News Items

  • news

    Visible to the public "Supply Chains May Pose Weakest Security Link"

    Vulnerabilities in the U.S. military supply chain are being exploited by adversaries to execute attacks aimed at stealing valuable technical data, damaging critical infrastructure, gaining access to connected systems, degrading systems, and more. It has been recommended that the U.S. takes a holistic approach to responding to such threats by scoring supply chain liabilities based on their level of risk. The scoring of suppliers would require the performance of internal or external monitoring and frequent assessments of security risks. This article continues to discuss the exploitation of vulnerabilities contained by the U.S. military supply chain and the recommended approach to improving supply chain security that involves risk scoring.

    SIGNAL Magazine reports "Supply Chains May Pose Weakest Security Link"

  • news

    Visible to the public "Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains—and Counting"

    Magecart is made up of sophisticated hacking groups that perform web-based card-skimming attacks to steal credit card numbers. The threat detection firm, RiskIQ, released a new report, which reveals the scanning of misconfigured Amazon S3 buckets by Magecart hackers to insert malware and steal credit card numbers from the ecommerce sites linked to these buckets. As the misconfiguration of Amazon S3 buckets can allow anyone with an Amazon Web Services account to write to them, hackers could easily insert malicious code. According to RiskIQ, 17,000 domains have been affected so far. This article continues to discuss new discoveries made by researchers surrounding Magecart groups in relation their latest operations and techniques, as well as the impact of these groups.

    Wired reports "Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains--and Counting"

  • news

    Visible to the public "How can Attackers Abuse Artificial Intelligence?"

    In a study on how attackers can abuse artificial intelligence a few things were discovered. It was discovered that adversaries will continue to learn how to compromise AI systems as the technology continues to spreads. The number of ways attackers can manipulate the output of AI, makes attacks on AI difficult to detect and to mitigate. Powers competing to develop better types of AI for offensive/defensive purposes, may end up precipitating an "AI arms race". It was also discovered that securing AI systems against attacks may cause ethical issues. For example, increased monitoring of activity may infringe on a users privacy. Lastly, it was discovered that AI tools and models developed by advanced, well-resourced threat actors will eventually proliferate and become adopted by lower-skilled adversaries.

    Help Net Security reports: "How can Attackers Abuse Artificial Intelligence?"

  • news

    Visible to the public "WhatsApp, Telegram Had Security Flaws That Let Hackers Change What You See"

    Security researchers from Symantec have discovered a vulnerability contained by popular encrypted messaging applications, WhatsApp and Telegram. The exploitation of this vulnerability could enable the modification of images and audio files by hackers. According to researchers, the vulnerability could allow hackers to manipulate photos of invoices, resulting in money being received by incorrect recipients. This article continues to discuss the use of secure messaging apps, the vulnerability found to be contained by WhatsApp and Telegram, how this vulnerability was discovered by researchers, and the discovery of a fake version of one of the apps.

    CNET reports "WhatsApp, Telegram Had Security Flaws That Let Hackers Change What You See"

  • news

    Visible to the public "Dutch Researchers Are Developing Quantum Technology to Secure Your Bank Account"

    According to researchers, quantum computers will deem current encryption algorithms obsolete as such computers will contain quantum-mechanical properties that could allow them to perform calculations much faster than regular computers. Therefore, the quantum technology research group, Qutech, and the Dutch bank, ABN AMRO, are collaborating in the development of quantum technology aimed at securing banking systems against future quantum attacks. This article continues to discuss expectations and concerns surrounding quantum computers, the partnership in support of developing quantum technology to secure banking systems, and quantum key distribution (QKD).

    TNW reports "Dutch Researchers Are Developing Quantum Technology to Secure Your Bank Account"

  • news

    Visible to the public "Academics Steal Data From Air-Gapped Systems via a Keyboard’s LEDs"

    Security researchers at Ben-Gurion University have demonstrated that it is possible for data to be extracted from secure air-gapped computers by attackers, using the Caps Lock, Num Lock, and Scroll Lock LEDs on a keyboard. The attack, called CTRL-ALT-LED poses a threat to highly secure environments such as those that store top-secret documents or non-public proprietary information. The CTRL-ALT-LED exfiltration method has been tested on different optical capturing devices, including security cameras, smartphone cameras, high-grade optical/light sensors, and more. This article continues to discuss how the CTRL-ALT-LED attack works and other research on the exfiltration of data via keyboard LEDs.

