Recent cyber threat reports released by McAfee reveal a significant rise in cryptojacking in the first quarter of 2018. Cryptojacking is known as the unauthorized mining of cryptocurrency. This article continues to discuss the increased performance of cryptojacking and other cryptocurrency mining schemes by cyber criminals, along with security incidents publicly disclosed in Q1 2018.
EU member states have declared their support for the development of an international cyber-response force proposed by Lithuania. The countries in support of this initiative include Romania, Croatia, Spain, and more. This article continues to discuss the new cyber-response force in relation to its support, structure, and purpose.
Another major flaw has been discovered to be contained by Intel processors. The critical flaw dubbed TLBleed can be exploited by attackers via the Hyper-Threading technology of Intel CPUs. According to researchers, the exploitation of this flaw can allow attackers to leak cryptographic keys from programs. This article continues to discuss TLBleed and the responses to this new side-channel vulnerability.
EU's General Data Protection Regulation (GDPR) is expected to significantly impact the ways in which security research is conducted. The tools used by researchers to track malicious actors have already been impacted by the new privacy rules. This article further discusses GDPR, concerns surrounding the enforcement of this regulation, and the areas of security research that could be affected by GDPR.
Research conducted by Akamai reveals that sites of organizations within the hospitality and travel industry are being largely targeted by botnet attacks, which attempt to breach accounts. A significant number of these attacks have also been discovered to be launched by hackers in Russia and China. This article continues to discuss the botnet attacks and the targeting of the hospitality and travel industry by such attacks.
Martin Giles of MIT Technology Review revisits the predictions made earlier this year in regards to the biggest cyberthreats that would be faced in 2018 and gives an update on those threats. The predictions surrounding the increase of data breaches, unauthorized cryptocurrency mining, and targeting of cryptocurrency exchanges by hackers have been proven to be correct. This article provides an update on the cyberthreats predicted to be encountered in 2018.
WPA3 has officially been launched by the Wi-Fi Alliance. The latest Wi-Fi security standard provides stronger protections for personal and enterprise networks. WPA3-Personal and WPA3-Enterprise are two modes of operation that will be supported by the WPA3 security standard. This article continues to discuss the capabilities of WPA3 and other initiatives recently introduced by the Wi-Fi Alliance.
Security researchers will demonstrate security vulnerabilities contained by Microsoft's Windows 10 voice assistant, Cortana, that could allow attackers to perform a number of malicious activities such as take over a locked device, view sensitive files, and more. The demonstration furthers the discussion of balancing security and convenience. This article continues to discuss the security flaws in Cortana, how such vulnerabilities emerge, and the main vulnerability that will be demonstrated by researchers in August at Black Hat USA.
Nation-state attacks are expected to rise significantly as a result of increasing geopolitical conflicts. The results of a survey conducted by Tripwire to which 416 security professionals responded, reveal that there is much anticipation for the increased targeting of critical infrastructure by nation-states. This article continues discuss the results of the survey in relation to expectations surrounding nation-state attacks, along with recent threats and insider attacks.
Prioritizing security vulnerabilities would improve upon the process of SecDevOps. The identification of effective vulnerable functionalities contained by open source components is important in the prioritization of security vulnerability remediations. This article continues to discuss the threat posed by known vulnerabilities, the targeting of open source components by cybercriminals, and the prioritization of open source remediations.
North Carolina State University annouces renewed Science of Security Lablet to continue its work in developing the cybersecurity and privacy breakthroughs needed to safe guard cyberspace.
The cybersecurity industry continues to alter its approach to addressing cyber challenges as the cyberattack surface grows. Current cybersecurity trends in relation to cyberattacks, technology, and more, indicate new and ongoing cyber challenges and threats. This article continues to discuss the current trends in cybersecurity.
According to researchers, a bug in Google Home Speakers and Chromecast could allow data to be extracted from these devices, which reveals the physical location of users. Google will be releasing a patch to fix the bug in July. This article continues to discuss the exploitation of this flaw and the potential dangers it might pose to users.
Millions of media streaming devices and smart speakers have been discovered to be vulnerable to DNS rebinding attacks. Gadgets such as Google Home, Chromecast, Sonos Wi-Fi speakers, and more, are vulnerable to such attacks. This article continues to discuss the discovery of DNS rebinding vulnerabilities in media streaming and smart home gadgets, responses to this discovery, and the increase of DNS rebinding vulnerabilities.
A quantum-based method to securely transmit encrypted information along communication lines has been demonstrated by researchers at the University of York. The quantum-based technique could possibly be used to avoid the vulnerabilities of current communication systems. This article continues to discuss the vulnerability of standard communication systems to hacks, current problems associated with quantum mechanics, and the quantum-based procedure demonstrated by researchers that could protect communications from hackers.
According to security researchers at Symantec, a China-based cyber espionage group dubbed Thrip has been targeting satellite operators, telecommunications companies, and defense contractors in the US and Southeast Asia. The group has been utilizing legitimate network administration and open source tools to perform malicious activity. This article continues to discuss Thrip in relation to its discovery, operation, tools, targets, and motives.
