Sunday, December 04, 2016

Cyber Security News of the Week, December 4, 2016



CYBERSECURITY NEWS

FROM OUR FRIENDS AT CITADEL INFORMATION GROUP


Individuals at Risk

Cyber Privacy

The Surveillance Game: A Website That Gives You Points as It Spies on You: “Oh, you are truly my favorite subject!” exclaimed a soft voice in my ear. “Would you allow me to … see you, please?” My laptop’s webcam asked for permission to activate. Any other time, I’d have denied the request and closed my browser immediately, but I put my thumb over the lens and clicked “Allow.” I needed the points, after all. The Atlantic, November 28, 2016

Cyber Update

Google Fixes 12 High-Severity Flaws In Chrome Browser: Google is urging Windows, Mac and Linux users to update their Chrome browsers to fix multiple vulnerabilities that could allow malicious third parties to take control of targeted systems. ThreatPost, December 2, 2016
Mozilla Patches Firefox Zero Day Used to Unmask Tor Browser Users: As expected, Mozilla released a new version of Firefox on Wednesday to address a zero-day vulnerability that was actively being exploited to de-anonymize Tor Browser users. ThreatPost, December 1, 2016

Cyber Warning

Buffer overflow exploit can bypass Activation Lock on iPads running iOS 10.1.1: Apple’s Activation Lock feature, introduced in iOS 7 in 2013, deters thieves by associating your iPhone and iPad with your Apple ID. Even if a thief steals your device, puts it into Recovery Mode, and completely resets it, the phone or tablet won’t work without the original user’s Apple ID and password. This makes stolen iDevices less valuable since they become more difficult to resell, and it has significantly reduced iPhone theft in major cities. ars technica, December 2, 2016
At least 10 million Android users imperiled by popular AirDroid app: For at least the past six months, a popular remote management app available in the official Google Play Store has opened tens of millions of Android users to code-execution and data-theft attacks when they use unsecured networks, researchers said Thursday. ars technica, December 1, 2016
1 million Google accounts compromised by Android malware called Gooligan: Researchers say they’ve uncovered a family of Android-based malware that has compromised more than 1 million Google accounts, hundreds of them associated with enterprise users. ars technica, November 30, 2016
Security Researchers Claim Ransomware Creeping Into Facebook and LinkedIn: Facebook is disputing recent reports that the file-encrypting ransomware known as Locky spread through its instant messaging platform. BankInfoSecurity, November 29, 2016
Skip the Phish on the Menu: Q. I got an email from Amazon for something I didn’t order. Should I be worried my account has been compromised? So far, nothing has happened. The New York Times, November 29, 2016

Information Security Management in the Organization

Information Security Management & Governance

65% of social engineering attacks compromised employee credentials: In fact, 60 percent of surveyed security leaders say their organizations were or may have been a victim of at least one targeted social engineering attack in the past year, and 65 percent of those who were attacked say that employees’ credentials were compromised as a result of the attacks, according to Agari. In addition, financial accounts were breached in 17 percent of attacks. HelpNetSecurity, December 2, 2016
2016: A reflection of the year in cybercrime: First of all it’s that time of year to reflect and be thankful. I want to thank this publication for this blog, for all of my readers and followers on Twitter and LinkedIn, I’m very thankful for my family, friends and colleagues. I’m also thankful to be a free American in the United States of America. God bless all our veterans, troops including my nephew Trevor who serves in the Navy and all first responders who sacrifice everything for each of us every day. CSO, December 2, 2016

Cyber Awareness

The Human Factor in Information Security – Citadel’s Kim Pease & Michael Kemps: No one can deny that cyberattacks are the new norm. Such risks will increasingly challenge our ability to operate our businesses. In the world of cybercrime, everyone — from individuals to nation-states — is a target. However, some targets are more alluring than others. Legal, accounting and other professional firms are increasingly targeted by cybercriminals and hackers who are intent on accessing the vast stores of data with which they are entrusted. Law Journal, December 2016

Cyber Career

The Cybersecurity Profession Has a Clear Career Path. LOL. Just Kidding: Do you know what your career path as a cybersecurity professional is? Have you ever really thought about that? Most don’t, as was reported in a recent study jointly published by the Enterprise Strategy Group (ESG) and the ISSA (Information Systems Security Association) earlier in November 2016. The study reported that over 65% of the 437 professionals surveyed stated that they do not have a clear career path. ITSP Magazine, November 30, 2016

Cyber Security in Society

Cyber Privacy

EFF & others vow to fight new gov’t authority to hack multiple devices with single search warrant (Rule 41): A new rule goes into effect Thursday that gives law enforcement the ability to hack millions of computers or smartphones at once with a single search warrant. But opponents of the controversial Rule 41 say they are committed to fight the government’s expanded powers. ThreatPost, December 1, 2016