    ZDNet reports "Academics Steal Data From Air-Gapped Systems via a Keyboard's LEDs"

  • news

    Visible to the public Apple Quietly Removes Zoom’s Hidden web Server From Macs

    It was discovered that Zoom, whose web conferencing software has more than four million users across desktop and mobile platforms, including Windows has multiple vulnerabilities. The vulnerabilities that were discovered include: CVE-2019-13449 (the original denial-of service flaw), CVE-2019-13567 (webcam takeover), and CVE-2019-13567 (a proof-of-concept making possible Remote Code Execution). The first and third issues should be fixed by updating to Zoom client version 4.4.2 on macOS and the second vulnerability is unpatched but mitigated by removing the web server.

    Naked Security reports: "Apple Quietly Removes Zoom's Hidden web Server From Macs"

  • news

    Visible to the public "Cybersecurity Training Study Reveals Phishing Identification and Data Protection Are the Top Problem Areas for End Users"

    Proofpoint has released its fourth annual report on end users' understanding of different cybersecurity topics and best practices, titled Beyond the Phish. The report reveals that employees are still inadequately knowledgeable about phishing and data protection, further emphasizing the need for organizations to implement or improve security awareness training. This article continues to discuss what the report features and key findings pertaining to how knowledgable employees are about cyber threats and cybersecurity best practices, along with the importance of effective security awareness training for employees.

    AIT News Desk reports "Cybersecurity Training Study Reveals Phishing Identification and Data Protection Are the Top Problem Areas for End Users"

  • news

    Visible to the public "Researchers Detail Privacy-Related Legal, Ethical Challenges With Satellite Data"

    Satellite technology offers a number of benefits, such as clearer communications, accurate location information, faster emergency responses, and more. However, researchers at Penn State University are emphasizing the dangers posed to national security and civil liberties by the unauthorized access or exposure of satellite data. Satellite data can reveal sensitive information such as the position of secret military bases, global peacekeeping operations, and more, posing a significant threat to national security. This article continues to discuss the uses of satellite technology, the potential threats created by unchecked satellite data, the role of satellites in the realm of IoT devices, and four ways in which the approach to regulating satellites and the use of satellite data can be improved.

    Phys.org reports "Researchers Detail Privacy-Related Legal, Ethical Challenges With Satellite Data"

  • news

    Visible to the public "Research Shows Humans Are Attacking Artificial Intelligence Systems"

    A research group led by De Montfort University Leicester (DMU) has brought further attention to the increased manipulation of artificial intelligence (AI) software in search engines, social media platforms, and more, by online hackers to execute cyberattacks. According to a report published by the European Union-funded project, SHERPA, hackers are increasingly abusing existing AI systems to perform malicious activities instead of creating new attacks in which machine learning is used. This article continues to discuss hackers' increased use of AI systems for malicious purposes, the possible malicious uses of AI identified by researchers, the advancement of AI, and the purpose of the SHERPA project.

    DMU reports "Research Shows Humans Are Attacking Artificial Intelligence Systems"

  • news

    Visible to the public "More than 2 million cyber incidents in 2018 created $45 billion in losses"

    In 2018, the financial impact of ransomware rose by 60%, losses from business email compromise doubled, and cryptojacking incidents more than tripled, even though the overall amount of breaches and exposed records were down in 2018. This data shows that cybercriminals are getting better at monetizing their activities. In 2018 there were 2 million cyber incidents, and created 45 billion dollars in losses.

    Help Net Security reports: "More than 2 million cyber incidents in 2018 created $45 billion in losses"

  • news

    Visible to the public "25 Million Android Devices Infected by ‘Agent Smith’ Malware"

    Researchers from the security firm, Check Point, have discovered a new malware targeting Android devices, dubbed Agent Smith, which is capable of replacing legitimate apps on a device with malicious copies. The fake apps display advertisements from which the threat actors gain profit. Agent Smith could also be used by attackers to steal banking credentials. This malware has mostly infected Android devices in India, Bangladesh, Pakistan, and Indonesia. This article continues to discuss Agent Smith in regard to its stages, impact, and targets, as well as the first signs of this malware traced by researchers.