The latest Mac OS has been discovered to contain a security flaw that could allow the contents of encrypted files to be exposed. The bug involves Apple's 'Quick Look' feature. This article continues to discuss the security flaw found in the latest Mac OS and a manual fix offered by researchers.
A survey conducted by Hiscox insurance reveals that the majority of small businesses that faced cyberattacks in 2017 did not take action to improve upon their cybersecurity following the impact of such attacks. The types of cyberattacks experienced by small businesses include ransomware, phishing, and more. This article continues to discuss findings of the survey in relation to the cyberattacks faced by small businesses and how prepared these businesses are to handle such attacks, along with cybersecurity recommendations for companies.
Researchers at QuTech in Delft University of Technology have developed a method in which quantum entanglement between two quantum chips can be generated on demand. The advancement further opens up the possibility for the creation of a quantum internet that is invulnerable to eavesdropping. This article continues to discuss the advancements made by researchers in relation to quantum entanglement and the creation of quantum networks.
Leading military colleges and universities, including The Citadel, the University of North Georgia, Norwich University, Texas A&M, Virginia Military Institute, and Virginia Tech, will be developing cyber programs. The aim of these cyber programs is to fill the cyber skills gap and foster strong cybersecurity leadership. This article continues to discuss the establishment of cyber institutes at SMCs.
A new speculative execution side channel vulnerability called LazyFP has been discovered to affect most Intel Core processors. The flaw related to the floating point unit (FPU) could be exploited by attackers to gain unauthorized access to sensitive information. This article continues to discuss the vulnerability in relation to its discovery, process, and impact.
Researchers have further highlighted the vulnerability of connected cars to cyberattacks. The addition of new features and functions to a connected car creates digital security risks and vulnerabilities. This article continues to discuss the cybersecurity of connected cars in regards to challenges and mitigation.
A new type of malware called MysteryBot has been discovered by security researchers at Threat Fabric to be targeting banking applications. According to researchers, MysteryBot launches a banking Trojan, key logger, and ransomware. MysteryBot also appears to be linked to the LokiBot Android banking trojan. This article continues to discuss MysteryBot in relation to its link to another banking trojan, functionalities, and potential impact.
A study conducted by researchers at the University of Alabama at Birmingham suggests that the security vulnerabilities contained by smartphone motion sensors such as accelerometers and gyroscopes could be exploited by cybercriminals to record a user's speech. This article continues to discuss findings of the study and other research in relation to the exploitation of motion sensor data and algorithms.
Casey Kahsen, an IT specialist at DHS, emphasizes the importance of looking at human behavior patterns in order to track advanced hacking groups. Examining the human behavior associated with an APT means observing operational hours or coding style. This article continues to discuss the importance of observing the human behavior element to track advanced hacking groups and the Moscow-backed hacking group that targeted U.S. companies.
The shipping industry has been behind in considering regulations that address cybersecurity. A recent demonstration performed by cybersecurity experts further shows the inadequate cybersecurity of the shipping industry. This article continues to discuss challenges faced in addressing maritime cybersecurity, amendments to the ISM and ISPS to explicitly include cybersecurity, and the slow development of robust maritime cybersecurity regulations.
McAfee's Advanced Threat Research Team explored four types of vectors that could be used by cybercriminals to attack the blockchain. These attack vectors include phishing, malware, blockchain implementation exploits, and blockchain technology vulnerabilities. This article continues to discuss the rising popularity of blockchain technology, security concerns surrounding this technology, and the types of cyberattacks targeting blockchain.
Recent studies highlight poor and careless password practices still being used by employees and the risk posed by such practices to the organizations in which they work. These studies show that basic cyber hygiene practices such as using two-factor authentication, creating unique passwords for different online accounts, and more, are still not being followed by employees. This article continues to discuss findings of recent studies in relation to poor password security practices and corporate cybersecurity.
Political scientists at the University of Connecticut and the University of Pittsburgh conducted a study titled "Rethinking Secrecy in Cyberspace: The Politics of Voluntary Attribution". The study examines how an attacker makes the decision to admit to being behind the launch of a cyberattack. This article continues to discuss the study surrounding the voluntary claiming of credit for cyberattacks.
According to researchers, hackers have been able to circumvent the mechanism used by a number of macOS third-party security tools to check digital signatures for 11 years. Therefore, macOS malware could have easily been presented as apps signed by Apple. This article continues to discuss the technique used by hackers to bypass third-party Mac security tools.
The modernization of information technology systems used by government agencies could improve upon the cybersecurity of such systems and decrease the occurrence of security breaches. However, government leaders must consider certain aspects in the effort to upgrade government technology in order to avoid increasing cybersecurity risks. This article continues to discuss the Modernizing Government Technology Act, the impact of modernization on cybersecurity, and what to consider in the modernization of old government IT systems.
As phishing attacks continue to grow in complexity and sophistication, vigilance alone is no longer sufficient in the protection against such attacks. Researchers at Virginia Tech conducted a study in which they examined the security of email services against spoofing as the impersonation of a trusted entity is important in the execution of phishing attacks. This article continues to discuss phishing attacks and studies conducted by researchers to prevent these attacks.
