News Items

  • news

    Visible to the public "Industry Warns of Flaws as Gov’t Proposes Mandatory IoT Security Labelling"

    The UK government is considering establishing an IoT security labelling scheme, which will help inform consumers about how secure IoT products are. The consultation suggests three security requirements laid out by the UK government's "Secure by Design" Code of Practice, which calls for the building of cybersecurity measures in the design phase of IoT products. Manufacturers of IoT devices would be required to ensure that IoT device passwords are highly unique and unable to be reset to factory default passwords. This article continues to discuss the IoT security labelling consultation and concerns surrounding the proposed IoT security legislation.

    CBR reports "Industry Warns of Flaws as Gov't Proposes Mandatory IoT Security Labelling"

  • news

    Visible to the public "50,000 Companies Exposed to Hacks of 'Business Critical' SAP Systems: Researchers"

    New ways of exploiting vulnerabilities in SAP software have been discovered by security researchers. These vulnerabilities leave the 50,000 companies that use this software susceptible to being hacked. The exploitation of these vulnerabilities could enable hackers to hinder the operations of companies, steal information on companies' SAP systems, and alter this information, allowing the performance of financial fraud, the withdrawal of money, and more. This article continues to discuss the use of SAP software and what the abuse of vulnerabilities in SAP software could allow hackers to do to companies.

    Reuters report "50,000 Companies Exposed to Hacks of 'Business Critical' SAP Systems: Researchers"

  • news

    Visible to the public Executive Order on America’s Cybersecurity Workforce

    The White House released an Executive Order on America's Cybersecurity Workforce. It call this workforce a national asset. It calls for the government to enhance mobility of the workforce to move between public and private employment. It call for development of skills and that the government must recognize and reward the highest-performing cybersecurity workers.

    It calls for the creation of an annual cybersecurity competition for federal civilian and military members. The first competition is to be held in 2019.

    For the order and additional details:

  • news

    Visible to the public "Majority of Encrypted Email Clients Vulnerable to Signature Spoofing"

    Researchers from the Ruhr University Bochum and Munster University of Applied Sciences examined the implementation of two major email encryption standards, OpenPGP and S/MIME. According to the findings of this analysis, the majority of leading encrypted email clients that support these standards are vulnerable to digital signature spoofing. Five different classes of attack are described by researchers, which are CMS attacks, GnuPG API attacks, MIME attacks, ID attacks, and UI attacks. This article continues to discuss the susceptibility of encrypted email clients to digital signature spoofing, the classes of attack described by researchers, and what the results of this investigation suggest.

    SecurityWeek reports "Majority of Encrypted Email Clients Vulnerable to Signature Spoofing"

  • news

    Visible to the public "GAO Flags New Cybersecurity Issues for Upcoming Census"

    The Government Accountability Office (GAO) urges the Census Bureau to improve upon its cybersecurity. The public will be allowed to respond to the 2020 Decennial Census via the internet. In addition, field-based enumerators will be allowed to use applications on mobile devices to gather survey data from households. Personally identifiable information such as names, birth dates, living situations, and more, will be more susceptible to being digitally hacked as a result of these changes. This article continues to discuss how the 2020 Decennial Census will be conducted, the security risks that will be introduced by changes made to the collection of data, and recommendations for the Bureau in relation to the improvement of its posture against security risks.

    Nextgov reports "GAO Flags New Cybersecurity Issues for Upcoming Census"

  • news

    Visible to the public "Can Wi-Fi Networks Be Completely Secure?"

    Researchers in China have reviewed different Wi-Fi hacking techniques that attackers have been discovered to use and suggested ways in which the security of a wireless infrastructure can be improved. Rogue AP, ARP spoofing, and Wi-Fi MITM are three of the top exploit kits used to hack Wi-Fi, which have also been examined by researchers. It has been highlighted that hackers and crackers will always find ways to break into a Wi-Fi network even if the network has the latest security measures, firewall protection, and more. This article continues to discuss the fundamental security flaw in all Wi-Fi systems and concerns surrounding the exploit kits used by attackers to break into Wi-Fi.