    Bleeping Computer reports "25 Million Android Devices Infected by 'Agent Smith' Malware"

  • news

    Visible to the public "Coast Guard Warns Shipping Firms of Maritime Cyberattacks"

    An advisory about possible maritime cyberattacks has been issued by the U.S. Coast Guard to all shipping companies. The advisory was issued in response to an incident in which a large commercial vessel was hit by a malware attack, disrupting the proper functioning of the ship. The shipping industry has been urged to regularly asses the cybersecurity of vessels, segment shipboard networks, enforce the use of passwords, install patches, and more. This article continues to discuss the malware attack faced by a commercial vessel in February 2019 and the Coast Guard's warning to shipping firms about such attacks.

    Dark Reading reports "Coast Guard Warns Shipping Firms of Maritime Cyberattacks"

  • news

    Visible to the public "Researchers Find Worrying Security Vulnerability in GE Healthcare Anesthesia Machines"

    GE Healthcare's anesthesia and respiratory devices have been discovered to contain a security vulnerability. According to the CyberMDX researchers who discovered the vulnerability, attackers could exploit it to perform malicious activities such as silence alarms, alter logs, manipulate gas compositions, and more. The vulnerability affects Aestiva anesthesia delivery equipment as well as Aespire models, 7100 and 7900. This article continues to discuss the devices affected by the security vulnerability, what the exploitation of this vulnerability requires, the malicious activities that could be carried out by attackers through this exploitation, and GE Healthcare's response to this discovery made by researchers.

    TNW reports "Researchers Find Worrying Security Vulnerability in GE Healthcare Anesthesia Machines"

  • news

    Visible to the public "SMBs Struggle with Encryption, Patching and Skills Gap"

    According to Alert Logic's new report, titled Criminal Watch: SMB Threatscape 2019, small and midsize businesses (SMBs) are weak in the realms of encryption, workload configuration, visibility, and more, leaving them vulnerable to cyberattacks. The report also highlights the running of outdated and unsupported operating systems by most devices used by SMBs. This article continues to discuss key findings shared in the report pertaining to the security of SMBs and the lack of skilled cybersecurity professionals.

    Infosecurity Magazine reports "SMBs Struggle with Encryption, Patching and Skills Gap"

  • news

    Visible to the public "YouTube’s Policy on Hacking Videos Makes Everyone Less Safe"

    Instructional hacking videos were deemed harmful or dangerous by Youtube's updated policies, despite the value of such videos to the security community. According to those within the security community, blocking content on instructional ethical hacking reinforces the idea that anyone who discovers security vulnerabilities in products and raises awareness about how these vulnerabilities work, is a malicious actor or criminal. Blocking such videos can also leave the identified vulnerabilities unaddressed. This article continues to discuss the updates made to Youtube's policies to block instructional hacking videos, the purpose of such videos, and how blocking this type of content impacts the security community.

    Slate reports "YouTube's Policy on Hacking Videos Makes Everyone Less Safe"

  • news

    Visible to the public "Researchers Hack VR Worlds"

    Security researchers, Alex Radocea and Philip Pettersson, demonstrated the possibility of hacking into virtual reality (VR) worlds on three different platforms, including VR Chat, Steam VR, and High Fidelity. Radocea and Pettersson warned that the infiltration of immersive VR worlds by hackers can lead to eavesdropping and the creation of fake images. Attackers could also hack VR worlds for the purpose of displaying inappropriate images to chatroom users and taking control over users' systems. This article continues to discuss the platforms used to demonstrate how to hack VR worlds, the attacks that could be executed via VR systems, and other research surrounding the hacking of such systems.

    Naked Security reports "Researchers Hack VR Worlds"

  • news

    Visible to the public "PGP Ecosystem Targeted in ‘Poisoning’ Attacks"

    Robert Hansen and Daniel Gillmor are researchers that have recently been targeted by PGP poisoning attacks. PGP (Pretty Good Privacy) is an encryption software used for the authentication and privacy of email messages. PGP poisoning attacks refer to the spamming of certificates with a significant number of signatures or certifications. This article continues to discuss the PGP framework, what is exploited in PGP poisoning attacks, the impact that these attacks could have on security, and suggestions made by researchers as to how such attacks can be mitigated, along with the efforts that have been made by researchers to highlight and address these attacks.

    Threatpost reports "PGP Ecosystem Targeted in 'Poisoning' Attacks"

  • news

    Visible to the public "Newly Reported Flaws in Cameras, Locks Add to Scrutiny of Smart-Home Security"

    Security flaws have been discovered in Netgear Arlo smart home security cameras and Zipato smart hubs, further raising concerns surrounding the security of smart home technology. According to researchers, the security flaws discovered in these devices could be exploited by malicious actors to hijack cameras connected to a single hub, manipulate footage, unlock doors, and more. This article continues to discuss the security vulnerabilities found in the Netgear Arlo system and the ZipaMicro smart-home device from Zipato, as well as the attacks that could be executed through the exploitation of these vulnerabilities.

