob that addressed the vulnerability. However, researchers have recently uncovered another vulnerability, which impacts the new key fobs. The exploitation of this vulnerability could also enable hackers to clone the keys and drive off with the vehicle. This article continues to discuss the new key fob cloning attack against Tesla's Model S cars and other discoveries surrounding the insecurity of keyless entry systems.

    Wired reports "Hackers Could Steal a Tesla Model S by Cloning Its Key Fob--Again"

  • news

    Visible to the public "1 in 4 Employees Would Steal Company Information to Secure Their Next Job"

    It has been discovered that nearly one in four (24%) of employees that were surveyed said they would take company information to help apply for a position at a competitor. The Gurucul study also found that managed service providers or MSPs (34%) and developers (30%) pose the leading sources of third party risk, and that if someone was to commit fraud it would most likely occur in the finance department (32%). These findings show that insider fraud needs to be a top concern among IT security professionals, as well as security risks associated with third parties that have privileged access to corporate resources.

    Help Net Security reports: "1 in 4 Employees Would Steal Company Information to Secure Their Next Job"

  • news

    Visible to the public "Smartphone Apps May Connect to Vulnerable Backend Cloud Servers"

    A team of researchers from the Georgia Institute of Technology and Ohio State University has discovered more than 1,000 security flaws in the backend systems used for the top 5,000 apps available in the Google Play Store. These backend systems are used for the delivery of content and advertising to smartphone applications via a network of cloud-based servers. According to researchers, the exploitation of these vulnerabilities enable the infiltration of databases and users' mobile devices by hackers. An automated system, called SkyWalker, has been developed by the researchers to help examine the security of the cloud-based servers that support smartphone apps. This article continues to discuss the discovery of vulnerabilities in backend servers used for smartphone apps and how SkyWalker will help developers bolster the security of their mobile apps.

    Georgia Tech reports "Smartphone Apps May Connect to Vulnerable Backend Cloud Servers"

  • news

    Visible to the public "Stolen Fingerprints Could Spell the End of Biometric Security – Here’s How to Save It"

    A biometrics database, called Biostar 2, was recently found to be publicly accessible online. Researchers at VPNMentor were able to access the database containing over 27.8 million records, which included unencrypted fingerprint data, facial recognition data, access logs, and more. The Biostar 2 database is used by more than 5,000 organizations in 83 countries, including banks, defense contractors, and the police, for the security of warehouses or office buildings. This biometric data breach highlights the importance of bolstering biometrics security. The use of passwords or blockchain technology have been suggested as ways to improve biometrics security. This article continues to discuss the recent biometric data breach, the major problem with biometric security systems, and how biometrics security can be strengthened.

    GCN reports "Stolen Fingerprints Could Spell the End of Biometric Security - Here's How to Save It"

  • news

    Visible to the public "Over Half of Social Media Logins Are Fraudulent"

    It has been discovered that 53% of all logins on social media sites are fraudulent. The report, analyzed more than 1.2 billion transactions made between April 1, 2019, and June 30, 2019. It was found that 11% of all online transactions, including account registrations, logins and payments, were actually cyber-attacks. It was also found that the attack mix varied across industries, with some spheres more likely to suffer human-driven cyber-attacks, while others were chiefly targeted by bots. The technology industry stood out as heavily targeted by human click-farms and sweatshops, with almost 43% of attacks driven by humans. However, it was the retail industry that saw the highest proportion of human culprits, with a 50/50 split between attacks driven by humans and bot-led assaults.

    Infosecurity reports: "Over Half of Social Media Logins Are Fraudulent"

  • news

    Visible to the public "A Major Cyber Attack Could Be Just as Deadly as Nuclear Weapons"

    Jeremy Straub, an assistant professor of computer science at North Dakota State University, has pointed out the possible catastrophe that could result from a major cyberattack. A significant cyberattack with far-reaching impact could lead to casualties. Straub highlights examples in which hackers have targeted a water treatment plant, power grid, petrochemical plant, and nuclear facility. The security of critical systems such as those used at public utilities, transportation companies, and companies that handle hazardous chemicals must continue to be monitored and improved. This article continues to discuss notable hacking incidents, mutually assured destruction in cybersecurity, the potential launch of nuclear grade cyberattacks, and how to reduce the chance of such attacks.

