Week in review: USBee, DNSSEC abuse, and IoT security research
Here’s an overview of some of last week’s most interesting news, podcasts and articles:
Linux servers hit with FairWare ransomware – or is it just a scam?
Victims of the attack find their web folder deleted, and in its place a ransom note pointing them to an online paste.
USBee makes USB devices transmit data from air-gapped computers
Unlike COTTONMOUTH, NSA’s USB hardware implant that allows attackers to infiltrate air-gapped systems, load exploit software on and exfiltrate data from them, USBee uses generic, otherwise unmodified USB devices, and equips them with software that intentionally generates controlled electromagnetic emissions from the data bus of a USB connector.
DNSSEC: Don’t throw the baby out with the bath water
A recent report raiseed concerns about the abuse of DNSSEC to conduct DDoS attacks. While this report presents some useful information about the potential for misuse of DNSSEC, it has the side-effect of casting doubt on the overall value of the DNSSEC protocol itself.
How a security researcher is tackling IoT security testing
“A common misconception people in the industry have regarding my work as a security researcher is that I am sharing information that puts businesses at risk. And also, that I spend all day playing,” says Deral Heiland, Research Lead at Rapid7.
CodexGigas: Malware profiling search engine
CodexGigas is a free malware profiling search engine powered by Deloitte Argentina, which allows malware analysts to explore malware internals and perform searches over a large number of file characteristics.
Vulnerabilities found in cars connected to smartphones
Many of today’s automobiles leave the factory with secret passengers: prototype software features that are disabled but that can be unlocked by clever drivers.
What differentiates a great CIO from simply a good one?
In August, Sophos announced the appointment of Tony Young as the company’s new global Chief Information Officer (CIO). He expects his new job at Sophos to present a welcome challenge.
OneLogin breached, customers’ Secure Notes compromised
The attacker has managed to gain access to a company system that allowed him to view some customers’ unencrypted Secure Notes.
It pays to be a penetration tester, the market is booming!
This market is growing rapidly because of the growing security needs of IoT and BYOD trends and increased deployment of web and cloud-based business applications.
Mobile device infections rose 96 percent in the first half of 2016
Devices running Android were the most targeted mobile platform by far, representing 74 percent of all mobile malware infections.
60+ million Dropbox login credentials have been stolen
A breach disclosed by Dropbox in 2012 has resulted in the theft of usernames and hashed and salted passwords of over 60 million users.
Definitive EU net neutrality guidelines released
The Body of European Regulators for Electronic Communications (BEREC) has published the final guidelines aimed at helping EU member states’ National Regulatory Authorities (NRAs) implement EU net neutrality rules.
Risk and the Pareto Principle: Applying the 80/20 rule to your risk management strategy
Research indicates that the majority of risk (about 80 percent) is sourced to a fraction of their vulnerabilities (20 percent or less.) Looking ahead, that means organizations need to prioritize the vulnerabilities that present the most risk.
SimpleRisk: Enterprise risk management simplified
In this podcast recorded at Black Hat USA 2016, Josh Sokol, creator of SimpleRisk, talks about his risk management tool, which he presented at the Black Hat Arsenal.
100 best practices in Big Data security
The Cloud Security Alliance (CSA) released the new handbook from the CSA Big Data Working Group, outlining the 100 best practices in Big Data security. Download it for free.
L0phtCrack 7 audits passwords up to 500 times faster
L0pht Holdings released a completely revamped L0phtCrack 7, which includes a new cracking engine which takes optimal advantage of multi-core CPUs and multi-core GPUs.
Cisco starts publishing fixes for EXTRABACON exploit
Cisco has begun publishing fixes for the SNMP RCE flaw in the software of its Adaptive Security Appliances (ASA), which can be triggered through the EXTRABACON exploit leaked by the Shadow Brokers.
XSS flaw in D-Link NAS devices allows attackers to mess with your data
Due to the nature of the vulnerability, it would be trivial to automate the injection of malicious code into a number of vulnerable devices.
How to choose a perfect data control solution for your enterprise
A good data security solution is one that works as you want it to but it’s also equally important that it’s easy to use by your employees, management, and partners.
Best practices for using military grade security
Governments and militaries around the world have long recognised that their lines of communications were often their weakest links and required some of the strongest protections. Today there needs to be a greater appreciation that other entities are no different, with concerns over hackers, competitors or foreign governments intercepting and reading their organisation’s communications.
How the digital revolution is transforming the US federal government
Leaders of companies and government agencies can often feel overwhelmed by the rate of technology change and experience a “digital culture shock” at the prospect of keeping pace in today’s digital economy. However, agencies using a people first approach can create new customer experiences that drive digital disruption.
Hacker Guccifer sentenced to 52 months in prison
While some of his targets were public figures – including a former US Cabinet member and a former member of the US Joint Chiefs of Staff – other targets were private citizens whom Lazar selected because they appeared in the email contact lists of other victims.
Betabot steals passwords, downloads ransomware
This marks the first time that a weaponized document with password stealing malware has called ransomware as a second stage attack.