    CyberScoop reports "Newly Reported Flaws in Cameras, Locks Add to Scrutiny of Smart-Home Security"

  • news

    Visible to the public "More Than 1,000 Android Apps Harvest Data Even After You Deny Permissions"

    Researchers from the International Computer Science Institute have discovered that over 1,000 Android apps circumvent privacy permission settings, bringing further attention to the difficulty of maintaining online privacy when using phones and mobile apps. As these apps violate permissions, they can gather information such as a user's geolocation. This article continues to discuss the bypassing of privacy protections by Android apps, the type of data gathered by these apps, how this discovery was made by researchers, responses to this finding, and the lack of tools for consumers to control their privacy.

    CNET reports "More Than 1,000 Android Apps Harvest Data Even After You Deny Permissions"

  • news

    Visible to the public "Phishing Attacks Incorporate QR Codes to Help Evade URL Analysis"

    Security researchers from Cofense discovered the use of QR codes in phishing attack campaigns to bypass URL analysis. Phishing emails have been disguised as SharePoint emails, which contain a QR code to be scanned by recipients in order to view an important document. The QR code redirects recipients to a malicious site where phishers can obtain their account login credentials for AOL, Microsoft, and more. This article continues to discuss the exploitation of QR codes in phishing attack campaigns to evade security controls.

    Security Intelligence reports "Phishing Attacks Incorporate QR Codes to Help Evade URL Analysis"

  • news

    Visible to the public "To Benefit from DevOps Implementation, Security and Dev Teams Must Communicate Better"

    Trend Micro conducted a survey to which 1,310 IT decision makers who work in enterprise and SMB organizations responded. The results of the survey indicate that most IT leaders believe the success of DevOps implementation depends on the improvement of communication between IT security and software development teams. This article continues to discuss key findings of the survey in relation to the adoption of a DevOps culture by organizations and what needs to be improved to increase chances of successful DevOps implementation.

    Help Net Security reports "To Benefit from DevOps Implementation, Security and Dev Teams Must Communicate Better"

  • news

    Visible to the public "Automated Cryptocode Generator Is Helping Secure the Web"

    Researchers at Massachusetts Institute of Technology (MIT) presented a paper at the recent IEEE Symposium on Security and Privacy in which they gave details about an automated cryptocode generator that they have developed. The mathematical algorithms ran by cryptographic protocols used in the security of online communications are written and rewritten by a group of experts. This manual process can result in the production of nonoptimal algorithms and the introduction of bugs due to human errors. Therefore, MIT researchers developed Fiat Cryptography, a system that will automatically generate and verify optimized cryptographic algorithms. This article continues to discuss the purpose, development, and use of the Fiat Cryptography system.

    EurekAlert! reports "Automated Cryptocode Generator Is Helping Secure the Web"

  • news

    Visible to the public "Ransomware Hits Georgia Courts As Municipal Attacks Spread"

    The Administrative Office of the Georgia Courts has been hit by a ransomware attack, resulting in the shutdown of court websites and systems. This ransomware attack is just one of many that have recently been faced by municipalities. Municipalities that have fallen victim to these attacks, including Key Biscayne, Lake City, and Riviera Beach agreed to pay ransomware attackers. However, the U.S. government advises victims to not give into the demands for ransom payments. Ransomware attackers would be motivated to execute more attacks if their demands are met. This article continues to discuss the recent ransomware attacks on municipalities, the increase in targeted ransomware attacks, the decision to pay ransoms, and the actors behind recent attacks.

    Wired reports "Ransomware Hits Georgia Courts As Municipal Attacks Spread"

  • news

    Visible to the public "Security Flaws in a Popular Smart Home Hub Let Hackers Unlock Front Doors"

    Security researchers, Chase Dardaman and Jason Wheeler, discovered security flaws in the popular ZipaMicro smart hub developed by Zipato. These flaws could be exploited by hackers to unlock front doors using a smart lock. According to researchers, security flaws in smart home hubs such as the ZipaMicro could be abused by landlords to enter a tenant's home as such devices can control a home's smart devices, including smart front door locks. The discovery further emphasizes the importance of improving the security of smart home technology. This article continues to discuss the security flaws discovered in the ZipaMicro smart home hub, the possible exploitation of these flaws by attackers, and Zipato's response to this discovery.

