News Items

According to projections made by Markets and Markets, fog computing is predicted to expand at a significant rate during the next five years as a result of the rising demand for IoT device interconnectivity, machine communication, and real-time computing services. Fog computing is an adjunct function to cloud computing that utilizes distributed computer resources in closer distance to local devices, in order to perform processes requiring rapid processing. This article further discusses the differences between fog computing and cloud computing, why companies are increasingly becoming more interested in utilizing fog computing, as well as the benefits this type of computing can bring to IoT applications and cybersecurity.

Information Security Buzz reports "How Fog Computing Will Shape The Future Of IoT Applications And Cybersecurity"

On April 7, a group of hackers by the name of "Turkish Crime Family" claimed to have breached Apple's databases, demanding that Apple pay $75,000 to prevent the leakage of millions of user credentials. Though Apple has stated that their databases have not been breached, this case does bring attention to the issue of potential credential stuffing, in which an attacker enters multiple stolen credentials into a log-in page via automated commercial malware. This article discusses the concept of credential stuffing, impacts of this type of attack, as well as options for companies to prevent such attacks.

The Parallax reports "Apple ransom highlights danger of credential stuffing"

The increasing emergence of big data and IoT is cultivating more ideas for organizations as well as raising concerns about the security of network services and data. ABI Research predicts that security automation could significantly improve security processes and implementations with the use of adaptive artificial intelligence technology. This article discusses current security methods, along with the speculated advantages and challenges of automated security systems.

Security Intelligence reports "Automation Advancement: The Road to Emergent Security AI?"

Ohio Inspector General's Office has released a report on an investigation that reveals the unauthorized access to Marion Correctional Institution's network by two prison inmates, through the use of self-built PCs hidden in the ceiling of a training room. All factors of prison security should be taken into account and enforced, including the security of a connected network. This article discusses how this discovery was made by the IT staff, how prisoners were able to develop this connection, what prisoners did with this connection, as well as the emphasis on proper security management and monitoring in all institutions.

Tripwire reports "Inmates hid self-built PCs in the ceiling and connected them to prison network"

Security researchers, Charlie Miller and Chris Valasek, performed a demonstration two years ago that revealed the potential remote hacking of a vehicle through its internet connection to disable driving functionality. Since then, cybersecurity concerns for the automobile industry have grown tremendously, however security efforts still haven't been enough to rid smart cars from such vulnerabilities. This article discusses the major challenges of securing autonomous cars from hacking, different ways in which hackers can exploit vulnerabilities of autonomous vehicle systems, impacts of these attacks, as well as some fundamental changes that need to be implemented into vehicle security architecture to patch existing security flaws.

WIRED reports "Securing Driverless Cars From Hackers Is Hard. Ask the Ex-Uber Guy Who Protects Them"

As NASA scientists continue to transmit and extract data to and from their Swift and Fermi satellites for further space examination, cybersecurity has become a greater issue. Projects have outlasted the expected life expectancy by over a decade, raising concerns of information security offers about the cybersecurity of such systems in space. Fears arise from projects' aging computer operating systems that may not be able to combat cyberattacks emerging today. This article discusses the concerns as well as the solutions of Jeanette Hanna-Ruiz, the space agency's chief information security officer, in relation to breach of NASA communications, pre-launch testing, and collaboration.

Bloomberg reports "Outer-Space Hacking a Top Concern for NASA's Cybersecurity Chief"

The HoTSoS Best Poster Award at the Hot Topics in Science of Security (HoTSoS) symposium recognizes cybersecurity research with scientific rigor, clarity of presentation, and global impact. It is to encourage scientists across multiple disciplines to address the fundamental problems of security in a principled manner. As a researcher, you and your team are helping to improve both the confidence we gain from scientific results and also the capacity and efficiency through which we address increasingly technical problems.

Federal regulators are alerting healthcare sector entities about how some of the end-to-end security products being utilized in their systems, could be vulnerable to man-in-the-middle attacks. This warning also applies to Secure Hypertext Transport Protocol or HTTPS interception products. Attacks launched through the use of such products can lead to the injection of malicious code, capture of sensitive patient medical information, modification of trusted data, and other malevolent activity. This article discusses the risks and potential impacts of MITM attacks and HTTPS interception products, along with US-CERT recommendations and advice from a security consultant for organizations to prevent these attacks.

