Visible to the public US News

Submitted by anthony_stock on Mon, 06/01/2015 - 1:20pm

SoS Newsletter- Advanced Book Block

 

 
SoS Newsletter Logo

US News

 

Android Factory reset fails to wipe sensitive user data, million devices at risk”, Cyber Defense Magazine, 26 May 2015. [Online]. Researchers have determined that in over 500 million Android devices from numerous manufacturers running Android versions from 2.3 to 4.3, the default factory reset fails to completely wipe user data. Sensitive data including but not limited to encryption keys for social media networks, photos and videos, and text messages can all be recovered after a factory reset. (ID#: 15-50235) See http://www.cyberdefensemagazine.com/android-factory-reset-fails-to-wipe-sensitive-user-data-million-devices-at-risk/

 

Researchers in Bluetooth IoT Privacy Warning”, Infosecurity Magazine, 26 May 2015. [Online]. Security experts are expressing concerns over Bluetooth Low Energy (BLE) protocol after an experiment in which researchers were able to intercept BLE data from 149 devices within half an hour in a public location. BLE, which is used for communicating with smart devices like the FitBit, transmits potentially personal data. In addition, the MAC address used by the smart device could be used to track a person for nefarious purposes. (ID#: 15-50236) See http://www.infosecurity-magazine.com/news/researchers-in-bluetooth-iot/

 

A growing threat: Car hacking”, Homeland Security News Wire, 26 May 2015. [Online]. With an increase in the use of computer technology in traditionally non-computerized systems (cars, for example), hacking and the threats that it brings are moving into mediums that most people are not used to associating with cybersecurity. In response to increasing concern over the safety of automatic vehicle systems, Virginia governor Terry McAuliffe has announced measures the combat the threat of automotive hacking. (ID#: 15-50237) See http://www.homelandsecuritynewswire.com/dr20150526-a-growing-threat-car-hacking

 

Tech experts Comment on LogJam Browser Bug”, Information Security Buzz, 26 May 2015. [Online]. Experts comment on the recently discovered LogJam bug, which allows MitM attackers to bypass the TLS protocol and intercept communications, and even alter them. The bug brings to light the issue of internet servers re-using seeds for generating cryptographic keys, namely the Diffie-Hellman key. (ID#: 15-50238) See http://www.informationsecuritybuzz.com/tech-experts-comment-on-logjam-browser-bug/

 

USA Freedom Act Fails in the Senate”, Infosecurity Magazine, 25 May 2015. [Online]. Despite resounding success in the House of Representatives, the USA Freedom Act failed in the Senate with a vote of 57-42 against it. The act would have ended bulk data collection under the controversial Section 215 of the Patriot Act, but national security concerns led to its abandonment. The legislation even received criticism from civil rights groups, who saw the bill as “fake reform”. (ID#: 15-50239) See http://www.infosecurity-magazine.com/news/usa-freedom-act-fails-in-the-senate/

 

Investigation ongoing in reported multimillion member Adult FriendFinder breach”, SC Magazine, 22 May 2015. [Online]. Following reports that personal information of nearly 4 million of its users were for sale on the “dark web”, owners of the dating site Adult FriendFinder announced that they are working with law enforcement and Mandiant to investigate a potential security issue. The stolen data — which includes dates of birth, email addresses, IP addresses, and sexual preferences, among other details —  could easily be used to target victims with blackmail. (ID#: 15-50240) See http://www.scmagazine.com/personal-info-on-39m-adult-friendfinder-members-found-on-dark-web/article/416392/

 

Innovation Wave Prompts Many Companies to Increase IT Spending and Hiring”, Information Security Buzz, 22 May 2015. [Online]. A study released by CompTIA suggests a bright future for job-seekers in IT fields. The study, which was conducted in several countries, indicates that 23 percent of businesses plan to increase IT spending by 10 percent or more, with U.S. companies in particular planning to increase spending by 5.4 percent, on average. The trend indicates a positive attitude towards the importance of technology and cyber solutions. (ID#: 15-50241) See http://www.informationsecuritybuzz.com/innovation-wave-prompts-many-companies-to-increase-it-spending-and-hiring/

 