    TechCrunch reports "Security Flaws in a Popular Smart Home Hub Let Hackers Unlock Front Doors"

  • news

    Visible to the public "Cyberwarfare in Space: Satellites at Risk of Hacker Attacks"

    The London-based independent policy institute, Chatham House, recently released a research paper, titled Cybersecurity of NATO's Space-based Strategic Assets. The paper calls for the North Atlantic Treaty Organization (NATO) and its member countries to examine and make efforts to improve the cybersecurity of space-based satellite control systems as these systems have been discovered to be vulnerable to cyberattacks that pose a significant threat to global security. Since most modern military engagements depend on space systems, cyberattacks on such systems could lead to the distribution of false information to troops, redirection of movements, and more. This article continues to discuss key points made in the Chatham House paper in regard to the vulnerability of space-based satellite control systems to cyberattacks, the risk posed by cyberattacks on these systems, and how NATO countries should strengthen the cybersecurity of satellite systems.

    ZDNet reports "Cyberwarfare in Space: Satellites at Risk of Hacker Attacks"

  • news

    Visible to the public "Facebook Abused to Spread Remote Access Trojans Since 2014"

    In a new study, it was discovered that Facebook has been exploited to act as a distribution platform for a set of Remote Access Trojans (RATs) for years. The aim of the operation has been to spread RATs including Houdini, Remcos, and SpyNote. So far tens of thousands of victims from Libya, Europe, the US, and China are believed to have been compromised. The threat actor behind the campaign has used the political turmoil in Libya to their advantage. When someone interested in Libyan politics clicked on the URLs, they would instead be sent to malicious content.

    ZDNet reports: "Facebook Abused to Spread Remote Access Trojans Since 2014"

  • news

    Visible to the public HotSoS 2019 Paper Synopses

    HotSoS 2019 Paper Synopses


  • news

    Visible to the public "Personalized Medicine Software Vulnerability Uncovered by Sandia Researchers"

    Open source genome mapping software used in the personalization of medicine has been discovered by researchers at Sandia National Laboratories to be vulnerable to cyberattacks in which patients' genetic information can be altered. Personalized medicine refers to the customization of health care based on findings from the analysis of a patient's genetic information. Burrows-Wheeler Aligner (BWA) is a software package often used in the process of personalized medicine. According to Sandia researchers, BWA has a vulnerability that could be exploited by hackers to execute man-in-the-middle attacks. These attacks could lead to the modification of genetic information, thus leading to incorrect analyses and drug prescriptions. This article continues to discuss the process of personalized medicine and the vulnerability of a program used in this process, along with the research behind the discovery of this vulnerability.

    Phys.org reports "Personalized Medicine Software Vulnerability Uncovered by Sandia Researchers"

  • news

    Visible to the public "Keeping Children Safe in the ‘Internet of Things’ Age"

    Children need to be protected when they use programmable Internet computing devices such as the BBC micro:bit. The BBC micro:bit is a small easily-programmable device that could be used by children in the creation of digital technologies. Although such devices provide educational benefits to children, the security of these devices must be taken into consideration. Therefore, a team of scientists at Lancaster University developed new guidelines to help designers implement security into such devices in order to strengthen the protection of children in the digital world. The framework provided by scientists helps designers visualize the different ways in which their devices could be used by children and adopt approaches to mitigating the risks posed by these devices. This article continues to discuss the use of programmable IoT devices by children, the risks posed by these devices, and the framework developed by researchers to help designers address these risks.

    Lancaster University "Keeping Children Safe in the 'Internet of Things' Age"

  • news

    Visible to the public "Data Management Firm Exposed Client Info on Open Amazon S3 Buckets: Researchers"

    While a study was being conducted, it was discovered that data from Netflix, TD Bank, Ford and other companies was left exposed for an unknown period of time on publicly configured cloud storage buckets operated by data integration and management company Attunity. The three companies were publicly accessible using Amazon S3 buckets on 13 May. The oldest of the three companies, which contained the most sensitive information, was uploaded in September 2014; however, it is not clear if the data was publicly accessible since that time. Once Attunity was alerted, their personnel responded quickly to ensure that the data was secured.