    The Conversation reports "A Major Cyber Attack Could Be Just as Deadly as Nuclear Weapons"

  • news

    Visible to the public "Router Guest Networks Lack Adequate Security, According to Researchers at Ben-Gurion University"

    A new study conducted by researchers at Ben-Gurion University brings attention to the vulnerability of routers to cross-router leaks resulting from an attack on either a host or guest network. According to researchers, all of the routers examined in this study were vulnerable to cross-network communication as a result of the use of specially crafted network packets. Researchers have recommended a hardware-based solution to ensure that secure and non-secure network devices are isolated from each other as network separation and network isolation helps to prevent the infiltration of networks and the leakage of information. This article continues to discuss the findings of this study in regard to cross-router data leakage as well as the importance of network separation and network isolation in security.

    EurekAlert! reports "Router Guest Networks Lack Adequate Security, According to Researchers at Ben-Gurion University"

  • news

    Visible to the public "Security Researchers Find Several Bugs in Nest Security Cameras"

    Researchers at Cisco Talos have discovered eight vulnerabilities in Nest Cam IQ, a smart security camera developed by Google. According to researchers, these vulnerabilities derive from the implementation of the Internet of Things (IoT) communication protocol, Weave. The exploitation of these vulnerabilities could allow hackers to perform malicious activities such as hijacking cameras, spying on users, preventing the use of cameras, infiltrating home networks, and more. This article continues to discuss the features of Nest security cameras, the vulnerabilities discovered in these cameras, what the abuse of these vulnerabilities could allow hackers to do, and the lack of consideration for security in the development of IoT devices.

    Motherboard reports "Security Researchers Find Several Bugs in Nest Security Cameras"

  • news

    Visible to the public "Cisco Releases New Security Tool to Identify Vulnerabilities in Connected Cars"

    Cisco has released an open-source hardware tool, called 4CAN, to be used by automobile security researchers and car manufacturers to discover vulnerabilities in connected cars. While connected cars offer benefits to users, they also introduce significant security risks. Research has highlighted the increased vulnerability of connected cars to being hacked, manipulated, and disabled by hackers. 4CAN helps in the identification of vulnerabilities contained by connected cars' sensors and controls systems. This article continues to discuss CISCO's resources that are dedicated to improving automobile security as well as the recent release of 4CAN.

    Cisco Magazine reports "Cisco Releases New Security Tool to Identify Vulnerabilities in Connected Cars"

  • news

    Visible to the public "Five Vendors Accounted for 24.1% of Vulnerabilities in 2019 so far"

    It has been discovered that five major vendors accounted for 24.1% of vulnerabilities in 2019 so far. Further analysis reveals that 54% of 2019 vulnerabilities are Web-related, 34% have public exploits, 53% can be exploited remotely, and that 34% of 2019 vulnerabilities do not have a documented solution. This data shows that the practice of targeting open, unsecured databases has contributed to the growing amount of records exposed within the last two years. Companies need to make sure to patch vulnerabilities as quickly as possible once discovered, to limit the amount of damage they can cause.

    Help Net Security reports: "Five Vendors Accounted for 24.1% of Vulnerabilities in 2019 so far"

  • news

    Visible to the public "New Tools to Minimize Risks in Shared, Augmented-Reality Environments"

    Augmented reality (AR) is expected to be increasingly used in group activities such as multi-user gaming or collaborating on projects. Therefore, developers need a better approach to addressing the potential security and privacy issues associated with multi-user AR. Augmented reality differs from virtual reality in that users interact with computer-generated content in the real-world environment. Security researchers at the University of Washington have developed a toolkit, called ShareAR, that could be used by developers to implement collaborative and interactive features into AR technology in a way that does not pose a threat to the security and privacy of users. This article continues to discuss the concept of AR, the expected growth in multi-user AR, and how ShareAR can help address the concerns surrounding this technology.