FTC gives thumbs up to companies that cooperate during breach probes”, SC Magazine, 21 May 2015. [Online]. A blog post on the Federal Trade Commission website explained how cooperating during an FTC data breach investigation can help a company gain a favorable view in the eyes of the FTC. According to the post, the FTC views cooperative actions, such as reporting breaches to law encforcement, as a sign of meaningful effort to “reduce the harm from the breach”. (ID#: 15-50242) See http://www.scmagazine.com/ftc-gives-thumbs-up-to-companies-that-cooperate-during-breach-probes/article/416165/

 

Researchers observe SVG files being used to distribute ransomware”, SC Magazine, 21 May 2015. [Online]. A series of phishing emails have been discovered that are unique in that they use SVG files to carry the payload. When downloaded and executed, these files download what researchers believe to be CryptoWall ransomware. According to security firm AppRiver, small stores, law offices, and schools are among the targets. (ID#: 15-50243) See http://www.scmagazine.com/svg-files-attached-to-phishing-emails-distribute-what-is-apparently-cryptowall-ransomware/article/416143/

 

Unknown Hackers hit systems at Bundestag”, Cyber Defense Magazine, 21 May 2015. [Online]. After IT staff at Bundestag (the German parliament) noticed that hackers were trying to penetrate their internal network, parts of Bundestag’s computer system were shut down as a safety measure. The attacker is suspected to have been seeking data pertaining to the relationship between the NSA and the German Government, though it is not clear as to whether any data was actually compromised. (ID#: 15-50244) See http://www.cyberdefensemagazine.com/unknown-hackers-hit-systems-at-bundestag/

 

Brazil: Ground Zero for a Fresh Malware Approach”, Infosecurity Magazine, 21 May 2015. [Online]. Due to the popularity of online banking in Brazil, banking trojans are become correspondingly common in a unique “homegrown malware phenomenon” in the region. Many of these trojans use CPL files, a type of file that is used to cause automatic execution of code. CPL files, while still relatively uncommon elsewhere, are being used in South America at a rapidly increasing rate. (ID#: 15-50245) See http://www.infosecurity-magazine.com/news/brazil-ground-zero-for-a-fresh/

 

Netgear and ZyXEL confirm NetUSB flaw”, Computerworld, 21 May 2015. [Online]. ZyXEL Communications and Netgear have both confirmed that some of their routers have a buffer overflow vulnerability that could allow hackers to execute code at the highest possible privilege level. The vulnerability is located in NetUSB, a Linux kernel module that allows routers to facilitate USB sharing between different computers over the internet. (ID#: 15-502) See http://www.computerworld.com/article/2925046/network-hardware-solutions/netgear-and-zyxel-confirm-netusb-flaw.html

 

One false tweet sent financial markets into a tailspin”, Homeland Security Newswire, 21 May 2015. [Online]. In 2013, a single tweet from a hacked Twitter account sent financial markets into a serious crisis. Though short-lived, the incident (known as Hack Crash) brought awareness to the drastic effect that hacking and social engineering can have on algorithmic trading, and in turn, worldwide trade. (ID#: 15-50246) See http://www.homelandsecuritynewswire.com/dr20150521-one-false-tweet-sent-financial-markets-into-a-tailspin

 

Coast Guard Health Data Privacy Is Suspect”, GovInfoSecurity, 21 May 2015. [Online]. A report written by assistant inspector general for IT audits Sonda McCauley claims that the United States Coast Guard doesn’t take adequate measures to protect the health information of its personnel and their families. Lack of coordination and meaningful structure are some of the criticisms made against the USCG in the report. (ID#: 15-50247) See http://www.govinfosecurity.com/coast-guard-health-data-privacy-suspect-a-8236

 

Federal prosecutors charge Chinese nationals with trade secret theft”, SC Magazine, 20 May 2015. [Online]. The Department of Justice published a 32-count indictment on Tuesday, charging six Chinese nationals with stealing U.S. trade secrets on behalf of the Chinese government. One of the defendants, Tianjin University professor Hao Zhang, was arrested the previous weekend. Wei Pang, another of the six defendants, worked with Zhang on Film Bulk Acoustic Resonator (FBAR) technology while studying at the University of Southern California. Both men would later work on FBAR for American companies, where they allegedly stole trade secrets. (ID#: 15-50248) See http://www.scmagazine.com/professor-other-chinese-nationals-indicted-on-32-counts/article/415887/

