IBM Built a Copy of the Internet for Mock Cyberattacks

November 18, 2016 by Wayne Wilson 1 Comment

In an effort to better combat cyber attacks IBM built a simulated version of the entire internet in a data center located in Massachusetts coined the “cyber range”. The cyber range is manned by former security experts from federal law enforcement and intelligence agencies. The cyber range is capable of simulating live malware, ransomware and other hacking tools type of cyber attacks. The end goal is to better prepare clients to recover from large scale cyber attacks. According to IBM many IT and security professional who they surveyed do not have an incident response plan in place. No one can stop all cyber attacks but having an incident response plan in place could be the deciding factor in determining if your business succeeds or fail if faced with that situation.

http://www.pcmag.com/news/349629/ibm-built-a-copy-of-the-internet-for-mock-cyberattacks

The Wi-Fi Router That Sniffs Out Cyber Attacks

November 17, 2016 by Wayne Wilson 2 Comments

The Internet of Things is changing how we look at securing our home networks, gone are the days of just installing antivirus software on your pc and feeling secure. We now have to look at all the devices connected to our home network as a possible entry point for a cyber attack. Gryphon’s wireless router aims to fill this void by offering a technology that monitors smart thermostats, webcams, and other internet-connected devices for unusual activity. Similar to how businesses have hardware/software to monitor their networks for traffic. A perfect example of why this type of device is now needed is the DDOS attack a few weeks back that crippled internet activity for the northeast region of the united states before moving west. The DDOS attack took advantage of wireless devices on home networks to launch an attack on popular websites. I see this as a positive step in the IoT age.

http://www.bloomberg.com/news/articles/2016-11-10/the-wi-fi-router-that-sniffs-out-cyber-attacks

This $5 Device Can Take Over a Computer—Even If It’s Locked

November 16, 2016 by Jason A Lindsley 1 Comment

This article explains a pretty nasty device. It can take over your computer using remote code execution even it is locked. The author recommends putting your device to sleep when you walk away from it, but I can imagine that someone could just turn the device back on and plug this thing in.

The other suggestion is to cement the USB port so that it is unusable. I think that is the most secure thing to do, but it’s not always practical and USB ports can serve critical business needs. I think its more strategic to implement end point security that would block malicious devices and alert on abnormal activity.

http://gizmodo.com/this-5-device-can-takeover-a-computer-even-if-its-loc-1789062061

Holiday season cyber crime forecast

November 16, 2016 by Leave a Comment

This article is slightly dated-it’s the forecast for the 2015 holiday season and cyber crimes associated with that time of year. One, I would assume, can be almost certain that the forecast for this season is probably very similar. With Black Friday and Cyber Monday coming up, the holiday shopping season is basically here. The spike in hacking/stealing during November and especially in December is staggering. The greatest threat of all hacks comes from financial hackers which is no surprise given the amount of money that is processed during the holiday season. Second is attacks from a political cyber warrior. I think I’ll be spending a lot more old fashioned cash this holiday season.

http://cytegic.com/tis-the-season-to-be-hacking-forecast-for-cybercrime-activities-during-the-holidays/

“Shoppers Up Their Online Security Game, Survey Says”

November 16, 2016 by Mengqi He 1 Comment

In a recent Computop report, a survey of over 1,900 consumers in the US and UK indicated that 71% of consumers would check that SSL certificates of ecommerce sites they shopped, and 61% would check the liability policies. Respondents were also asked which biometric features they’d use for authentication, and fingerprints was the top choice (35%), but 41% rejected biometric authentication altogether. It was pleased to see that so many consumers are aware of the importance of ecommerce security. However, online sales kept growing because even though consumers knew the security risks of ecommerce, its convenience outweighed its security concerns.

The Black Friday and Cyber Monday are coming soon, and ecommerce companies are preparing for the boosting sales. On the other hand, fraudsters and cyber-gangs are also preparing for attacks targeting on both retailers and shoppers. Retailers should ensure that all site extensions are updated, the proper firewalls are configured on sites. Shopper need to avoid clicking on sketchy advertisements。

Link: http://www.darkreading.com/endpoint/shoppers-up-their-online-security-game-survey-says/d/d-id/1327463

Google Pixel Phone and Microsoft Edge Hacked at PwnFest 2016

November 15, 2016 by Scott Radaszkiewicz 1 Comment

Article Link

Just to prove again that nothing is safe in this world, the Google Pixel Phone and Microsoft Edge were both hacked in less than a minute each in hacking competitions.