    Homeland Security News Wire reports "Can Wi-Fi Networks Be Completely Secure?"

  • news

    Visible to the public "How much does the average employee know about data privacy?"

    The 2018 Eye on Privacy report found that 58 percent of employees had never heard of the PCI Standard. PCI Standards are a global set of payment card industry (PCI) guidelines that govern how credit card information is handled. It was also found that 12 percent of employees were unsure if they should report a cybercriminal stealing sensitive client data while at work. Employees within the Technology sector were least likely to identify and prioritize the most sensitive information. For example, 73 percent of those in the tech sector ranked Social Security numbers as most sensitive, compared to 88 percent of employees in all other industries ranking this type of data as most sensitive. The study also found that employees were more comfortable with a mobile device app tracking their device's location, than with an app accessing contact and browser information, being able to take pictures and video, and posting to social media. Theft of login credentials was considered the most serious threat to sensitive data, with disgruntled employees stealing data and phishing emails coming next. The findings give weight to the vital role employees play in a strong data privacy posture and the continuing need for privacy awareness training in protecting sensitive information.

    HELPNETSECURITY reports: "How much does the average employee know about data privacy?"

  • news

    Visible to the public "Further Details on Wipro Phishing Attack Revealed"

    More details have been shared by Flashpoint researchers, Jason Reaves, Joshua Platt, and Allison Nixon, pertaining to a phishing attack recently faced by the Indian IT consultancy firm, Wipro. Researchers have revealed that the perpetrators behind the launch of this phishing attack were able to access over 100 of Wipro's computers. The goal behind the attack appears to be to access gift card and rewards programs. This article continues to discuss the discoveries made by researchers surrounding the phishing attack experienced by Wipro.

    SC Media reports "Further Details on Wipro Phishing Attack Revealed"

  • news

    Visible to the public  "2 Million IoT Devices Vulnerable to Complete Takeover"

    More than two million Internet of Things (IoT) devices, including IP security cameras, baby monitors, and smart doorbells, have been discovered to be vulnerable to being hijacked by attackers. Through the take over of these devices, attackers would be able to spy on their owners. According to the security engineer, named Paul Marrapese, who discovered the flaws that would allow over two million IoT devices to be hijacked, these vulnerabilities derive from the peer-to-peer (P2P) communication technology used by all of these IoT devices, called iLnkP2P. This article continues to discuss the vulnerabilities, how IoT device users can find out if they are affected by these vulnerabilities, and what they should do if they are impacted, as well as past discoveries of security issues in surveillance cameras.

    Threatpost reports "2 Million IoT Devices Vulnerable to Complete Takeover"

  • news

    Visible to the public "Data Privacy Research Front and Center at Human Computer Interaction Event"

    There are studies that have been conducted by researchers at the University of Michigan that explore best practices for phishing warnings and the flaws associated with breach notifications. Findings of research on data breaches reveal that most data breach notifications are difficult to read and understand based on readability metrics and the language used in these notifications, which may contribute to the lack of action taken by consumers when they have experienced security breaches. In regard to phishing, researchers have found that forcing users to click on phishing warnings is the most effective away of alerting users of potentially suspicious links. This article continues to discuss the studies by the University of Michigan on data breaches and phishing.

    University of Michigan News report "Data Privacy Research Front and Center at Human Computer Interaction Event"

  • news

    Visible to the public "Flaws Left Unpatched, Unstopped Malware Contribute to Growing IoT Attacks"

    According to a recent Internet of Things (IoT) security report completed by F-Secure, many users and companies who use IoT devices, lack good password security or do not use passwords at all to protect the devices. Also many users and companies have unpatched vulnerabilities in software on their IoT devices. Week or no password security and unpatched vulnerabilities in software contributes to about 87 percent of all IoT attacks. It is important for businesses and users of Internet of Things devices to have strong password security, and should keep the software up to date so that the unpatched vulnerabilities on the devices are fixed. This will make Internet of Things devices more secure from attacks.