 

CareFirst BlueCross BlueShield Hacked”, Data Breach Today, 20 May 2015. [Online]. CareFirst BlueCross BlueShield joined Anthem Inc. and Premera Blue Cross as yet another recent victim of large-scale data breaches, claiming that an intrusion dating to June of last year may have affected the data of 1.1 million customers. The attack is highly reminiscent of (and possibly related to) other recent healthcare sector attacks, but despite being executed by a “sophisticated threat actor”, database access was “limited”. (ID#: 15-50249) See http://www.databreachtoday.com/carefirst-bluecross-blueshield-hacked-a-8248

 

Federal Reserve Hijacked By Hackers”, Infosecurity Magazine, 20 May 2015. [Online]. The Federal Reserve in St. Louis was the victim of a DNS attack in April when hackers were able to redirect users from legitimate pages to imposter websites in an attempt to steal user credentials. It is likely that in stealing credentials, the attackers were betting that password reuse would allow them to use those credentials to gain access to “more sensitive websites”. (ID#: 15-50250) See http://www.infosecurity-magazine.com/news/federal-reserve-hijacked-by-hackers/

 

Android's default browser is vulnerable to URL spoofing”, Computerworld, 20 May 2015. [Online]. A security flaw in Android’s default web browser that allows URL spoofing was discovered in April; however, the slow nature of Android patch distribution means that many phones are still affected. By displaying a spoofed URL, cyber-criminals can make phishing attacks appear much more legitimate. (ID#: 15-50251) See http://www.computerworld.com/article/2924845/malware-vulnerabilities/androids-default-browser-is-vulnerable-to-url-spoofing.html

 

First software update for Apple Watch includes security fixes”, Computerworld, 20 May 2015. [Online]. The first software update for Apple’s smart watch operating system, Watch OS, includes fixes for over a dozen security flaws, among other upgrades. Many of the patched vulnerabilities were located in the OS kernel, and would have allowed for anything from arbitrary code execution to MitM-style attacks. (ID#: 15-50252) See http://www.computerworld.com/article/2923846/security0/first-software-update-for-apple-watch-includes-security-fixes.html

 

Researchers create app to stop RIG attacks on Android and Android-based IoT devices”, Computerworld, 20 May 2015. [Online]. Security professionals have become increasingly aware of the issue of runtime-information-gathering (RIG) attacks on Android mobile and IoT devices. RIG attacks, which attempt to intercept sensitive data going to or from legitimate apps, pose a very serious threat to consumer data protection. Researchers have created an Android app that monitors suspicious background processes and pauses them when legitimate processes are running. (ID#: 15-50253) See http://www.computerworld.com/article/2924842/cybercrime-hacking/researchers-create-app-to-stop-rig-attacks-on-android-and-android-based-iot-devices.html

 

Comey: Industry letter on encryption is 'depressing' ”, FCW, 20 May 2015. [Online]. Though default encryption could significantly help protect consumer’s data, some skeptics argue that doing so hampers the ability of law enforcement to collect data for criminal investigations. FBI director James Comey criticized the letter written by tech giants to president Obama asking to withhold further regulation of commercial encryption, calling it “depressing”. Comey argues that, despite having some value, excessive encryption can provide a “safe-haven” for criminals. (ID#: 15-50254) See http://fcw.com/articles/2015/05/20/comey-at-georgetown.aspx

 

Venom Less Toxic Than Heartbleed”, TechNewsWorld, 20 May 2015. [Online]. Virtual Machines are an integral part of isolating and protecting sensitive data and computer systems. A new open-source bug known as “Venom”, however, allows attackers to “jump out” of the VM and execute code on the physical machine. Despite the severity of such an attack, Venom is of less concern than the infamous open-source vulnerability Heartbleed, as Venom is easier to fix and harder to exploit. (ID#: 15-50255) See http://www.technewsworld.com/story/82078.html

 

DDoS Attacks More than Double in 12 Months”, Infosecurity Magazine, 19 May 2015. [Online]. A report by Akamai Technologies indicated that DDoS attacks have doubled in number of the past 12 months, with much of the growth being in application-layer and infrastructure-layer attacks. Though there has been a trend towards longer, lower-traffic attacks in the recent past, the increasing capabilities of booster/stresser sites indicated that “mega-attacks” with 100Gbps or more will become more common. (ID#: 15-50256) See http://www.infosecurity-magazine.com/news/ddos-attacks-more-than-double-in/