    Science Daily reports "New Tools to Minimize Risks in Shared, Augmented-Reality Environments"

  • news

    Visible to the public "Data Breaches Increased 54% in 2019 so Far"

    According to Risk Based Security, there has been a 54% increase in data breaches so far this year with a number of 3,800 breaches. The report highlights that outside attacks were the primary cause of these data breaches. The management of sensitive data by third parties also plays a part in the increase in data breaches. This article continues to discuss the significant rise in data breaches, what has contributed to this increase, and which industry has been affected the most.

    TechRepublic reports "Data Breaches Increased 54% in 2019 so Far"

  • news

    Visible to the public "Electric Car Charging Stations May Be Portals for Power Grid Cyberattacks"

    A new study conducted by researchers at the New York University Tandon School of Engineering has brought attention to the possible launch of cyberattacks on urban power grids through the exploitation of electric car charging stations. The connection between electric vehicle charging stations and plug-in electric cars is a high-wattage access point that could be abused by hackers to impact the grid. This article continues to discuss how electric car charging stations and electric vehicles could be exploited to execute an attack on a power grid, along with other incidents in which a power grid has been crippled by hackers and the importance of developing a cybersecurity protocol to protect data produced by electric car charging stations.

    TechXplore reports "Electric Car Charging Stations May Be Portals for Power Grid Cyberattacks"

  • news

    Visible to the public "Organizations Fail to Remediate App Security Vulnerabilities"

    According to the 2019 WhiteHat Application Security Statistics report, vulnerability remediation remains a challenge for organizations. Findings from the analysis of 17 million application security scans show an increase in application testing by organizations. However, there has been a decrease in vulnerability remediation rates. Vulnerability remediation is said to be harder as a result of embedded components, which make up a third of security vulnerabilities found in applications. This article continues to discuss the fall in remediation rates, vulnerabilities surrounding embedded components, and a phase metrics-drive DevSecOps approach to addressing these issues.

    SDTimes reports "Organizations Fail to Remediate App Security Vulnerabilities"

  • news

    Visible to the public "New Vulnerability Found in Internet-Connected Building Automation Devices"

    A cybersecurity researcher, named Bertin Bervis, recently discovered the vulnerability of critical internet-connected smart building devices to an attack in which sensitive information can be stolen from technicians or engineers who interact with these devices. According to Bervis, the attack involves the exploitation of the Bacnet protocol's properties. Bacnet is a building automation protocol that allows monitoring and setup changes to be performed by technicians and engineers. The protocol also enables a variety of key smart systems to be controlled remotely. This article continues to discuss the vulnerability and what its exploitation could allow attackers to do.

    Homeland Security News Wire reports "New Vulnerability Found in Internet-Connected Building Automation Devices"

  • news

    Visible to the public "Serious Flaws in six Printer Brands Discovered, Fixed"

    Researchers have discovered that many companies overlook the security risks of having printers. A security company NCC Group took a closer look at printer security and discovered serious flaws in six popular printer brands that could allow attackers to take over accounts or comb through company documents. The researchers found several classes of bugs that recurred across many of these devices. The problems have since been fixed by the companies.

    Naked Security reports: "Serious Flaws in six Printer Brands Discovered, Fixed"

  • news

    Visible to the public "Attackers Could Be Listening to What You Type"

    A new study conducted by researchers from Southern Methodist University's (SMU) Darwin Deason Institute for Cybersecurity has discovered a way in which hackers can determine what a user is typing in order to obtain personal information. According to researchers, acoustic signals produced when users type on a keyboard, could be intercepted and deciphered by hackers through the use of a nearby smartphone. Using this method, researchers were able to detect what people are typing with a 41 percent accuracy rate. Findings of this study emphasize the need for smartphone makers to increase their efforts toward enhanced privacy in regard to smartphone sensors. This article continues to discuss how this study was conducted by researchers, concerns surrounding 'always-on' sensing devices such as the smartphone, and the accuracy with which attackers can detect what a user is typing.