    ADTMAG reports: "Flaws Left Unpatched, Unstopped Malware Contribute to Growing IoT Attacks"

  • news

    Visible to the public "Researchers Explore Remote Code Injection in macOS"

    Code injection is a method that is frequently used by malware authors to conceal their malicious activities and circumvent security protections implemented on targeted systems. Research surrounding code injection methods usually explore the use of these methods on the Windows operating system. Therefore, a cybersecurity company, named Deep Instinct, decided to conduct code injection research with focus on macOS as this operating continues to grow in popularity. The code injection techniques tested by researchers can circumvent widely-used security tools for macOS. This article continues to discuss the remote code injection methods and custom-built Mach-O loader tested by researchers.

    Dark Reading reports "Researchers Explore Remote Code Injection in macOS"

  • news

    Visible to the public "Over 50% of Firms Have 1,000+ Exposed Files, Ghost Users, Stale Passwords"

    The analysis of data risk assessments carried out by data security company's Varonis' engineers, used 700 companies across 30 industries to perform their study. It was found that more than half of all companies leave over 1,000 sensitive files accessible to every single company employee, causing serious data risk. On average 22 percent of a company's folders were accessible to every employee. It was also found that, 61 percent of the companies had over 500 users with passwords that never expire, and 58 percent of companies contained over 1,000 stale user accounts. It is important for companies to put policies in place, to make sure that sensitive information is not stolen by hackers.

    Computer Business Review reports: "Over 50% of Firms Have 1,000+ Exposed Files, Ghost Users, Stale Passwords"

  • news

    Visible to the public "Chrome on Android: Phishing Attackers Can Now Trick You with Fake Address Bar"

    A new inception attack brings attention to the importance of displaying the URL bar on a mobile device as the possibility of phishing attackers abusing the concealment of the URL bar has been highlighted. According to a developer, named James Fisher, the Google Chrome feature for Android that enables more screen space by hiding information about the URL can be abused by a phishing attacker to trick users into thinking a phishing web page is a legitimate website. This article continues to discuss potentials ways in which this URL bar-concealing feature on Google Chrome for Android could be abused by phishing attackers and other Google features that were discovered to be exploitable by scammers.

    ZDNet reports "Chrome on Android: Phishing Attackers Can Now Trick You with Fake Address Bar"

  • news

    Visible to the public "Researchers Warn of Unpatched Vulnerability in Oracle WebLogic Server"

    Attackers' scans for the presence of a vulnerability in Oracle WebLogic servers have been detected by several security companies. According to researchers, the vulnerability that has not yet been patched is a deserialization bug that can be exploited by attackers to remotely execute code. Serialization refers to the process in which data is converted to a binary format in order for the data to be transmitted over the network safely. The process of deserialization coverts the serialized data back to its original format. This article continues to discuss the discoveries surrounding this vulnerability and the blacklist approach to fixing vulnerabilities.

    CSO Online reports "Researchers Warn of Unpatched Vulnerability in Oracle WebLogic Server

  • news

    Visible to the public "Exposed Database Reveals Details on Over 80 Million Us Households"

    Consumers' privacy has been invaded yet again as discovered by independent researchers led by Noam Rotem. The researchers discovered an unsecured databased stored on the cloud in which the details of more than 80 million U.S. households are exposed. The exposed database includes information such as names, ages, genders, income levels, and marital status. The owner of the database has not been identified by researchers yet. This incident further highlights issues in relation to cloud data storage. This article continues to discuss the unsecured database, the information that has been exposed by this database, the research behind this discovery, and other discoveries pertaining to organizations' unsecured databases.

    CNET reports "Exposed Database Reveals Details on Over 80 Million Us Households"

  • news

    Visible to the public "Attackers breached Docker Hub, grabbed keys and tokens"

    Docker, the company behind a popular virtualization tool, discovered that it had been breached by hackers. On Thursday, April 25th, 2019, the company discovered unauthorized access to a single Hub database storing a subset of non-financial user data. 190,000 accounts may have been exposed due to this breach. Data breached includes usernames, hashed passwords, and Github and Bitbucket tokens for Docker autobuilds. The attackers were most likely after the tokens and access keys, which then will allow them to access companies' critical code repositories and inject malicious code in auto-built containers. This breach in tokens also can affect companies that do not use Docker Hub, but whose developers might have used Docker with GitHub integration.