 

Tech firms, privacy advocates push White House on encryption”, FCW, 19 May 2015. [Online]. Google, Apple, Microsoft, and a variety of civil rights groups and associations have signed a letter sent to President Obama, urging the president to scrap plans to pass legislation that would allow law enforcement to use “backdoors” to encrypted communications. Though some (notably, FBI director James Comey) argue that encryption can hamper criminal justice, many in the industry believe that there is no way to give law enforcement special means to bypass encryption without creating cybersecurity weak points. (ID#: 15-50257) See http://fcw.com/articles/2015/05/19/encryption-letter.aspx

 

Hack of airplane systems described in FBI docs raises security questions”, SC Magazine, 18 May 2015. [Online]. Security researcher and founder of One World Labs Chris Roberts was detained in mid April after bragging on social media about hacking into the plane’s flight control systems via the in-flight entertainment system. Roberts claims to have issued a command that cause to plane to gain altitude, though there is doubt as to whether or not he was actually able to do this. (ID#: 15-50258) See http://www.scmagazine.com/fbi-warrant-indicates-security-researcher-commandeered-plane-briefly/article/415361/

 

Pentagon to invest in Silicon Valley tech startups to help develop advanced cyber solutions”, Homeland Security News Wire, 18 May 2015. [Online]. The Pentagon will be using IN-Q-Tel, a CIA strategic investing firm, to help distribute funds to Silicon Valley tech start-ups. The value of start-ups and the innovation that they bring to the table has been a point of interest in recent years, and the Pentagon hopes that the innovations and inventions that come out of the region can help government meet its cyber goals. (ID#: 15-50259) See http://www.homelandsecuritynewswire.com/dr20150518-pentagon-to-invest-in-silicon-valley-tech-startups-to-help-develop-advanced-cyber-solutions

 

Website observed serving 83 executable files, more than 50 percent malware”, SC Magazine, 15 May 2015. [Online]. Cyphort Labs researchers announced that they observed a somewhat popular video-sharing site distributing 83 Windows executable files, with over half being one of several different flavors of malware. Visitors to the site were redirected to another site that used the remote code execution exploit CVE-2014-6332 to distribute the executables, without any user interaction required. (ID#: 15-50260) See http://www.scmagazine.com/high-def-video-sharing-site-served-up-scores-of-executable-files/article/415043/

 

Spyware Firm Hacked: 400,000 Victims’ Data Stuck on Dark Web”, Infosecurity Magazine, 15 May 2015. [Online]. Hundreds of Gigabytes of sensitive personal data was stolen from Mspy, a shadowy group that makes mobile spyware. Apple IDs and passwords, along with transaction and payment information data, was found for sale on the Dark Web, putting as many as 400,000 victims at risk. (ID#: 15-50261) See http://www.infosecurity-magazine.com/news/spyware-firm-hacked-400000-victims/

 

Some GTA V Modders Hit With Keylogger”, PCMag, 15 May 2015. [Online]. Following the release of the PC edition of the popular video game Grand Theft Auto Five (GTA V), players discovered malware that originated from two different third-party mods. When downloaded from the internet and run, the mods would work as intended, but would also use advanced evasion techniques to install a keylogger on the victim’s machine. The website that hosted the malicious mods says that intends to make the approval process for submitted mods stricter. (ID#: 15-50262) See http://www.pcmag.com/article2/0,2817,2484284,00.asp

 

FireEye, Microsoft Outsmart Clever Chinese Malware”, TechNewsWorld, 15 May 2015. [Online]. FireEye and Microsoft were able to thwart an attempt by a Chinese cybercriminal group known as APT17 to use Microsoft’s professional IT web service, TechNet, as a C&C for their Black Coffee malware. The C&C traffic from the malware would be sent to TechNet, in order to make it appear as if the host machine was not sending anything illegitimate. APT17 members would then use their profiles and forum pages on TechNet to collect the information. (ID#: 15-50263) See http://www.technewsworld.com/story/82060.html

 