    Science Daily reports "Attackers Could Be Listening to What You Type"

  • news

    Visible to the public "Link Between Personality Type and Vulnerabilities to Cybercrime"

    It has been discovered that only four in 10 (42%) businesses focus on compliance training as part of their cybersecurity protocol to ensure sensitive data is kept secure. Even more worryingly 63% rely predominantly on passwords to protect their data. The research also went on to identify people's potential strengths and weaknesses, and concluded that that people who focus their attention on the outside world (Extraversion) are more vulnerable to manipulation and persuasion by cybercriminals. People that lean towards Sensing preferences (people that observe and remember details) may be better suited to spotting risks as they arise. Companies need to improve employees' self-awareness, which will lead to them maximizing individual and team performance, and will decrease the likeliness of a cyberattacks from occurring, because of traits an individual has.

    Help Net Security reports: "Link Between Personality Type and Vulnerabilities to Cybercrime"

  • news

    Visible to the public "British Airways Check-In Flaw Exposes Personal Data"

    British Airways (BA) has been discovered to contain a security flaw in its e-ticketing system. According to security researchers at Wandera, the e-ticketing system used by BA lacks encryption, allowing the exposure of passenger data such as booking details, names, telephone numbers, email addresses, and more. The security flaw could also allow malicious actors to modify a passenger's flight booking details. Security experts call for developers to consider security in the design of such systems. This article continues to discuss the flaw discovered in the BA e-ticketing system, what types of data can be exposed through the exploitation of this flaw, BA's response to this discovery, and the importance of designing such systems with security in mind.

    Silicon UK reports "British Airways Check-In Flaw Exposes Personal Data"

  • news

    Visible to the public "Biometrics of One Million People Discovered on Publicly Accessible Database"

    A biometrics database used by banks, defense contractors, and the police was discovered by security researchers to be unprotected online. According to researchers at vpnMentor, the database, called Biostar 2, contained unencrypted fingerprint data, facial recognition data, access logs, and more. As the Biostar 2 database is used by organizations for the security of warehouses and offices, there was also an exposure of user names, passwords, and personal information in relation to employees. This article continues to discuss the breach in regard to what types of data was exposed, how many users have been affected, and the response to this discovery.

    Computing reports "Biometrics of One Million People Discovered on Publicly Accessible Database"

  • news

    Visible to the public "4 Dating Apps Pinpoint Users’ Precise Locations – and Leak the Data"

    It has been discovered that four popular dating apps that together have 10 million users have been found to leak precise locations of their members. The 4 companies include Grindr, Romeo, Recon and 3fun. The researchers found that the location data collected and stored by these apps is also very precise - 8 decimal places of latitude/longitude in some cases. The data collected allowed the researchers to track users exact movements, so that they could tell where individuals lived, socialized, and what paths they used every day to walk. This can be dangerous for individuals using these dating apps, and can lead to them being stalked and even could cause worse things to occur. These companies have been notified of this.

    Threatpost reports: "4 Dating Apps Pinpoint Users' Precise Locations - and Leak the Data"

  • news

    Visible to the public "New Vulnerability Risk Model Promises More-Efficient Security"

    Michael Roytman, chief data scientist at Kenna Security, and Jay Jacobs, a security data scientist at the Cyentia Institute, gave a presentation at the 2019 Black Hat security conference in which they discussed a Predictive Vulnerability Scoring System. They further highlighted the challenge of prioritizing vulnerabilities. Organizations must be able to identify the vulnerabilities that pose the greatest risk to their most critical systems. Roytman and Jacobs have developed a methodology, called the Exploit Prediction System (EPSS), which improves upon remediation prioritization by using different factors such as the CVE, CVSS score, exploits in the wild, and more, to predict whether a vulnerability has a high chance of being exploited or not. This article continues to discuss the difficultly in managing vulnerabilities and how the Exploit Prediction Scoring System (EPSS) improves this management.

    Dark Reading reports "New Vulnerability Risk Model Promises More-Efficient Security"

  • news

    Visible to the public "Hackers Can Turn Everyday Speakers Into Acoustic Cyberweapons"

    Matt Wixey, the cybersecurity researcher lead at PWC UK, has demonstrated that it is possible for hackers to weaponize speakers such as Bluetooth speakers, parametric speakers, vibration speakers, and more. According to Wixey, custom malware can easily be written to make such speakers emit inaudible high-frequency sounds or high-volume sounds. These attacks have the potential to damage a user's hearing, cause tinnitus, or have psychological effects. This article continues to discuss the potential creation of acoustic malware by hackers to weaponize commercial speakers and the discovery other attacks that can be perfomed via speakers, which could impact the security and privacy of users.

