Week in review: WPA3, Intel AMT vulnerability, Meltdown and Spectre attack detection
Here’s an overview of some of last week’s most interesting news and articles:
CBP releases new guidelines on phone, laptop searches at US borders
The US Customs and Border Protection agency released an update to its Directive governing Border Searches of Electronic Devices.
What the rise of cyber indictments means for 2018
The growing implementation of indictments throughout 2017 was arguably the most impactful government action to counter cyber attacks, and yet received little attention.
IoT malware targeting zero-day vulnerabilities
Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was open season for malicious actors.
Intel AMT security issue gives attackers complete control over a laptop
F-Secure reports a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than 30 seconds. The issue allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation. It exists within Intel’s Active Management Technology (AMT) and potentially affects millions of laptops globally.
Researchers uncover major security vulnerabilities in ICS mobile applications
IOActive and Embedi researchers found 147 cybersecurity vulnerabilities in 34 mobile applications used in tandem with SCADA systems.
WhatsApp, Signal group chats not as secure as users might believe
Researchers have discovered flaws in the way WhatsApp, Signal, and Threema messaging apps handle secure (encrypted) group communication, which could result in unauthorized users getting added to closed groups and monitoring future conversations within them.
Meltdown and Spectre: To patch or to concentrate on attack detection?
Patching to protect machines against Meltdown and Spectre attacks is going slow, and the provided patches, in some instances, lead to more problems than just slowdowns.
Reacting to a big breach
You can use the latest big breach to re-examine your security posture and honestly ask yourself, could it have happened to us?
RIG EK covertly delivers cryptocurrency miners
In a recently analyzed malvertising campaign, researchers found the RIG exploit kit delivering a rather hefty dropper. This is not unusual, it seems, as they often contain more that one coin miner: usually one for mining Monero, and the other for mining a less popular cryptocurrency.
eBook: Detect and deter data theft by departing employees
Too many organizations choose not to take the threat of data theft by departing employees seriously — until they discover that their data has been sold to competitors or published online, causing financial losses, compliance failures and reputational damage. Read this eBook to learn what methods they use to steal your data and how you can mitigate the risk of employee data theft in your organization.
Infosec expert viewpoint: Connected car security
A recent Irdeto Global Connected Car Survey found that of the consumers who plan on purchasing a vehicle in the future, 53% are likely to research the car’s ability to protect itself from a cyberattack. Here’s what infosec experts think about the security of connected cars, what manufacturers should do about it, and how consumers should protect themselves.
Continuous security: What’s in a name?
Many companies have seen the benefits that automation has brought to product operations, and have asked themselves whether automation can impact security.
Alleged Fruitfly macOS spyware author indicted
The mystery of the Fruitfly macOS malware has apparently been solved: a 28-year-old man from Ohio has been charged on Wednesday of allegedly creating and installing the malware on thousands of computers for more than 13 years!
Spectre updates will slow down Windows servers and PCs running older versions of the OS
While Intel continues to play down the slowing effect the patches for Meltdown and Spectre can have on machines using their CPUs, Microsoft has finally shared some – though still not definite – indicators of the possible outcomes.
Apps most frequently blacklisted by enterprise security teams
Appthority released its Enterprise Mobile Security Pulse Report for Q4 2017, which details the apps most frequently blacklisted by enterprise mobility and security teams.
WPA3 to feature much needed security enhancements
The Wi-Fi Alliance, a non-profit organization that tests and slaps the “Wi-Fi Certified” logo on products that meet certain standards of interoperability, has announced enhancements for WPA2 and the imminent introduction of WPA3.
Strong security simplifies compliance for French operators of vital industry
In 2014, France’s National Agency for the Security of Information Systems, or ANSSI, issued two detailed cybersecurity guidance documents for Industrial Control Systems: Cybersecurity for Industrial Control Systems – Classification Method and Key Measures; and Cybersecurity for Industrial Control Systems – Detailed Measures. This guidance was and is still today seen as the most comprehensive, clear, and sophisticated industrial control system (ICS) security best practice in the world.
Healthcare breaches involving ransomware increase year-over-year
2017 has been a very challenging year for healthcare institutions as these organizations remain under sustained attack by cybercriminals that continue to target their networks.
Hardware wallet security is no match for scammers’ ingenuity
As one user of the popular Ledger wallet discovered, a simple scam can lead to a complete bypass of all security measures put in place by the manufacturer.
How to make public Wi-Fi users mine cryptocurrency for you
Covertly roping unsuspecting users’ machines into mining cryptocurrency is a dream for many aspiring cryptocurrency owners, and some of them set aside ethical considerations and work on making that dream come true.
New infosec products of the week: January 12, 2018
A rundown of infosec products released last week.