    SC Magazine reports: "Data Management Firm Exposed Client Info on Open Amazon S3 Buckets: Researchers"

  • news

    Visible to the public "Avoid These Top Four Cybersecurity Mistakes"

    The Chief Security and Privacy Officer at Georgian Partners, Alex Manea, has pointed out four common mistakes made by CEOs in their approaches to mitigating the cybersecurity risks faced by their companies. According to Manea, CEOs often skip the performance of ethical hacking assessments, forget about establishing a good cybersecurity architecture, fail to think about the severity and likelihood of security risks, and more. This article continues to discuss the most common cybersecurity mistakes made by CEOs and how to avoid them.

    Chief Executive reports "Avoid These Top Four Cybersecurity Mistakes"

  • news

    Visible to the public "How Hackers Infiltrate Open Source Projects"

    Open source software included in most enterprises' critical applications is vulnerable to being infiltrated by hackers. According to security professionals, the nature of open source projects provides opportunities for hackers to insert malicious code, posing a threat to the security of enterprises. This article continues to discuss what makes open source projects vulnerable to hacking, why small open source projects are often targeted by malicious actors, the potential impact of such attacks, and what developers should do to increase code security.

    Dark Reading reports "How Hackers Infiltrate Open Source Projects"

  • news

    Visible to the public "Medtronic Recalls Vulnerable MiniMed Insulin Pumps"

    Medtronic is recalling its insulin pumps as a result of their vulnerability to being hijacked by hackers. The U.S. Food and Drug Administration (FDA) has warned of the danger of vulnerabilities in Medtronic's MiniMed insulin pumps, stating that the exploitation of these vulnerabilities could allow malicious actors to alter a pump's settings. According to the FDA, the tampering of insulin pumps could lead to extremely low or high blood sugar, posing a significant threat to the well-being of patients. This article continues to discuss the risks posed by vulnerable insulin pumps, the recall of these devices, and Medtronic's efforts to improve the security of their medical devices.

    Help Net Security reports "Medtronic Recalls Vulnerable MiniMed Insulin Pumps"

  • news

    Visible to the public "The History of Cellular Network Security Doesn’t Bode Well for 5G"

    The 5G mobile communication standard is expected to bring improvements to users. However, there are still concerns surrounding whether 5G will fix security flaws in cell networks or not. Security researchers have already uncovered critical security flaws in the 5G standard. A cell network security researcher, named Roger Piqueras Jover, recently published a blog post in which he discussed the history of cell network security research, flaws that have been uncovered in this research, and his views on 5G security. This article continues to discuss keys points made by Jover in regard to the acceleration of cell network security research, standardization efforts, and increased efforts by researchers to fix security flaws in cell networks.

    EFF reports "The History of Cellular Network Security Doesn't Bode Well for 5G"

  • news

    Visible to the public "Managing IoT Privacy, Cybersecurity Guidance Released by NIST"

    The National Institute of Standards and Technology (NIST) publication, NISTIR 8228, provides a guide that could be used by federal and private sector organizations in the management of IoT privacy and cybersecurity risks. The report is the first in a planned series of NIST publications aimed at helping organizations reduce IoT vulnerabilities. The report categorizes cybersecurity and privacy risks posed by IoT devices. These categories include device security, data security, and individuals' privacy. NIST recommends that organizations make changes to their policies and processes to mitigate challenges faced in managing IoT devices and vulnerabilities. This article continues to discuss the goal and key points made in the NIST guide in relation to the management of cybersecurity and privacy risks posed by IoT devices.

    HealthITSecurity reports "Managing IoT Privacy, Cybersecurity Guidance Released by NIST"

  • news

    Visible to the public "Disruptive by Design: Intelligence Fusion Inoculates Against Cyber Threats"

    Cyber intelligence fusion is needed to improve upon the identification of cyber threats and the speed at which risks are mitigated by organizations. The fusion of such intelligence can also help organizations learn from cyber incidents in a systematic manner. A converged organization that brings together experts from different domains is required to support cyber intelligence fusion. Cross-domain expertise would enhance analysis and increase understanding of the different ways in which an adversary might attack a target across multiple domains. For cyber intelligence fusion to be effective, experts must provide insight into how specific adversaries operate in regard to the tools and techniques they use. This article continues to discuss the components and benefits of cyber intelligence fusion.