    Wired reports "Hackers Can Turn Everyday Speakers Into Acoustic Cyberweapons"

  • news

    Visible to the public "These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer"

    Security researchers have discovered that it is possible to hack a computer through the use of a malicious tool, called the O.MG Cable, which is a modified Apple lightning cable. According to researchers, the O.MG cable appears legitimate because it performs the same expected functions as a regular cable. However, this cable has been modified to contain additional components that could allow hackers to remotely hijack a victim's computer, run malicious payloads, and more. This article continues to discuss the creation and possible activities that can be performed by hackers via the use of the O.MG cable.

    Motherboard reports "These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer"

  • news

    Visible to the public  "Hacking One of the World's Most Secure Industrial Programmable Logic Controllers (PLC)"

    A team of researchers from the Technion - Israel Institute of Technology and Tel Aviv University, together with the Israel National Cyber Directorate have demonstrated an attack on a Siemens programmable logic controller (PLC) that could allow for the hijacking of this system. This discovery is significant in that a Siemens PLC is often praised as one of the most secure controllers in the world. This article continues to discuss what the attack could allow malicious actors to do, the research conducted behind the attack, and the importance of securing industrial control systems.

    Homeland Security News Wire reports "Hacking One of the World's Most Secure Industrial Programmable Logic Controllers (PLC)"

  • news

    Visible to the public "More Than 2m AT&T Phones Illegally Unlocked by Bribed Insiders"

    It has been discovered that between 2012 and 2017, an individual recruited AT&T employees at the company's call center in Bothell, Washington, to plant malware and misuse the company's computer networks to illegally unlock phones. To do that, the insiders who were bribed disabled proprietary software that locked AT&T phones and prevented them from being used on other carriers' systems. When people slip out of the proprietary locking software, they're also slipping out of the long-term service contracts that bind them to AT&T's wireless network.

  • news

    Visible to the public "Security Researchers Find That DSLR Cameras Are Vulnerable to Ransomware Attack"

    Security researchers at Check Point have released a new report, detailing the vulnerability of digital DSLR cameras to being hit by ransomware attacks. According to a researcher, named Eyal Itkin, malware could be delivered to these cameras through the abuse of the standardized Picture Transfer Protocol, which is unauthenticated. Itkin demonstrated the exploitation of a Canon E0S 80D over Wi-Fi and the encryption of a SD card to the extent at which a user would not be able to access images on the card. This article continues to discuss the vulnerability of DSLR cameras to being infected by ransomware, why cameras are an attractive target for hackers, and the disclosure of the discovered vulnerability to Canon.

    The Verge reports "Security Researchers Find That DSLR Cameras Are Vulnerable to Ransomware Attack"

  • news

    Visible to the public "Attackers’ Growing use of Anti-Analysis, Evasion Tactics Pose a Challenge to Enterprises"

    It has been dicovered that it is becoming harder for organizatioins to detect malware. Many modern malware tools are now incorporating features for evading antivirus or other threat detection measures, but cyber adversaries are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection. With the growing use of anti-analysis and broader evasion tactics, companies should make sure to have a multi-layered defenses and behavior-based threat detection systems in place.

    Help Net Security reports: "Attackers' Growing use of Anti-Analysis, Evasion Tactics Pose a Challenge to Enterprises"

  • news

    Visible to the public "Yet Another Hacking Group Is Targeting Oil and Gas Companies"

    A new hacking group, dubbed Hexane, has been discovered by the industrial security company, Dragos. The newly discovered hacking group targets telecommunications, oil, and gas companies in the Africa, Central Asia, and the Middle East. Hexane is one of five hacking groups known to be targeting companies in the oil and gas sector. This discovery further indicates the growing interest among hacking groups in the compromise of industrial control systems (ICS) that support energy infrastructure. This article continues to discuss Hexane in relation to its activity, hacking tools, interests, and supposed connections, along with the increased targeting of oil and gas industries by state-associated actors.