    HELPNETSECURITY reports: "Attackers breached Docker Hub, grabbed keys and tokens"

  • news

    Visible to the public Pub Crawl #26

  • news

    Visible to the public "NIST Tool Enables More Comprehensive Tests on High-Risk Software"

    The National Institute of Standards and Technology (NIST) has updated a tool to improve the testing of safety-critical programs such as those used in the operation of cars, power plants, and more, to ensure that these programs are really safe. The Combinatorial Coverage Measurement (CCM) tool in the Automated Combinatorial Testing for Software (ACTS) toolkit can be used by software developers to prevent the input of simultaneous code combinations that may inadvertently give rise to dangerous errors. This article continues to discuss NIST's ACTS toolkit and the updated CCM tool.

    NIST reports "NIST Tool Enables More Comprehensive Tests on High-Risk Software"

  • news

    Visible to the public "New Technique Uses Power Anomalies to ID Malware in Embedded Systems"

    Using a new technique developed by researchers from North Carolina State University and the University of Texas at Austin, malware can be detected in embedded systems. Embedded systems in voice-activated virtual assistants, industrial control systems such as those used in power plants, and more, can be targeted by a type of malware that abuses a system's architectural design, called micro-architectural malware, for the purpose of hijacking these systems or stealing sensitive data. This article continues to discuss micro-architectural attacks against embedded systems and the power-monitoring technique developed by researchers to detect such attacks.

    NC State News report "New Technique Uses Power Anomalies to ID Malware in Embedded Systems"

  • news

    Visible to the public "Embracing Creativity to Improve Cyber-Readiness"

    Security teams are encouraged to be more creative in their responses to cyberthreats as cyberattacks continue to grow in complexity and frequency. In addition to focusing on employee access, restriction, and controls, to bolster the security of organizations, security teams should also focus on preemptive threat protection, responding rapidly to attacks, and threat mitigation. This article continues to discuss the need for security teams to embrace creativity in cybersecurity and different ways in which cybersecurity can be creatively approached.

    WeLiveSecurity reports "Embracing Creativity to Improve Cyber-Readiness"

  • news

    Visible to the public "Industrial Control Systems Security: To Test or Not to Test?"

    The increased connectivity of industrial control systems has made such systems more vulnerable to cyberattacks, which could have serious implications in regard to the security and well-being of the communities that rely on them. According to IBM's X-Force Red, which offers penetration testing and vulnerability management programs, the number of vulnerabilities contained by ICS environments has increased by 83 percent from 2011 to 2018. This article continues to discuss the reason behind the increase in ICS vulnerabilities, concerns surrounding the security of ICS environments, and possible solutions to ICS security problems.

    IBM Security Intelligence reports "Industrial Control Systems Security: To Test or Not to Test?"

  • news

    Visible to the public "DNSpionage Actors Adjust Tactics, Debut New Remote Administration Tool"

    Threat actors behind the launch of the DNSpionage DNS hijacking campaign have modified their tactics, techniques, and procedures (TTPs), adding a new reconnaissance stage. They have also introduced a new remote administration tool, called Karkoff. The main targets of this campaign appear to be Lebanon- and United Arab Emirates-affiliated .gov domains. These websites' DNS servers are hijacked to redirect traffic and capture login credentials. This article continues to discuss the targets, alleged perpetrators, and TTPs of the DNSpionage DNS hijacking campaign, as well as the new tool used in this campaign, Karkoff.

    SC Media reports "DNSpionage Actors Adjust Tactics, Debut New Remote Administration Tool"

  • news

    Visible to the public "Researchers Develop AI Tool Better Able to Identify Bad Data"

    The HoloClean tool detects bad data and corrects errors prior to processing the data. The new system also can automatically generate bad examples, without tainting source data. This process allows the system to learn to identify and correct errors on its own. Once HoloClean is trained, it can independently differentiate between errors and correct data, and determine the most likely value for missing data if an error exists.