    SIGNAL Magazine reports "Disruptive by Design: Intelligence Fusion Inoculates Against Cyber Threats"

  • news

    Visible to the public "Payment Fraud Linked to Terrorism and Trafficking"

    In a new study, it was discovered that payment card fraud is being used around the world to fund and launder the proceeds from organized crime, drug and human trafficking, terrorism and more. Payment fraud caused over 1 billion dollars in losses associated with those 274 cases that were studied. It was also discovered that in North America, most payment care fraud was linked to identity fraud (33%), organized crime (32.5%), human trafficking (17.5%) and drug trafficking (15%). In Europe payment card fraud was linked to, organized crime (62%), drug trafficking (41%) and money laundering (41%). Payment fraud is not just a fraud problem, it should no longer be viewed as a non-violent crime, mere annoyance, or unfortunate cost of doing business.

    Infosecurity reports: "Payment Fraud Linked to Terrorism and Trafficking"

  • news

    Visible to the public "Another Florida City Is Making a Ransomware Payment, Worth Nearly $500,000 This Time"

    Lake City suffered a ransomware attack that locked the city's phone and email systems. The city made the decision to give into the demands of the hackers by paying them 42 bitcoins, which is equivalent to $490,421. Many businesses often decide to pay ransomware attackers out of desperation. However, federal authorities advise victims to not succumb to hackers' demands for ransom payments. This article continues to discuss the ransomware attack on Lake City and the decision to pay the ransomware attackers, along with other ransomware attacks that have been experienced by other cities and the increase in such attacks against state and local governments.

    CyberScoop reports "Another Florida City Is Making a Ransomware Payment, Worth Nearly $500,000 This Time"

  • news

    Visible to the public "Hackers Favoring Shimmers Over Skimmers for ATM Attacks"

    Cybercriminals are now using shimmers more than skimmers in the execution of attacks against automated teller machines (ATMs). Skimmers are small devices that can be attached to an ATM's card reader to harvest data as users swipe their cards, which could allow for the cloning of cards. The implementation of the European Mastercard Visa (EMV) payment standard has prevented cybercriminals from using skimmers as the EMV method stores data on integrated circuits. As a result, there has been an increase in the use of shimmers, which differ from skimmers in regard to position, size, and more. This article continues to discuss how shimmers differ from skimmers, ATM security measures, and mitigation for ATM shimming attacks.

    Security Week reports "Hackers Favoring Shimmers Over Skimmers for ATM Attacks"

  • news

    Visible to the public "iOS Devices Compromised Again"

    The Media Trust Digital Security and Operations team has discovered a new steganography campaign that targets iOS devices. Steganography is a method that can be used by hackers to hide malicious data or malware in or by way of image files, video clips, audio files, and other unsuspecting mediums. The malware used in this campaign, called Stegoware-3PC, has been spread via publishers, demand-side vendors, and other adtech vendors. Stegoware-3PC was found to be hiding in PNG files, which are embedded in fake ads appearing to be from popular brands. These ads lead to the exfiltration of visitors' personal information by the malware. One of the procedures of the malware is to ensure that it is being executed on an iOS device. This article continues to discuss the delivery, techniques, and procedures of Stegoware-3PC.

    ISBuzz News report "iOS Devices Compromised Again"

  • news

    Visible to the public "1 in 10 Open Source Components Downloaded in 2018 had a Known Security Vulnerability"

    In a new study it was discovered that 1 in 10 open source components downloaded in 2018 had known security vulnerabilities. It was discovered that there was a 71% increase in open source related breaches over the past five years, and that 24% of organizations confirmed or suspected an OSS related breach. It is important as more people use and download software from open sources, that one does their research first to make sure that they are secure.

    Help Net Security reports: "1 in 10 Open Source Components Downloaded in 2018 had a Known Security Vulnerability"

  • news

    Visible to the public "Bill Advances to Create Vulnerability Disclosure for Federal Internet of Things"

    Under the Internet of Things Cybersecurity Improvement Act, a vulnerability disclosure process would be established for agencies that discover vulnerabilities in Internet of Things (IoT) devices. The bipartisan bill would also prohibit U.S. government agencies from purchasing IoT devices sold by companies that choose to not adopt the coordinated vulnerability disclosure policies. This article continues to discuss the Internet of Things Cybersecurity Improvement Act in relation to its status, purpose, and requirements.