Cyber Attack

Fast-Spreading Mirai Worm Disrupts UK Broadband Providers: Mirai, a fast-spreading worm that knocked 900,000 Deutsche Telekom customers offline earlier this week, has also caused hiccups for broadband customers in the U.K. BankInfoSecurity, December 2, 2016
Saudi Central Bank Systems Said to Be Struck by Iran Malware: State-sponsored hackers who unleashed a digital bomb in key parts of Saudi Arabia’s computer networks over the last two weeks damaged systems at the country’s central bank, known as the Saudi Arabian Monetary Agency, according to two people briefed on an ongoing investigation of the breach. Bloomberg, December 2, 2016
There’s a new DDoS army, and it could soon rival record-setting Mirai: For more than a week, someone has waged massive attacks on a daily basis. ars technica, December 1, 2016
New Mirai Worm Knocks 900K Germans Offline: More than 900,000 customers of German ISP Deutsche Telekom (DT) were knocked offline this week after their Internet routers got infected by a new variant of a computer worm known as Mirai. The malware wriggled inside the routers via a newly discovered vulnerability in a feature that allows ISPs to remotely upgrade the firmware on the devices. But the new Mirai malware turns that feature off once it infests a device, complicating DT’s cleanup and restoration efforts. KrebsOnSecurity, November 30, 2016

Know Your Enemy

San Francisco Rail System Hacker Hacked: The San Francisco Municipal Transportation Agency (SFMTA) was hit with a ransomware attack on Friday, causing fare station terminals to carry the message, “You are Hacked. ALL Data Encrypted.” Turns out, the miscreant behind this extortion attempt got hacked himself this past weekend, revealing details about other victims as well as tantalizing clues about his identity and location. KrebsOnSecurity, November 29, 2016
Two Dyn DDoS Hackers Appear To Have Created a New Massive Internet of Things Botnet: The massive cyberattacks that in the last few weeks have crippled several popular services like Twitter and Spotify, the website of a noted security journalist, and many more, may be about to get worse. Motherboard, November 29, 2016

National Cyber Security

FireEye CEO Kevin Mandia Russian State Hackers Changed The Game: Founder of Mandiant and FireEye CEO says Russia doesn’t appear to want to cover its tracks anymore. DarkReading, December 1, 2016
Center for Cyber & Homeland Security Issues Report on How the Private Sector Can Actively Defend Against Cyber Threats: Earlier this year, the Center for Cyber & Homeland Security at the George Washington University (“Center”) announced a new project on active defense against cyber threats. The Center established a high-level task force to examine these issues.  The task force included prominent cybersecurity and industry experts, including Alston & Bird partner and SecureTheVillage Leadership Council Member Michael Zweiback. … The Task Force successfully released its final report in October. It is available here. Alston & Bird Privacy & Data Security Blog, November 29, 2016
Steptoe Cyberlaw Podcast – Interview with John Markoff: Stewart Baker talks with long-time New York Times reporter, John Markoff, on the past and future of artificial intelligence and its ideological converse – the effort to make machines that augment rather than replace human beings. Our conversation covers everything from robots, autonomous weapons, and Siri to hippie poetry of the 1960s and Silicon Valley’s short memory on use of the term “cyber.” – Steptoe Cyberblog, November 28, 2016
Information security priorities for Trump’s administration: The notion that cybersecurity has major national security implications and impacts all government organizations and all Americans should be emphasized. NetworkWorld, November 28, 2016
U.S. Elections Are a Mess, Even Though There’s No Evidence This One Was Hacked: Was the 2016 presidential election hacked? It’s hard to tell. There were no obvious hacks on Election Day, but new reports have raised the question of whether voting machines were tampered with in three states that Donald Trump won this month: Wisconsin, Michigan and Pennsylvania. SchneierOnSecurity, November 23, 2016

Financial Cyber Security

MasterCard, Visa Push Gas Pump EMV Migration Deadline To 2020: Fuel merchants get three extra years to deploy the secure chip-enabled payment infrastructure in their complex environments. DarkReading, December 2, 2016
ATM Insert Skimmers: A Closer Look: KrebsOnSecurity has featured multiple stories about the threat from ATM fraud devices known as “insert skimmers,” wafer-thin data theft tools made to be completely hidden inside of a cash’s machine’s card acceptance slot. For a closer look at how stealthy insert skimmers can be, it helps to see videos of these things being installed and removed. Here’s a look at promotional sales videos produced by two different ATM insert skimmer peddlers. KrebsOnSecurity, November 27, 2016

Internet of Things

Keeping Your Thermostats & Toasters From Joining The IoT Dark Side: We are now in the wake of two of the biggest and most catastrophic Distributed Denial of Service (DDoS) attacks that we have seen yet. Brian Krebs’ Krebs on Security was subjected to a 620 Gbps DDoS. Days later, a second, and more catastrophic attack was levied against DNS provider, Dyn, resulting in Twitter, Amazon, and other Dyn clients (without redundancy) websites and resources being inaccessible to viewers and consumers on the US East Coast. ITSP Magazine, November 29, 2016

Cyber Sunshine

Police Shut Down Global Cybercriminal Fraud Service, seize 39 servers, arrest 5 : Law enforcement in the U.S., Europe and Asia say they’ve dismantled a resilient network rented by cybercriminals in order to infect tens of millions of computers with code that stole bank account details and spread file-encrypting malware. BankInfoSecurity, December 2, 2016
‘Avalanche’ Global Fraud Ring Dismantled: In what’s being billed as an unprecedented global law enforcement response to cybercrime, federal investigators in the United States, United Kingdom and Europe today say they’ve dismantled a sprawling cybercrime machine known as “Avalanche” — a distributed, cloud-hosting network that for the past seven years has been rented out to fraudsters for use in launching countless malware and phishing attacks. KrebsOnSecurity, December 1, 2016

Jeff Snyder’s, SecurityRecruiter.com, Jeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810

SecurityRecruiter.com's Security Recruiter Blog