    University of Waterloo reports: "Researchers Develop AI Tool Better Able to Identify Bad Data"

  • news

    Visible to the public SoS Musings #25 - Cloudy with a Chance of Data Hauls

    SoS Musings #25
    Cloudy with a Chance of Data Hauls

  • news

    Visible to the public "Computer Scientists Design Way to Close 'Backdoors' in AI-Based Security Systems"

    Security researchers at the University of Chicago are developing methods to defend against backdoor attacks in artificial neural network security systems. One technique that will be presented by researchers at the 2019 IEEE Symposium on Security and Privacy in San Francisco involves the scanning of machine learning (ML) systems for signs of a sleeper cell, which is a group of spies or terrorists that secretly remain inactive in a targeted environment until given instructions to act. The use of this technique also allows the owner of the system to trap potential infiltrators. This article continues to discuss the possible hiding of backdoors in AI-based security systems due to the black box nature of AI and the research behind the defense method designed to close backdoors in neural networks.

    TechXplore reports "Computer Scientists Design Way to Close 'Backdoors' in AI-Based Security Systems"

  • news

    Visible to the public "Password '123456' Used by 23.2 Million Users Worldwide"

    According to a report released by the National Cyber Security Centre (NCSC), significantly weak passwords such as "123456" and "ashley" have been used by 23.2 million users. This discovery was made from the examination of global cyber breaches. In addition, the report highlights that only 15% of those who responded to NCSC's first UK Cyber Survey know a great deal about how to protect themselves from harmful cyber activities, most of which are between the ages of 16 and 34. This article continues to discuss key findings of NCSC's UK Cyber Survey in relation to the use of weak passwords and other gaps in online security.

    Infosecurity Magazine reports "Password '123456' Used by 23.2 Million Users Worldwide"

  • news

    Visible to the public "Academics Hide Humans from Surveillance Cameras with 2D Prints"

    Researchers from the Catholic University in Leuven (KU Leuven) have developed a method that could be used to make humans invisible to AI-powered surveillance camera systems. The method involves the printing and strategic placement of 2D images on to shirt, bags, and other objects. Wearing clothing, bags, and other objects with these images would allow a person to become invisible to camera surveillance systems that use machine learning (ML) algorithms to detect humans in live video feeds. This article continues to discuss the research behind this method and other studies in relation to the tricking of image classification and object detection systems.

    ZDNet reports "Academics Hide Humans from Surveillance Cameras with 2D Prints"

  • news

    Visible to the public "Facebook Marketplace Flaw Revealed Seller's Exact Location"

    The JSON JavaScript object notation for advertisements that had been created with the Facebook mobile app were not approximate. The listing included not only the full postcode, but also the latitude and longitude coordinates of the seller. Since being notified about the problem, Facebook has fixed the issue.

    GovInfoSecurity reports: "Facebook Marketplace Flaw Revealed Seller's Exact Location"

  • news

    Visible to the public "There’s a Massive Cybersecurity Job Gap – We Should Fill It by Employing Hackers"

    The growing frequency and sophistication of cyberattacks calls for the increase in cybersecurity professionals. A study conducted by researchers at Bournemouth University suggests the filling of the cybersecurity workforce gap with hackers. Findings of this study highlight that the majority of people in hacking communities attempt to hack systems in order to find and fix flaws before they are exploited by malicious hackers. This article continues to discuss the growth of cybersecurity incidents and the employment of hackers to fill the cybersecurity workforce gap in addition to myths and perceptions associated with hacking.

    The Conversation reports "There's a Massive Cybersecurity Job Gap - We Should Fill It by Employing Hackers"

  • news

    Visible to the public "A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions"

    Security researchers with the firm, Independent Security Evaluators, have discovered the storing of cryptocurrency with easily guessable private keys and the exploitation of these keys by a blockchain bandit to steal the cryptocurrency, Ethereum. According to researchers, the crypto bandit amassed a fortune worth over $50 million through the use of these guessable weak keys. This article continues to discuss the discoveries surrounding the generation of weak private keys and the abuse of these keys by a blockchain bandit to swipe 45,000 Ethereum valued at more than $50 million.