Penn State College Of Engineering Network Disabled Following Two 'Incredibly Serious' Cyber Attacks”, Forbes, 15 May 2015. [Online]. Following a tip from the FBI in the November of 2014 that the school had been the victim of a cyber breach, Penn State University launched an investigation and found that it had in fact suffered two very serious cyber attacks, at least one of which originated in China. In response, Penn State took its College of Engineering Network offline and notified students and faculty who had Social Security Numbers and other sensitive information stored on CoE computers. (ID#: 15-50264) See http://www.forbes.com/sites/katevinton/2015/05/15/penn-state-college-of-engineering-network-disabled-following-two-incredibly-serious-cyber-attacks/?s...

 

United Airlines Will Reward Hackers Who Find Security Vulnerabilities”, Security Magazine, 14 May 2015. [Online]. United Airlines is offering free air miles as a reward for finding security flaws in its public-accessible websites and programs. The bug bounty program rewards white hats with 50 thousand air miles  for reporting low-severity threats, and as many as 1 million free miles for severe vulnerabilities. (ID#: 15-50265) See http://www.securitymagazine.com/articles/86362-united-airlines-will-reward-hackers-who-find-security-vulnerabilities

 

Lawmakers, experts wrestle with data protection bill”, FCW, 14 May 2015. [Online]. Lawmakers are struggling to come to find common ground in a debate over a data protection bill and the role that states should play in combating data breaches. Awareness of the severity of data breaches and American’s vulnerability to them has prompted lawmakers to create legislation dictating the way in which businesses must handle breaches, though opponents argue that these measures could hamper pre-existing protective measures. (ID#: 15-50266) See http://fcw.com/articles/2015/05/14/lawmakers-data-bill.aspx

 

Sally Beauty Hit By Data Breach For The Second Time In Just Over A Year”, Forbes, 14 May 2015. [Online]. Retail store Sally Beauty announced that it has reason to believe it has suffered a second data breach, following its first breach early last year. The company launched an investigation, which is still ongoing, after a pattern of fraudulent credit card incidents pointed towards Sally Beauty as a possible source of stolen credit card information. (ID#: 15-50267) See http://www.forbes.com/sites/katevinton/2015/05/14/sally-beauty-hit-by-data-breach-for-the-second-time-in-just-over-a-year/?ss=Security

 

Google Faces More Scrutiny Over Right To Be Forgotten”, Information Week, 14 May 2015. [Online]. A group of eighty internet experts and academics have sent a letter to Google, asking for more transparency in the way that the tech giant handles what information it decides to “delist” from search results. With increased privacy concerns (from Europe, in particular), Google has had to grapple with “the right to be forgotten” and the issue of, as the letter puts it, “striking the balance between individual privacy and freedom of expression interests.” (ID#: 15-50268) See http://www.informationweek.com/it-life/google-faces-more-scrutiny-over-right-to-be-forgotten/d/d-id/1320426?

 

Law enforcement warns of Nepal Earthquake Scams”, Cyber Defense Magazine, 13 May 2015. [Online]. Amongst the recovery from the disastrous earthquakes in Nepal, the FBI issued a warning to potential philanthropists about scams that masquerade as legitimate relief funds for the earthquake victims. These schemes, which can be in the form of emails, door-to-door collections, and other methods, are typical after large disasters. (ID#: 15-50269) See http://www.cyberdefensemagazine.com/law-enforcement-warns-of-nepal-earthquake-scams/

 

Report: Chinese Breach of USIS Started with SAP”, Infosecurity Magazine, 13 May 2015. [Online]. Onapsis Research Labs has concluded that the breach of commercial background investigation provider USIS by Chinese hackers last fall was likely facilitated by a SAP vulnerability. An unpatched SAP vulnerability could have been used to gain access to high security networks from the outside, allowing the hackers to, in this case, steal vast quantities of data from security clearance applicants. (ID#: 15-50270) See http://www.infosecurity-magazine.com/news/report-chinese-breach-of-usis/

 