The results of a survey conducted by Aqua Security at the 2018 RSA Conference reveal that the enterprise adoption of DevSecOps principles has increased significantly in the past year. A majority of IT security professionals who participated in the survey stated that their organizations were devoting resources to the practice of DevSecOps. This article continues to discuss key findings of the survey in relation to the adoption of DevSecOps by organizations.
Researchers at ESET have recently discovered spyware called InvisiMole. According to researchers, InvisiMole is an advanced and highly-targeted cyber-espionage malware tool that has been active since 2013. The spyware allows attackers to perform malicious activities such as record audio, take screenshots, and more, on infected computers. This article continues to discuss InvisiMole in relation to its discovery, delivery, targets, and capabilities.
The manipulation of quantum bits has now been made easier through the use of unique spin-orbit interactions in silicon. According to researchers, this advancement will improve upon the speed at which information is processed via quantum computing, which will lead to better cybersecurity, and more. This article continues to discuss spin-orbit interactions, benefits of the interaction, and the research behind this finding.
Healthcare has become the top target for cyberattacks, therefore the implementation of IT systems in hospitals has increased. However, the increased use of IT security systems has not resulted in fewer breaches faced by hospitals. This article continues to discuss research surrounding the impact of increased IT security at hospitals, data breaches experienced by hospitals, and what needs to accompany the adoption of new IT solutions.
Naval systems used for the position tracking of ships have been discovered to contain vulnerabilities, which could allow hackers to perform malicious activities such as trigger false collision alarms on other ships. Ken Munro of Pen Test Partners has demonstrated the ways in which the ship navigation system called the Electronic Chart Display could be disrupted by hackers. This article continues to discuss the security vulnerabilities of ships, the threat posed by such vulnerabilities, and how these flaws can be fixed.
Researchers at MIT have developed an innovative new transmitter to prevent the compromise of wireless devices such as medical devices, wearables, and more, by hackers. The transmitter applies an ultrafast frequency-hopping method to protect data transmitted between wireless devices from interception and corruption. This article continues to discuss the exponential rise of IoT devices, possible attacks on such devices, and the novel transmitter developed by MIT researchers to protect wireless devices from hackers.
Malware by the name of VPNFilter was previously reported to have infected at least 500,000 SOHO routers manufactured by Linksys, MikroTik, NETGEAR, and TP-Link, as well as NAS devices. Cisco Talos researchers have now discovered that the malware has impacted more brands and models of routers than previously reported. VPNFilter malware has also been discovered to have additional capabilities. This article continues to discuss updated research and findings surrounding VPNFilter in relation to the malware's targets and capabilities.
Cybercrime has been cited as a top concern for police since most crimes now involve a digital element. The significant increase of digital data is raising concerns among police figures as more data further complicates the policing of cybercrime. This article continues to discuss cyber-policing, the increase in digital information, and the importance of national coordination in the assessment of cybercrime.
Presentations and risk assessments conducted by US government researchers reveal that an airline will eventually face a cybersecurity breach. Research surrounding the cyber vulnerabilities contained by a commercial aircraft highlights the lack of cybersecurity protections implemented to prevent the hacking of an airplane. This article continues to discuss research, discoveries, and concerns in relation to aviation cybersecurity.
A FREDI wireless baby camera monitor was hacked in order to spy on a South Carolina mother and her infant. The incident emphasizes the lack of security implemented in the design and development of IoT devices, as well as the absence of security standards for baby monitors. This article continues to discuss the hacking incident and the inadequate security of IoT devices such as baby monitor cameras.
Variants of the infamous Mirai IoT botnet have continued to emerge following the release of the botnet's source code in 2016. Netscout's Arbor Security Engineering and Response Team (ASERT) conducted research on current Mirai variants, including Satori, JenX, OMG, and Wicked, to see how their authors have expanded upon the original Mirai functionality. This article continues to discuss the Mirai IoT botnet and current Mirai variants, along with the IoT ecosphere and how organizations can defend against IoT based malware.
Security researcher Daniel Svartman of Imperva discovered a flaw in the subdomain naming system in Auth0, an identity-as-a-service that provides subdomain names for approximately 2000 customers. The flaw allows an attacker to use the same subdomain name as the legitimate website in a different region, giving way for unsuspecting users to hand over sensitive information. This article further discusses the flaw, how attackers can exploit it, and what Auth0 is doing to mitigate those risks.
DHS has recently warned of the tracking of US phone users by hackers through the abuse of the routing protocol known as Signaling System No. 7 (SS7). The exploitation of SS7 could allow hackers to track the geographical location of a user as well as intercept communications. This article continues to discuss the inadequate security of SS7 and the exploitation the routing protocol.
A new cyber report released by the Department of Commerce and Department of Homeland Security (DHS) emphasizes the importance of implementing stronger security into products during the development stage in order to mitigate the problem of botnets. The report also suggests that the government should provide further support for the research and development of anti-botnet protection products. This article continues to discuss the key highlights of the report in relation to challenges and recommendations surrounding the mitigation of botnets.
Cyber Scene #22
SoS Musings #15