    Wired reports "A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions"

  • news

    Visible to the public "Improving Security as Artificial Intelligence Moves to Smartphones"

    Devices such as smartphones, security cameras, and speakers, will soon rely more on artificial intelligence to increase the speed at which speech and images are processed. A compression technique, called quantization, reduces the size of deep learning models in order to lessen computation and energy costs. However, compressed AI models have been found to be more vulnerable to adversarial attacks that could cause models to misclassify altered images. MIT and IBM researchers have developed a technique to improve the security of compressed AI models against such attacks. This article continues to discuss findings of a new study conducted by MIT and IBM researchers in relation to the vulnerability of compressed deep learning models to adversarial attacks and the technique developed to reduce this vulnerability.

    MIT News report "Improving Security as Artificial Intelligence Moves to Smartphones"

  • news

    Visible to the public Cyber Scene #32 - Globalized Tech: Tightropes Everywhere

    Cyber Scene #32
    Globalized Tech: Tightropes Everywhere

  • news

    Visible to the public "LinkedIn Data Found in Unsecured Databases"

    LinkedIn used eight unsecured databases which held approximately 60 million records of LinkedIn user information. The unsecured data contained: LinkedIn profile information, including IDs, profile URLs, work history, education history, location, listed skills, other social profiles, the last time the profile was updated, and email address when the LinkedIn account was created. LinkedIn investigated the issue and concluded that a third-party company exposed a set of data aggregated from LinkedIn public profiles, as well as other, non-LinkedIn sources. LinkedIn has no indication that there has been a breach. Amazon, who was hosting the databases was notified, and as of April 15, 2019, the databases were secured and were no longer accessible via the internet.

    Infosecurity reports: "LinkedIn Data Found in Unsecured Databases"

  • news

    Visible to the public "6 Takeaways from Ransomware Attacks in Q1"

    Although there has been a decrease in the number of ransomware attacks, the intensity of such attacks have grown in that ransom payments are higher, downtime loss is greater, and the recovery time is longer. According to a new report released by Coverware in which the findings of a study on ransomware attacks in the first quarter of 2019 are presented, victims are being demanded to pay more, ransomware attacks are becoming less automated, manufacturing companies have become a more attractive target for ransomware attacks, downtime caused by ransomware is increasing, and more. In order for organizations to defend against ransomware attacks, multiple layers of security in addition to access restriction and backups must be implemented. This article continues to discuss six trends observed from ransomware attacks launched so far in 2019.

    Dark Reading reports "6 Takeaways from Ransomware Attacks in Q1"

  • news

    Visible to the public "Security Culture Questions to Consider"

    In order for enterprises to more effectively mitigate cybersecurity weaknesses, a security culture must be fostered within the workplace through the use of tools, training, and other technology aids. Enterprise security culture is an essential part of risk management. There are three questions that security and technology leaders should consider in the pursuit towards an enhanced security culture, which touch on how employees value security, why employees should care about security, and leadership. This article continues to discuss the importance of improving enterprise security culture and three questions that security leaders need to consider in the assessment of this culture within their organizations.

    GovTech reports "Security Culture Questions to Consider"

  • news

    Visible to the public "How an Annual ‘Cyber Shield’ Drill Helps the National Guard Secure Elections"

    Cyber Shield is an Army National Guard exercise aimed at testing and enhancing the cyber incident-response capabilities of the Guard. Participants of this year's exercise include National Guard units from 40 states, those working in the private sector, and people from federal agencies such as the Federal Bureau of Investigation (FBI) and National Security Agency (NSA). The ability to detect suspicious activity on a network and lock down unauthorized access to a system is tested in this exercise. This article continues to discuss the growth, participants, and aim of the National Gaurd's Cyber Shield, along with how this exercise helps election security.

    CyberScoop reports "How an Annual 'Cyber Shield' Drill Helps the National Guard Secure Elections"

  • news

    Visible to the public "Microsoft email breach gave hackers access to account information for months"

    Microsoft has been affected by a data breach involving attackers leveraging a customer support account to access customers' email information. Microsoft-managed email services such as @Outlook.com, @MSN.com and @Hotmail.com were affected by the breach. Microsoft notified users that hackers may have been able to access information about their accounts including: their email address, email subject lines, and frequent contacts. Microsoft reports that the contents of any messages or attachments were not able to be seen. This breach has been occurring from January 1 through March 28 of this year, but could have been occurring for six months. Once the breach was discovered, Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access.