Bank Info Security reports "Regulators Warn of Man-in-the-Middle Attack Risks"

Researchers from German firm OpenSource Security have revealed that SCADA has been distributing products with passwords embedded within the firmware which is also unchangeable. Hard-coding passwords into a system poses serious risks for connected industrial computer and networking systems. This article discusses reasons as to why a manufacture would choose to hard-code passwords as well as suggestions for companies to protect themselves from the exploitation of this mistake.

Naked Security reports "Hard-coded passwords put industrial systems at risk"

A new Linux/IoT botnet by the name of "Amnesia" has been discovered to target digital video recorders and other embedded systems manufactured by China-based TVT Digital. This botnet exploits a vulnerability in remote code execution to identify and infiltrate DVRs. This article discusses the discovery of this flaw by security researchers, reactions of the vendor after being notified of this finding, as well as what makes this IoT botnet unique from others that have recently emerged such as Mirai and Remaiten.

SecurityWeek reports "IoT Botnet 'Amnesia' Hijacks DVRs via Unpatched Flaw"

After recent congressional decisions to pull privacy regulations taming ISPs, the use of Tor and other means of hiding user identity on the internet has already increased dramatically. In turn, company security analysts must do additional security management to determine whether such encrypted sessions in access of company services are legitimate or malicious. This article discusses additional actions that must be performed to identify malicious users behind encrypted sessions, predicted impacts of privacy rollback, other heightened concerns of businesses behind this reduction of privacy, and suggestions for dealing with this change in the corporate environment.

CSO Online reports "Privacy rollback can cause headaches for corporate security pros"

A new malware has emerged to target South Korean users as discovered by security experts at CISCO Talos. This malware has been dubbed the "ROKRAT RAT", a stealthy remote access tool that specifically targets Korean users through a popular Korean word processing tool, Hangul Word Processor. This article discusses capabilities of ROKRAT RAT, how it was utilized in a phishing campaign, along with other vulnerabilities associated with HWP that can be exploited to launch this malware

Cyber Defense Magazine reports "South Korean users targeted with a new stealthy malware, the ROKRAT RAT"

Honeywell Process Solutions has announced a new solution to protect computer systems against USB-borne threats through Secure Media Exchange (SMX). This solution has been developed by Honeywell to perform security measures without affecting productivity of operations or industrial personnel. As the USB device is prominent tool for updating and exchanging data between computer systems, especially by employees and contractors, risk of spreading malware is a heightened concern. This article discusses how important USB management is for productivity as well as how SMX software is expected to protect industry and critical infrastructure from USB-born attacks.

Information Security Buzz reports "Honeywell Launches New Industrial Cyber Security Solution To Enable Secure Use Of USB Devices"

Managed services allow all companies of varying sizes to outsource management of some service or function to another firm specializing in managing services. Though these managed services can relieve large financial investments to manage such services in-house, they can also ignite concerns in relation to security and data leaks. This article discusses how IT leaders should evaluate potential managed service providers, security as a managed service, and examples of managed security services.

eSecurity Planet reports "Managed Services: a Security Problem and Solution"

Organizations and industries often invest millions of dollars into security products to enhance the security of information, however the identical configurations of these products should be taken into consideration. This article discusses how artificial intelligence and machine learning can be utilized to uniquely identify unusual patterns in attacks through the ability to learn in the environment, the defense mechanisms of artificial intelligence systems, models, and challenges.

VentureBeat reports "How AI can 'change the locks' in cybersecurity"

Carbon Black shares the results of a study that examines the perceptions of security researchers on the performance and effectiveness of artificial intelligence and machine learning. Most security researchers interviewed during this research claim that non-malware poses more of a threat to business than commodity malware attacks. These attacks are also becoming increasingly more undetectable by traditional anti-virus software and mechanisms. This article discusses the current level of confidence security researchers have in AI and ML to combat cyberattacks as well as the risks associated with utilizing AI-driven security solutions.