FBI seeks cyber threat info-sharing platform”, GCN, 13 May 2015. [Online]. The FBI is currently seeking a new Threat Intelligence Platform (TIP) to allow better management, analysis, and sharing of data. The FBI is particularly interested in fostering information sharing with “trusted partners”, a practice which has come to be recognized in recent years as an important part of effective intelligence gathering. The platform is expected to be highly flexible and powerful, automating many processes to increase effectiveness and efficiency. (ID#: 15-50271) See http://gcn.com/articles/2015/05/13/fbi-threat-platform-rfi.aspx?admgarea=TC_SecCybersSec

 

Hiring cybersecurity staff is hard for states”, GCN, 13 May 2015. [Online]. The battle for cybersecurity often manifests itself as a game of cat-and-mouse between hackers and defenders, but in the case of state governments, finding cybersecurity staff to keep up the defense role of the analogous mouse can be difficult. Lack of funding and resources has left many state cybersecurity measures inadequate, and it shows in numerous recent state government-related breaches. (ID#: 15-50272) See http://gcn.com/articles/2015/05/13/state-cyber-hiring-retention.aspx?admgarea=TC_SecCybersSec

 

Starbucks denies reports its mobile app was hacked”, Fortune, 13 May 2015. [Online]. Popular coffee chain Starbucks has denied allegations that its mobile app was hacked, calling such reports “false”. According to some, hackers were able to use stolen credentials that customers had re-used from other accounts in order to obtain Starbucks cards and accounts. (ID#: 15-50273) See http://fortune.com/2015/05/13/starbucks-cybersecurity/

 

Cyber Attacks on News Organizations: ISIS Changes Tactics to Win Mindshare”, Security Magazine, 12 May 2015. [Online]. Numerous attempts by the Islamic State (ISIS) to disrupt and manipulate news media in various western nations demonstrate ISIS’s desire to use social engineering to help their cause. Newsrooms — many of which lack adequate, modern security measures — are a valuable target for criminals, who may seek to hinder distribution of information and ideas, or use a hacked network as a medium by which to spread their own ideas. (ID#: 15-50274) See http://www.securitymagazine.com/articles/86355-cyber-attacks-on-news-organizations-isis-changes-tactics-to-win-mindshare

 

Cybercrime will Cost Businesses $2 Trillion by 2019”, SC Magazine, 12 May 2015. [Online]. A report by Juniper Research estimates that the cybercrime will cost businesses $2.1 trillion by 2019. Several interesting trends are expected to play out over the next few years: a majority of breaches will likely be from already extant infrastructure, despite growth in newer technologies such as the IoT. Additionally, the trend of increasing cybercrime professionalism is expected to continue; as casual hackers dwindle, attacks will become fewer in number, yet more successful on an attack-by-attack basis. (ID#: 15-50275) See http://www.securitymagazine.com/articles/86352-cybercrime-will-cost-businesses-2-trillion-by-2019

 

Russian cybergroup eyes bank attacks”, Computerworld, 12 May 2015. [Online]. Researchers at security firm Root9B have reason to believe that a group of Russian hackers known as “APT28” and “Pawn Storm” are preparing to launch an attack against U.S. banks. APT28, which dates back to the mid 2000’s an is suspected to have ties to the Russian government, has allegedly been writing new malware and registering domain names that are similar to suspected targets. The group usually uses phishing and “drive-by download” tactics to distribute malware. (ID#: 15-50276) See http://www.computerworld.com/article/2921185/cybercrime-hacking/russian-cybergroup-eyes-bank-attacks.html

 

Smart cities: Haven for tech geeks or hacker paradise?”, Extreme Tech, 12 May 2015. [Online]. The movement towards IoT and smart devices, along with the global trend of urbanization, could culminate in the creation of “smart cities”, which would use technology to improve overall quality of life. Utilizing technology like sensor networks and automated infrastructure, while efficient and potentially beneficial to citizens, also brings about concerns over security and privacy. In entrusting technology with keeping citizens safe and happy, the negative impact of security incidents are magnified. (ID#: 15-50277) See http://www.extremetech.com/extreme/205499-smart-cities-haven-for-tech-geeks-or-hacker-paradise

 

CoroNet Launches To Put A Stop To ‘Commjacking’ ”, Forbes, 12 May 2015. [Online]. Hijacking wifi or cellular signals, also known as “commjacking”, is easier than ever thanks to the availability of cheap hardware, along with the fact that attackers don’t need a physical connection to the victim machine or network. By using advanced algorithms and a technique known as “echoing”, security company CoroNet hopes to be able to detect and put a stop to commjacking. (ID#: 15-50278) See http://www.forbes.com/sites/benkepes/2015/05/12/coronet-launches-to-put-a-stop-to-commjacking/?ss=Security