Google Pixel was hacked by a team in under a minute. The hack used a zero-day vulnerability to achieve remote code access on the phone. The hack opened a Google Chrome page and displayed “Pwned by 360 Alpha Team”. The hack earned a cash prize of $120,000 for the team.

Microsoft Edge was hacked in just 18 seconds by a team. The team gained SYSTEM-level remote code execution access on the system. Details of the hack were not made public until a fix is released.

In my opinion, it is utterly amazing to see that teams of hackers can crack systems in mere minutes, or even seconds with known hacking techniques. You would think that major vendors like Google and Microsoft would have those avenues all locked up by now, but unfortunately, not.

Just keep in mind, nothing is safe!

Shazam Keeps Ears Open When Microphone Is ‘Off’

November 15, 2016 by Loi Van Tran 3 Comments

This article talks about the application Shazam, which uses the device microphone to listen to a couple seconds of music and determine the title and author of a song. If you’ve used SoundHound before, then it’s very similar. Patrick Wardle, director of research for the security Synack, recently published an application called OverSight. OverSight was used to alert the macIOS user of malicious attempts to access their camera. People that used OverSight, was also alerted that the system was also accessing the microphone while Shazam was off. Although, review of the Shazam code shows that the recording was not transferred, saved, or exfiltrated, it is still a concern that the app is still recording you even though it is suppose to be off. I wonder how many other applications are still running in the background when you supposedly turn it off.

http://www.databreachtoday.com/shazam-keeps-ears-open-when-microphone-off-a-9528

ImageWare Launches Multi-modal Biometric Authentication for Enterprises

November 15, 2016 by Vaibhav Shukla 5 Comments

ImageWare has today launched what it describes as the “first ever multimodal biometric authentication solution for the Microsoft ecosystem Called GoVerifyID Enterprise Suit, the system combines ImageWare’s Biometric Engine and its GoMobile Interactive products to provide true multifactor authentication.

One of GoVerify’s strongest points is the ease and speed with which it can be integrated into any Microsoft installation. It integrates with Active Directory and is essentially a snap-in to the Microsoft Management Console. It is a SaaS cloud service with the biometrics database held in the cloud, and GoMobile operating as the agent on mobile devices

http://www.securityweek.com/imageware-launches-multi-modal-biometric-authentication-enterprises

DoS technique lets a single laptop take down an enterprise firewall

November 14, 2016 by Ahmed A. Alkaysi 1 Comment

A single laptop can take down high-bandwidth enterprise firewall by using an attack known as BlackNurse, which uses ICMP type 3 (destination unreachable) code 3 (port unreachable) packets. It would take between 40k-50k per second of these types of packets to overload the firewall. The bandwidth required to generate this type of attack requires only between 15Mbps and 18Mbps.

The attack causes high CPU loads which causes users from the LAN side to be unable to communicate with the internet. This attack was successfully tested using Cisco ASA firewalls in default settings. Firewalls from Palo Alto Networks, SonicWall, and Zyxel Comm. are also impacted, but only if settings are misconfigured.

In order to mitigate an attack like this would need ICMP Type 3 Code 3 on the WAN interface to be disabled. Enabling ICMP Flood in the firewall’s DoS protection profile can also mitigate this type of attack.

Article: http://www.csoonline.com/article/3141299/security/dos-technique-lets-a-single-laptop-take-down-an-enterprise-firewall.html

Facebook is Buying Up Stolen Passwords

November 13, 2016 by Jimmy C. Jouthe 6 Comments

Facebook is buying passwords from the online black market and comparing them to the passwords of the users. The list of passwords, captured in plaintext, goes through a hash function and compares the hash results to their user’s hashed password. Allegedly Facebook doesn’t store passwords in plaintext, when a user logs on the password entered it compared to the hash stored in the system for that user. Facebook does the same for the passwords it mines from the online black market. If a match is found, Facebook locks the account and hides the account from the public until the user changes his or her password. I’ve seen this before somewhere else, in fact I was alerted to it through CSID, an identity protection company. CSID alerted me that the password for one of my monitored email accounts was found online in black market. I changed that password so fast..

https://nakedsecurity.sophos.com/2016/11/11/facebook-is-buying-up-stolen-passwords-on-the-black-market/