SC Media UK reports "Carbon Black warns that artificial intelligence is not a silver bullet"

Data breaches have increasingly become more common over the past few years due to poor security configurations of databases directly linked to the internet. Though any type of database can be susceptible to data breaches if poorly configured, "NoSQL" databases has significantly faced more breaches. This article discusses how NoSQL databases that utilize the MongoDB database program are vulnerable to breaches and attacks, notable incidents involving these types of databases, poor configuration settings, and the struggle to raise awareness of these problems.

WIRED reports "If You Want to Stop Big Data Breaches, Start With Databases"

Cybersecurity experts emphasize that cybersecurity is a continuous journey of study, exploration, and maintenance. There is no single solution to preventing cyberattacks, though security researchers and companies still try to develop the best solutions. Cybersecurity expert, Mikhail Gofman, discusses the development of new tools by companies and the current research being conducted by CSUF faculty and students to prevent cyberattacks. This article discusses new cybersecurity tools, strategies to combat cyberattacks, and CSUF research projects focusing on cyberattack prevention.

CSUF News Center reports "Cybersecurity Expert Studies Novel Tools to Thwart Attacks"

According to a new paper released by researchers at Ben-Gurion University, desktop scanners are susceptible to being infiltrated through different light sources such as lasers and smart bulbs. Researchers performed multiple demonstrations that reveal the possibility of utilizing distant light sources along with drones to transmit messages that would launch malware through the connected scanner. This article discusses other demonstrations performed to reveal this flaw as well as a method to diminish this vulnerability.

Phys.org reports "Desktop scanners can be hijacked to perpetrate cyberattacks"

Further emphasizing the potential security vulnerabilities of IoT devices, a smart dishwasher has been revealed to be connected to an unsecured web server. Despite being notified of this security flaw by a security expert, the manufacture chose to ignore it. This vulnerability can be exploited to launch a traversal attack, which would allow an attacker to access sensitive data and perform additional attacks. This article discusses how security experts discovered this flaw as well as the concerns of security experts behind IoT devices.

International Business Times reports "IoT security woes: This smart dishwasher was found connected to an unsecured web server for months"

NHS is embracing new advances in technology that could help reduce financial burdens brought upon by growing budget deficits. There has been increasing support for wearable technology that would promote patient self-care and monitoring, in turn reducing the average cost per patient. However, the implementation of wearable patient monitoring into the existing healthcare system does come with some concerns for privacy and security of sensitive data. This article discusses the capabilities of wearables and security expectations of companies developing these devices.

ITProPortal reports "Data privacy and security considerations for the future of wearables"

Over the years, government officials have warned of a "Cyber Pearl Harbor" in which a cyberattack inflicts damage on critical infrastructure such as the power grid, nuclear power plant, or reservoir. Cybersecurity experts claim we should not be too concerned about this type of attack happening, however there are other real threats to pay attention to. This article discusses real threats being targeted toward critical infrastructure as well as the motives behind these threats.

Motherboard reports "Don't Worry About 'Cyber Pearl Harbor,' But Hackers Are Already Targeting Our Critical Infrastructure"

As the mobile, cloud, and IoT industries continue to expand in technological innovations and needs become more complex, security information and event management will also need to be restored to fit these changes. The role of SIEM is to log security events in a real-time environment in order to identify unusual data. With the increased complexity of cyberattacks, it is becoming harder SEIM systems to keep up. This article further discusses why SEIM is facing challenges, how new technologies are expected to create new challenges, as well as the predicted future of SIEM.

Dark Reading reports "Future of the SIEM"

An Avast malware researcher has discovered another new ransomware that collects Monero payments and takes the theme of Star Trek. This new ransomware can encrypt 625 different file types. The Star Trek theme is expanded upon as the extension to the encrypted file's name is ".kirk" and the name of the decryptor in connection to the threat has been named "Spock". This article discusses the unusual demand for Monero payments over Bitcoin payments as well as the distribution and execution of this new ransomware.

Cyber Defense Magazine reports "Kirk ransomware - A Star Trek Themed Ransomware that requests Monero payments"