 

Flawed Open Smart Grid Protocol is a risk for Smart Grid”, Cyber Defense Magazine, 11 May 2015. [Online]. Millions of smart grid devices, such as smart meters, rely on the Open Smart Grid Protocol (OSGP) as a standard for secure communications throughout smart grids. Researchers believe, however, that the OSGP has serious security weaknesses; namely, the possible encryption weaknesses that arise from the use of a “homegrown digest function”. (ID#: 15-50279) See http://www.cyberdefensemagazine.com/flawed-open-smart-grid-protocol-is-a-risk-for-smart-grid/

 

GPU malware could also affect Windows PCs, and maybe Macs”, Computerworld, 11 May 2015. [Online]. After recently releasing a proof-of-concept GPU malware for Linux, the same anonymous developers have released a version for Windows and are working on a Mac OS version. The intent is to bring awareness to the issue of GPU malware; many modern security tools aren’t designed to scan the memory built on to graphics processors, but key loggers and trojans on GPUs can be just as dangerous as their normal counterparts. (ID#: 15-50280) See http://www.computerworld.com/article/2920979/malware-vulnerabilities/gpu-malware-could-also-affect-windows-pcs-and-maybe-macs.html

 

2 Men Arrested for Photobucket Hack”, PCMag, 11 May 2015. [Online]. The U.S. Department of Justice has accused two men of various cyber crimes after they were caught selling personal data that had been stolen from users of image hosting site Photobucket. Between 2012 and 2014, the two allegedly used an application that is designed to allow access to Photobucket users’ personal information and image/video content. (ID#: 15-50281) See http://www.pcmag.com/article2/0,2817,2484018,00.asp

 

States, cities vying to become U.S. ‘cyber hub’ ”, Homeland Security News Wire, 08 May 2015. [Online]. With the increasing reliance on technology comes greater need for cybersecurity, which has in turn caused a dramatic increase in the size of the cybersecurity industry. States and cities across the country, eager to bring jobs and revenue into the state, are competing to attract cybersecurity jobs and businesses. (ID#: 15-50282) See http://www.homelandsecuritynewswire.com/dr20150508-states-cities-vying-to-become-u-s-cyber-hub

 

Raimondo orders creation of cybersecurity commission”, WPRI Eyewitness News, 07 May 2015. [Online]. Rhode Island Governor Raimondo ordered the creation of a cybersecurity commission in order to strengthen both the State Government’s cyber infrastructure as well as cybersecurity industry in the state. The commission is expected to assess the current cyber infrastructure and recommend improvements in a report due October 1st; a second report due two months later will focus on how to go about the job of cultivating a stronger cybersecurity workforce. (ID#: 15-50283) See http://wpri.com/2015/05/07/raimondo-orders-creation-of-cybersecurity-commission/

 

5M Google Users Infected With Adware”, PCMag, 07 May 2015. [Online]. Researchers with Google and U.C. Santa Barbara found that between June and October 2014, “…5.5 percent of unique IPs—millions of users—accessing Google sites...included some form of injected ads.” Of the 5.5 percent, 3.9 percent were associated with Superfish, the pre-loaded adware that Lenovo received criticism for earlier this year, with Jollywallet being responsible for the other 2.4 percent. (ID#: 15-50284) See http://www.pcmag.com/article2/0,2817,2483854,00.asp

 

Windows 10: No More Monthly Patches”, GovInfoSecurity, 06 May 2015. [Online]. With the release of the new Windows 10 operating system, Microsoft will be transitioning from periodic software patches and the tradition of “Patch Tuesday”, to a continuous cloud-based patching system. By having devices automatically receive patches the moment that they are made available, Microsoft hopes to mitigate the issue of vulnerability due to user negligence. (ID#: 15-50285) See http://www.govinfosecurity.com/windows-10-no-more-monthly-patches-a-8202

 

