It was my first time attending a networking event, and I found the ISACA networking event to be really interesting. I was glad to meet several senior IT auditors and know their perspective about auditing. I got a chance to understand some everyday audit situations and also critical skills that employers look for in an auditor. I also got a chance to interact with Prof Thu, outside class. Although I did not talk a lot about cyber security topics, I had some interesting general conversations.
Uncategorized
ISACA Event and Interesting Topic of Conversation
So as part of our assignment this week, I chatted with a bunch of people at the ISACA event and one of the conversations I had with an ISACA member was what concerns you about cyber security now or in the future? And the answer I got was about how we might have good encryption standards now but in the future if China or an adversary gets there hands on it, in 5-10 years with Quantum computing they will easily be able to own the data. This turned in to talking about how we need to adopt Quantum computing sooner than later to prevent this threat in the future. In fact I ran into this article that talks about this topic.
https://www.technologyreview.com/s/612509/quantum-computers-encryption-threat/
This article basically talks about how complacency is a mistake and how we need to start working on standards and encryption methods that can’t be cracked by quantum computers. They see the hard part is getting everyone to agree to this standards and the hope is that its going to take a long time for a malicious user to get there hands on quantum computing.
On a side note, the event was very nice, and a great experience to network with others in the field.
Amazon Announcing They will Provide Services On Prem.
So ever since I heard the acronym AWS it’s been known to be associated with cloud services. But looks like Amazon is getting into the on prem business. They say that there are customers that are not ready for the cloud for various reasons including regulatory reasons where they cannot host their data in a public cloud, so they want to bring their services to you! This is going to be interesting because they always pushed cloud services, now they are saying there is a business case for keeping the data on prem. This will be direct competition with other vendors that provide hardware/servers for on prem data centers since they will be deploying amazon built hardware. I wonder if this business is really going to take off or not….
https://www.cnbc.com/2018/11/29/amazon-outpost-brings-cloud-technology-to-traditional-data-centers.html
Dell – Next Up admitting they were hacked!
Dell just announced that they were hacked and unauthorized users might have tried to extract customer information such as names, emails, addresses, and hashed passwords. I’m not surprised that another major company had a breach. But it doesn’t look like they are sharing much more information. They do mention they don’t think the data was exfiltrated and that it probably wasn’t a persistent threat, where they found the incident pretty quickly. Let’s see what comes out of this one…
https://www.zdnet.com/article/dell-announces-security-breach/
Hacker takes over JavaScript library, injects malware to steal Bitcoin
An open-source code stored in a popular JavaScript library was poisoned by its latest administrator with a malicious code allowing an attacker to swipe Bitcoin from Bitpay and Copay wallets.
The attacker injected a malicious code, called Event-Stream, into a NodeJS package that is used by the Copay and BitPay apps enabling an attacker to steal a wallet’s private keys, a fact confirmed by Bitpay. Bitpay warned users to assume their private keys on affected wallets have been compromised, so any funds should be moved to new wallets immediately.
Hacker takes over JavaScript library, injects malware to steal Bitcoin
The Latest in Phishing: October 2018
Here are a few highlights:
- Malicious phishing message volume increased 36% between Q1 and Q2 2018.
- Proofpoint customers, on average, were targeted by 35 business email compromise (BEC) emails in Q2 2018. This represents a 26% increase over Q1, and a startling 87% increase over Q2 2017.
- Ransomware was back on the scene in Q2, but is still lagging from a volume perspective, accounting for just a little more than 11% of total malicious messages during the measurement period.
- Proofpoint researchers also detected a 30% increase in phishing links on social media.
https://www.wombatsecurity.com/blog/the-latest-in-phishing-october-2018
US Postal Service Left 60 Million Users Data Exposed For Over a Year
https://thehackernews.com/2018/11/usps-data-breach.html
US Postal Service Left 60 Million Users Data Exposed For Over a Year
Even our postal service is susceptible to weak APIs…? Yeah even the government has weaknesses. What might make this worse is the cyber security researcher notified USPS of the vulnerability over a year ago and nothing was done. 60 Million USPS users data was exposed for over a year. USPS did finally do something about it and when they went to action it only took them two days. Two. 48 hours before they fixed it required a journalist contacting USPS on behalf of the researcher to initiate a response. OH, and what a silly response it is:
“We currently have no information that this vulnerability was leveraged to exploit customer records.”
“Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law.”
in other words, “we’re good” because we don’t know of any breaches.
NICE!
Phishing Sites using SSL protection to make them look more legit
According to this engadget article, an anti-phishing company called PhishLabs has found that almost 50% of phishing sites are now using SSL encryption on their sites. Although they are now encrypted traffic they are still stealing information from you! Any now that they are using SSL, some browser pop ups won’t alert you as much that there’s something wrong with this site (IE not using SSL). This also will show the padlock in your browser giving the user a false sense of security. They mention in the article, phishing sites using SSL as been trending upwards over the past few years. I can definitely see in the future most if not all phishing sites will do this all the time. It’s a few extra dollars to get SSL certs, but completely worth it to them if they get to steal valid credentials and personally identifiable information.
https://www.engadget.com/2018/11/26/half-of-phishing-sites-now-show-as-secure/
Microsoft wants to continue working with Trump on Cyber Security
What I find very interesting about this article is how cyber security is one of the thing we deal with in our lives that is not pro democrat or pro republican, but is something that either party can make a priority regardless of who’s the president. Now it’s time to work with Trump on initiatives to safe guard our country our citizens and even the rest of the world from bad actors and malicious intent.
https://www.cnbc.com/2018/11/07/microsoft-wants-to-work-with-trump-and-congress-on-cybersecurity.html
Apple’s New MacBook Disconnects Microphone “Physically” When Lid is Closed
Apple introduces a new privacy feature for all new MacBooks that “at some extent” will prevent hackers and malicious applications from eavesdropping on your conversations.
Apple’s custom T2 security chip in the latest MacBooks includes a new hardware feature that physically disconnects the MacBook’s built-in microphone whenever the user closes the lid.
This feature is excellent as it makes impossible for malware to access your built-in microphone when the lid is closed, but honestly, it doesn’t help when you are most vulnerable, i.e. while working.
https://thehackernews.com/2018/10/apple-macbook-microphone.html