    CyberScoop reports: "Microsoft email breach gave hackers access to account information for months"

  • news

    Visible to the public "Cybercriminals Attack Cloud Server Honeypot Within 52 Seconds"

    A report recently released by Sophos, titled "Exposed: Cyberattacks on Cloud Honeypots", highlights the speed at which a cloud server honeypot was attacked by cybercriminals, the average number of attempted attacks on cloud servers per minute, and more. According to the report, cybercriminals attacked one of Sophos' cloud server honeypots within 52 seconds of it going live. This article continues to discuss findings of Sophos' study of 10 cloud server honeypots in relation to the speed and scale of attacks on these honeypots, and the importance of constant visibility of public cloud infrastructure.

    Back End News report "Cybercriminals Attack Cloud Server Honeypot Within 52 Seconds"

  • news

    Visible to the public "DevSecOps: Fast Development Without Sacrificing Safety"

    DevOps is a set of practices that have been increasingly adopted by organizations to increase the speed at which software is developed and delivered. However, organizations are encouraged to adopt DevSecOps in which security is considered at every stage of the software delivery lifecycle. This article continues to discuss the adoption of DevOps by organizations, how organizations can transition from DevOps to DevSecOps, the challenges posed by cloud computing, and the adoption of tools that provide real-time visibility into potential attacks at the application layer.

    Help Net Security "DevSecOps: Fast Development Without Sacrificing Safety"

  • news

    Visible to the public "Cyberspies Hijacked the Internet Domains of Entire Countries"

    A hacker group, called Sea Turtle, has been discovered by researchers at Cisco's Talos security devision to be carrying out an espionage campaign primarily targeting government organizations in the Middle East and North Africa, including intelligence agencies, ministries of foreign affairs, and more, to gain access to sensitive networks. The espionage campaign was launched through the performance of DNS hijacking and impacted 40 different organizations in 13 countries. This article continues to discuss the Sea Turtle espionage campaign in relation to its targets and performance of DNS hijacking, as well as the growing popularity of DNS hijacking among hackers and a possible solution to DNS hijacking.

    Wired reports "Cyberspies Hijacked the Internet Domains of Entire Countries"

  • news

    Visible to the public "Malvertising Campaign Abducts Half a Billion Chrome on iOS Sessions to Push Fake Ads"

    Confidant, an IT security firm, recently published a blog post in which the details of a malvertising campaign, dubbed eGobbler, are presented. According to researchers, eGobbler, abused a vulnerability in Chrome for iOS. Through the exploitation of this vulnerability, hackers were able to push fake advertisements to 500 million user sessions as well as hijack sessions. This article continues to discuss the eGobbler malvertising campaign in relation to its targets, techniques, and discovery by researchers, along with the need to create an industry safeguard against malvertising.

    SC Media reports "Malvertising Campaign Abducts Half a Billion Chrome on iOS Sessions to Push Fake Ads"

  • news

    Visible to the public "Army Researchers Identify New Way to Improve Cybersecurity"

    Cyberattacks pose a significant threat to the security and privacy of individuals, government agencies, and businesses, making cybersecurity one of the biggest concerns of the nation. A new way in which network security can be improved has been identified by researchers at the U.S. Army Combat Capabilities Development Command's Army Research Laboratory and Towson University. Researchers have developed a strategy to compress network traffic without negatively impacting the ability of analysts to discover and investigate malicious activity in a network. This article continues to discuss how this strategy will help improve upon network security, the expected advancement of this technique, and the future of intrusion detection.