    CyberScoop reports "Yet Another Hacking Group Is Targeting Oil and Gas Companies"

  • news

    Visible to the public "Tablet for Kids Had Flaws That Exposed Info, Location"

    The LeapPad Ultimate is a tablet designed for children between the ages of 3 and 6 that has recently been discovered by researchers from Checkmarx to be vulnerable to hacking. According to researchers, the tablet contains flaws that could be exploited by attackers to perform a number of malicious activities such as executing man-in-the-middle attacks, tracking devices, and sending messages to children. This article continues to discuss the security vulnerabilities found in the LeapPad Ultimate, what the exploitation of these security flaws could allow malicious actors to do, LeapFrog's response to these findings, and other discoveries of vulnerabilities in children's products.

    CNET reports "Tablet for Kids Had Flaws That Exposed Info, Location"

  • news

    Visible to the public "Researchers Show Vulnerabilities in Facial Recognition"

    Research conducted by Yu Chen, Bin Ma, and Zhou (HC) Ma at Tencent Security's Zuanwu Lab explored the implementation and defense mechanisms of biometric authentication. One of the researchers performed a demonstration at Black Hat USA 2019 in which they highlighted the vulnerabilities in facial recognition. The demonstration showed that it is possible to bypass a facial recognition system's liveness detection, which is put in place to detect fake faces and perform anti-face spoofing. This article continues to discuss the purpose of this research, previous studies on biometric authentication, the concept of liveness detection, and the demonstration in which the vulnerability of the liveness test was proven to exist.

    Dark Reading reports "Researchers Show Vulnerabilities in Facial Recognition"

  • news

    Visible to the public "U.S. Utility Firms Hit by State-Sponsored Spear-Phishing Attack"

    Three U.S. utility companies were the targets of a spear phishing campaign in which new malware, called LookBack, was used. The spear phishing emails sent to these companies appeared to be from a U.S.-based engineering licensing board. However, once the malicious attachment in these emails were opened, the remote access Trojan, LookBack, would be executed. According to researchers at Proofpoint, LookBack would allow attackers delete files, execute commands, take screenshots, and more, on infected systems. This article continues to discuss the spear phishing campaign in regard to its targets, techniques, and malware in addition to the suspected perpetrators behind the launch of this attack.

    TechRadar reports "U.S. Utility Firms Hit by State-Sponsored Spear-Phishing Attack"

  • news

    Visible to the public "New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses"

    Researchers from the security firm, Bitdefender, have demonstrated a new side-channel attack similar to that of Spectre and Meltdown, called SWAPGS. The attacks could be performed through the abuse of modern CPUs' speculative execution capabilities, which allow the high-performance microprocessors to predict future instructions. Hackers can use SWAPGS to gain access to passwords, encryption keys, and other sensitive data in the operating system kernel memory. According to researchers the SWAPGS side-channel attack can circumvent mitigations implemented for Spectre and Meltdown. This article continues to discuss the impact and performance of the new SWAPGS side-channel attack, as well as the bypassing of existing mitigations by this attack.

    Threatpost reports "New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses"

  • news

    Visible to the public "A Model Hospital Where the Devices Get Hacked—on Purpose"

    A mock hospital, called the Medical Device Village, will be set up at the 2019 DefCon hacking conference. The model hospital will consist of various medical devices, including pacemakers, insulin pumps, and other gadgets that one would find in an actual medical facility. In order to increase interest in bolstering the security of medical devices, researchers are encouraged to hack the devices in the model hospital. In addition to the mock hospital, there will be a formal capture the flag hacking competition and an opportunity for participants to get a more hands-on hacking experience. This article continues to discuss the Medical Device Village in relation to its purpose, pervious versions, and support, along with the importance of implementing security in the design of medical devices.

    Wired reports "A Model Hospital Where the Devices Get Hacked--on Purpose"

  • news

    Visible to the public "New Windows Malware can Also Brute-Force WordPress Websites"

    A new malware strain has been discovered named Clipsa. Clipsa has been affecting users for the past year and has affected users all over the world. This malware is different from most forms of malware mainly because it can conduct brute-force attacks against WordPress sites. Most malware detection systems can detect this malware, so it is important to make sure individuals keeps malware detection systems on their computers up to date.