New 'Rombertik' malware destroys master boot record if analysis function detected”, SC Magazine, 05 May 2015. [Online]. Researchers at Cisco have discovered a new breed of malware, dubbed “Rombertik”, which goes to unusual extremes to avoid detection. The virus constantly looks over its shoulder to detect if it is being analyzed, and if it finds that it has been discovered, tries to destroy the device’s master boot record (MBR) instead of simply self-destructing. (ID#: 15-50286) See http://www.scmagazine.com/cisco-writes-up-new-malware-campaign/article/413068/

 

Law Enforcement Finding Few Allies On Encryption”, Dark Reading, 05 May 2015. [Online]. With the increasing popularity of cloud storage, providers of cloud storage services have begun to implement "Bring Your Own Key" (BYOK) schemes, which puts encryption in the hands of the owner of the data. This is a roadblock for law enforcement and intelligence agencies, however, as they must now subpoena the data owner directly. In the past, they have been able to get the data directly without needing to inform the cloud customer of the data request. (ID#: 15-50287) See http://www.darkreading.com/cloud/law-enforcement-finding-few-allies-on-encryption/d/d-id/1320115

 

Thousands Linux and FreeBSD servers infected with Mumblehard spamming malware”, Cyber Defense Magazine, 04 May 2015. [Online]. Over the past few months, thousands of Linux and FreeBSD computers have become infected with Mumblehard, an advanced spamming malware that is at least five years old. Russian nesting doll structures, assembly code, and other sophisticated characteristics indicate that Mumblehard was written by highly skilled programmers. (ID#: 15-50288) See http://www.cyberdefensemagazine.com/thousands-linux-and-freebsd-servers-infected-with-mumblehard-spamming-malware/

 

Mozilla to Limit New Firefox Features to Secure Sites”, PCMag, 01 May 2015. [Online]. Mozilla announced that the web browser Firefox will now show preference to sites that allow HTTPS, arguing that “HTTPS is the way forward”. Non-HTTPS websites will, in the future, be given less access to newer browser features. The change will have to happen gradually over time to a certain extent, as the changes are expected to cause some sites to break. (ID#: 15-50289) See http://www.pcmag.com/article2/0,2817,2483549,00.asp

 

Survey finds few agencies are properly protecting their data”, GCN, 29 April 2015. [Online]. The Federal Network Security Survey Report found that many factors, such as limited resources and trading security for performance, have left many agencies with inadequate data protection measures. Though attitudes towards subjects like encryption were generally positive, there is an incongruity between respondent’s security views and the measures that their agencies actually implement. (ID#: 15-50290) See http://gcn.com/blogs/pulse/2015/04/unprotected-data.aspx?admgarea=TC_SecCybersSec

 

Naval Academy wins NSA cyber challenge”, GCN, 23 April 2015. [Online]. Teams from several American and Canadian military academies met to compete in the 15th annual Cyber Defense Exercise, an NSA-sponsored contest in which contestants must design and build a computer network and then defend it against intrusions by the NSA and Canadian Central Security Services. After five days, the Naval Academy came out on top, having been judged on their ability to “effectively maintain network services while detecting, responding to and recovering from network security intrusions or compromises.” (ID#: 15-50291) See http://gcn.com/blogs/pulse/2015/04/cyber-defense-exercise.aspx?admgarea=TC_SecCybersSec

 

Quantum cryptography one step closer as researchers design first all-photonic repeaters”, Homeland Security Newswire, 20 April 2015. [Online]. In anticipation of the rise of quantum computing and cryptography, researchers with the University of Toronto have developed all-photonic quantum repeaters, a technology that allows quantum-encrypted data to be securely and reliably sent over long distances. (ID#: 15-50292) See http://www.homelandsecuritynewswire.com/dr20150420-quantum-cryptography-one-step-closer-as-researchers-design-first-allphotonic-repeaters

 

DoJ Calls On Private Sector to Strengthen Cybersecurity”, TechNewsWorld, 20 March 2015. [Online]. The U.S. Department of Justice has taken notice of the importance of working with the private sector to find solutions to cybercrime issues. At a recent Cybersecurity Industry Roundtable, Assistant Attorney General Leslie Caldwell stated, “We in government know that we cannot go it alone in fighting cybercrime. We need a strong partnership with you in the private sector.” (ID#: 15-50293) See http://www.technewsworld.com/story/82079.html

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.