    Nextgov reports "Bill Advances to Create Vulnerability Disclosure for Federal Internet of Things"

  • news

    Visible to the public "Top Roadblocks to Securing Web Applications"

    Data breaches have become a common occurrence. In Australia, the Australian Information Commissioner (OAIC) found that a data breach affected more than 10 million Australians. This data breach is just one of many that have recently been experienced by organizations across the world. According to Verizon's 2019 Data Breach Investigation Report (DBIR), web application attacks remain the most common attack vector for data breaches, which calls for all organizations to examine their application security practices. Organizations are encouraged to adopt new approaches to application security in which automation, artificial intelligence, and human intelligence is used. This article continues to discuss recent massive data breaches, findings of Verizon's 2019 DBIR, challenges faced by organizations in securing software, consequences of inadequate application security measures, and recommended approaches to software security.

    SDTimes report "Top Roadblocks to Securing Web Applications"

  • news

    Visible to the public "Report: Security of iOS and Android Mobile Apps 'Roughly Equivalent'"

    It is widely believed that iOS mobile apps are a lot safer than Android mobile apps. However, in a new study, it was discovered that actually the security of iOS and Android mobile apps are about the same, and that no company has more secure applications than the other. It was discovered that on both operating systems, that an alarming number of apps were critically insecure, and far less developer attention is being spent on solving the issue of the applications being insecure.

    ADTmag.com reports: "Report: Security of iOS and Android Mobile Apps 'Roughly Equivalent'"

  • news

    Visible to the public "Hackers Hit over a Dozen Mobile Carriers and Could Shut down Networks, Researchers Find"

    Security researchers with Cybereason have identified an advanced, persistent attack, which they have dubbed Operation Soft Cell. The attack is aimed at stealing sensitive data from telecommunications providers located in Europe, Asia, Africa, and the Middle East. Findings from the investigation of this attack revealed that it has been active since 2012. Operation Soft Cell has allowed hackers to gain access into multiple mobile carriers and steal a significant amount of customer data. Researchers have highlighted the severity of Operation Soft Cell, stating that it could lead to the shut down of phone networks as the attack gives hackers highly privileged access. This article continues to discuss the motive, operations, targets, and impacts of Operation Soft Cell, in addition to how mobile carriers should respond.

    CNET reports "Hackers Hit over a Dozen Mobile Carriers and Could Shut down Networks, Researchers Find"

  • news

    Visible to the public Cyber Scene #34 - Grid Lock, Here and There

    Cyber Scene #34
    Grid Lock, Here and There

  • news

    Visible to the public "You’d Better Change Your Birthday – Hackers may Know Your PIN"

    In a study it was discovered that 26 percent of individuals use the top 20 most used PIN numbers, which makes guessing of PIN numbers quite easy. Most individuals also use important dates when it comes to creating PIN numbers. It is important that the person that creates a PIN makes sure that the number that is used is not able to be found publicly, for example a birthday or wedding date. It is important that PIN numbers be at least 6 numbers in length, but the more numbers a PIN is made up of, the harder it will be to guess for the hackers.

    WeLiveSecurity reports: "You'd Better Change Your Birthday - Hackers may Know Your PIN"

  • news

    Visible to the public "Researchers Develop 'Vaccine' Against Attacks on Machine Learning"

    A significant breakthrough in machine learning (ML) research has been made by researchers from the Commonwealth Scientific and Industrial Research Organization's (CSIRO) Data61, an arm of Australia's national science agency specializing in data and digital technology. Researchers have developed techniques to prevent adversarial attacks on ML. Adversarial attacks on ML refer to attacks in which malicious data inputs are used to interfere with the functioning of ML models. The techniques developed by researchers to combat such attacks are similar to those used in the vaccination process. This article continues to discuss ML algorithms, the vulnerability of ML to adversarial attacks, and the new set of techniques developed to prevent these attacks.

    CSIRO reports "Researchers Develop 'Vaccine' Against Attacks on Machine Learning"

  • news

    Visible to the public "A Malware Can Bypass ‘2FA’ In ‘Android’ Phones, Researchers Found"

    Researchers have discovered the distribution of malware via the Google Play Store that can evade security firewalls. This discovery follows Google's confirmation that some low-end Android devices contain pre-installed malware. According to cybersecurity researchers from We Live Security by ESET, Google's new SMS restrictions can be circumvented by specific applications that can be downloaded from the Google Play Store. These malicious applications can bypass two-factor authentication (2FA). As a result of the evasion of 2FA, one-time passwords (OTPs) in SMS 2FA messages can be accessed. In addition, OTPs from emails can also be accessed by the malware. This article continues to discuss the capabilities and evolution of the malware.

    Z6 Magazine reports "A Malware Can Bypass '2FA' In 'Android' Phones, Researchers Found"