    ZDNet reports: "New Windows Malware can Also Brute-Force WordPress Websites"

  • news

    Visible to the public Summer Internship at NSA in Science of Security

    The National Security Agency is currently taking applications for internships in the summer 2020 for its Summer Program in Science of Security. Applications are being accepted until October 15, 2019.

  • news

    Visible to the public "From State-Sponsored Attackers to Common Cybercriminals: Destructive Attacks on the Rise"

    According to a report recently released by IBM X-Force Incident Response and Intelligence Services (IRIS), there has been a significant increase in destructive attacks against organizations. These attacks aim to paralyze organizations by deleting data, encrypting data, disabling devices, and more. Destructive malware used to be a tool mostly used by sophisticated nation-state actors, but an analysis of X-Force's incident response data reveals the increased use of such malware by cybercriminal attackers. Organizations are encouraged to test their response plans, leverage threat intelligence, create effective strategies for data backup, and more, in order to reduce the risks posed by destructive malware attacks. This article continues to discuss the rise in destructive attacks, the potential consequences of such attacks, the concept of destructive malware, the targeting of various types of businesses, and what organizations can do to reduce the risk of destructive malware attacks.

    Security Intelligence reports "From State-Sponsored Attackers to Common Cybercriminals: Destructive Attacks on the Rise"

  • news

    Visible to the public "Connected Cars Could be a Threat to National Security, Group Claims"

    Consumer Watchdog (CW) has released a new report, titled Kill Switch: Why Connected Cars Can be Killing Machines and How to Turn Them Off, which highlights the threat posed by connected vehicles to national security. While connected vehicle technologies offer unique benefits, they also introduce significant security risks, which have the potential to cause loss of life. Connected cars are more vulnerable to being hacked, manipulated, and disabled by hackers. According to the report, as the use of connected cars increases, the possibility of a large-scale hack on such vehicles that could lead to fatalities grows. This article continues to discuss the growing number of connected cars on the road, the threat posed by connected cars, automotive cybersecurity, and recommendations to improve the security of connected vehicles.

    Security Week reports "Connected Cars Could be a Threat to National Security, Group Claims"

  • news

    Visible to the public "Romance Scams Soar as Victims Become Unwitting Money Mules"

    It has been discovered that losses from romance scams soared by over 71% from 2017-18. Victims of romance scams are increasingly recruited as money mules. In 2017 15,000 victims reported romance and confidence scams, and cost the victims 211 million dollars. By the following year 18,000 victims were reporting being apart of a romance and confidence scams. The 18,000 victims in 2018 reported losses of over 362 million dollars.

    InfoSecurity reports: "Romance Scams Soar as Victims Become Unwitting Money Mules"

  • news

    Visible to the public "Vital Infrastructures in the Netherlands Vulnerable to Hackers"

    A new report, titled Online Discoverability and Vulnerabilities of ICS/SCADA Devices in the Netherlands, recommends that vital infrastructure is protected differently as a result of the significant consequences that could occur when hackers attack such infrastructure. Research conducted by the University of Twente for the Scientific Research and Documentation Centre (WODC) of the Dutch Ministry of Justice and Security highlights the possibility of hackers disrupting critical infrastructures' operations and proper functions. This article continues to discuss the threats posed to critical infrastructure by hackers, cases in which hackers have targeted vital systems in different countries, and key findings of the report.

    The University of Twente reports "Vital Infrastructures in the Netherlands Vulnerable to Hackers"

  • news

    Visible to the public "New Tool Could Reduce Security Analysts' Workloads by Automating Data Triage"

    A new tool aimed at improving the performance of security analysts has been developed by researchers at Penn State and the U.S. Army Research Office. The tool reduces security analysts' workloads by automatically assigning degrees of urgency to repetitive tasks often performed by analysts. The automation of data triage operations in cyber analytics would allow analysts to dedicate more time to detecting and analyzing security-related events that have went undiscovered. The technique used by this tool involves non-intrusive tracing of human-data triage operations, data mining of operation traces, and more. This article continues to discuss why data triage is a time-consuming stage in cyber analytics and the tool developed by researchers to reduce security analysts' workloads.

    TechXplore reports "New Tool Could Reduce Security Analysts' Workloads by Automating Data Triage"