    ECN Magazine reports "Army Researchers Identify New Way to Improve Cybersecurity"

  • news

    Visible to the public "Cloud Security Spending Set to Top $12bn by 2023"

    A greater amount of companies are starting to use cloud services. Organizations spent $178 billion on public cloud services last year, and the amount of money spent on public cloud services is expected to grow to $236 billion by 2020. Global spending on cloud security is set to grow nearly 18% to reach $12.7 billion by 2023, with protection for public cloud deployments prioritized over the coming years. Since more and more companies are using cloud services, it is becoming more important to protect mission critical systems and sensitive data on the cloud.

    Infosecurity reports: "Cloud Security Spending Set to Top $12bn by 2023"

  • news

    Visible to the public "Hackers Could Read Your Hotmail, MSN, and Outlook Emails by Abusing Microsoft Support"

    Microsoft has confirmed that some of its email service users were the targets of an attack sometime between January 1st and March 28th. Hackers were able to access the contents of users' email accounts through the abuse of Microsoft's customer support portal. Information such as the subject lines of users' emails, who users have communicated with, and more, were accessed by hackers. This article continues to discuss the details of this incident and how Microsoft responded.

    Motherboard reports "Hackers Could Read Your Hotmail, MSN, and Outlook Emails by Abusing Microsoft Support"

  • news

    Visible to the public "Researchers in Singapore Demonstrate New Quantum Key Distribution Technique over Singtel's Fibre Network"

    A breakthrough in quantum key distribution (QKD) has been made by a team of researchers from the National University of Singapore (NUS) and Singtel, Asia's leading communications group. QKD differs from traditional encryption in that it is uses the laws of physics to protect the transport of keys between communicating parties. The new method demonstrated by researchers to bolster QKD, shows that QKD can be used over commercial fiber networks. This article continues to discuss the concept of QKD, the new technique developed by researchers to advance QKD, and what this advancement in QKD indicates.

    ZDNet reports "Researchers in Singapore Demonstrate New Quantum Key Distribution Technique over Singtel's Fibre Network"

  • news

    Visible to the public "Experts Explore Mystery of Security Metrics"

    The AFCEA Cyber Committee explored the area of security metrics by surveying and interviewing organizations with cybersecurity programs. The results from these surveys and interviews further highlight that measuring the adequacy of cybersecurity protections remains a challenge. Results showed that organizations still struggle to determine metrics for measuring security posture. Organizations also find it difficult to communicate their state of security to boards of directors or senior executives. This article continues to discuss the exploration of security metrics by the AFCEA Cyber Committee and key findings of this examination in relation to the challenges associated with security metrics, the existence of security metrics guidance, and organizations' efforts in security metrics.

    SIGNAL Magazine reports "Experts Explore Mystery of Security Metrics"

  • news

    Visible to the public "New Attacks (and Old Attacks Made New)"

    In todays world new malware and zero-day attacks are reasonably rare and are vastly outnumbered by reconfigured malware and the regular return of old attacks. It is important to be prepared for the new attacks, however it is also very important to not to forget about old attacks, since they happen more regularly.

    DARKReading reports: "New Attacks (and Old Attacks Made New)"

  • news

    Visible to the public "Aftershock-3PC: Polymorphic Malware Attack on 200+ Premium Publishers"

    A new form of malware targeting ad networks, called AfterShock-3PC, is said to have been designed to circumvent signature-based detection in that it continuously alters its identifiable features. According to the Digital Security and Operations (DSO) team at the ad verification firm, The Media Trust, AfterShock-3PC has already attacked more than 200 premium publishers. This article continues to discuss the capabilities, targets, and supposed perpetrators behind AfterShock-3PC, as well as the analysis of this malware and the rise in adaptive attacks.

    The Media Trust reports "Aftershock-3PC: Polymorphic Malware Attack on 200+ Premium Publishers"

  • news

    Visible to the public "TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids"

    Researchers at Pen Test Partners have uncovered vulnerabilities contained by a popular Australian smartwatch for kids, called TicTocTrack. Parents can track the location of their children via the smartwatch. According to researchers, the vulnerabilities discovered in the watch could be exploited by hackers to perform malicious activities such as track the location of children, spoof locations, call children, and more. This article continues to discuss where these security flaws stem from, what their exploitation could allow attackers to do, and the response to the discovery of these vulnerabilities.

    Threatpost reports "TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids"