I found interesting the article entitled “Security AI is more than an Algorithm”. The article claims that machine learning techniques can be used to train model, which will be able to identify anomalies and prevent many security issues. And, the article emphasizes that the feature that makes AI strong is not the algorithm, but the volume and quality of data that is feed to model. To apply AI to train model for security purposes, rich data sets can be used to create higher resolution models that can find patterns and real-time correlations to identify anomalies. The AI-based security system will include rules and algorithms to understand context and make meaningful decisions when faced an unseen security situation.
“Plastic surgery images and invoices leak from unsecured database”
Thousands of images, videos and records pertaining to plastic surgery patients were left on an unsecured database where they could be viewed by anyone with the right IP address, researchers said Friday. The data included about 900,000 records, which researchers say could belong to thousands of different patients. The data was generated at clinics around the world using software made by French imaging company NextMotion. Images in the database included before-and-after photos of cosmetic procedures. Those photos often contained nudity, the researchers said. Other records included images of invoices that contained information that would identify a patient. The database is now secured.
The articles talks about the concern of the internet/mobile device controls over car. In the article, Mathew Marulla’s experience is the example how serious of this issue can impact. He found out that he still gained remote access from his used car (Ford) last 4 years ago. That means he can login to his account and track to current owner information such as working place, home address. This issue happened because the car dealer might not reset the information and connection by using “a master reset” function. Therefore, before leasing a used car, it is important to clear all personal data from the vehicle and to make sure that the previous owner cannot again authorization of the car.
This article talks about a data breach that occured in a US education nonprofit organization releasing a lot of sensitive information about their students such as links to passport scans, emails, and other personal information.
Popular vendor of Firewalls and other security products, Imperva announced a breach in its WAF product. Some of the data exposed contained Emails, hashed and salted passwords, SSL certificates.
EXFILTRATING DATA FROM AIR-GAPPED COMPUTERS USING SCREEN BRIGHTNESS
It may sound creepy and undoable, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with the Hacker News revealed. This clever idea rely on exploiting little-noticed emissions of a computer’s components, such as light, sound, radio frequencies, or ultrasonic waves, and even using the current fluctuations in the power lines.
According to the head of the cybersecurity research center at Israel’s Ben Gurion University (Mordechai Guri), this covert channel does not require network security or physically contacting the devices, it is invisible, and works even while the user is working on the computer.
US government goes all in to expose new malware used by North Korean hackers
The US government provided details behind the malware that north Korean hacking groups are using to steal money to found state operations. Its currently estimated that north Korea has stole over 2 billion dollars through cyber crime. This announcement comes in a growing trend of the US government deliberately identifying other governments cyber crime programs. The details of 7 different strains of malware were released and made public so signatures could be distributed to the Antivirus companies.
Personal Data of 144K Canadians Breached by Federal Government
In this article published by the Info-Security Magazine, Sarah Coble reports on some of the more alarming figures to come out of the 800 page long report on the handling and security of sensitive information by federal bodies. Among the more frightening of the numbers in the report come from the Canada Revenue Agency (CRA), who experienced over 3,020 data breaches in the span of the last year, effecting over 60,000 Canadians. All in all, counting the total number of those effected by every breach to varying degrees from every federal organization in the last year, the total number of people who have had their personal information leaked is 144,000.
Connected medical devices, such as radiology equipment, monitors, and anesthesia machines, are more vulnerable to a BlueKeep exploit than other hospital devices, putting patients and hospital staff in more risk of a cyber attack.
Microsoft issued a patch for BlueKeep in May 2019 after learning of the exploit, an RDP vulnerability that impacts Windows 7 and Windows Server 2008 and 2008 R2, however patching hospital devices still remains a challenge due to the need for continuous patient care.
Experts have recommended that these devices be segregated from the rest of the hospital network and closed off from the external internet, since they cannot be patched and are running on obsolete systems.
This weeks in the news is actually very relevant to this weeks lesson plan. A new tactic leveraged by Emotet malware attacks devices through Wi-FI networks.. The malware migrates from device to device on unsecured Wi-Fi networks. The malware is especially scary because of the passive nature of the malware. The infection only needs a wife network and several devices at once could be infected and damaged by the malware.
Security researchers have joined the dots on a long-running Iranian cyber-espionage campaign that targeted unpatched bugs in VPN and RDP to infiltrate target organizations globally.
The rise of malicious software that USES encryption shows the importance of checking network traffic.Encryption makes our information transmission more secure.However, this technique is used to encrypt malware to make defense systems (such as firewalls).It’s hard to identify aggressive software.According to the study, 23 percent of malware communications or stolen information is encrypted. https://www.securityweek.com/rise-malware-using-encryption-shows-importance-network-traffic-inspection
Check the Chrome browser and Remove Any of These 70+ Malware Extensions:
https://lifehacker.com/check-chrome-and-remove-any-of-these-70-malware-extens-1841692874
I found interesting the article entitled “Security AI is more than an Algorithm”. The article claims that machine learning techniques can be used to train model, which will be able to identify anomalies and prevent many security issues. And, the article emphasizes that the feature that makes AI strong is not the algorithm, but the volume and quality of data that is feed to model. To apply AI to train model for security purposes, rich data sets can be used to create higher resolution models that can find patterns and real-time correlations to identify anomalies. The AI-based security system will include rules and algorithms to understand context and make meaningful decisions when faced an unseen security situation.
Here is the article: https://www.infosecurity-magazine.com/opinions/security-ai-is-more-than-an/
“Plastic surgery images and invoices leak from unsecured database”
Thousands of images, videos and records pertaining to plastic surgery patients were left on an unsecured database where they could be viewed by anyone with the right IP address, researchers said Friday. The data included about 900,000 records, which researchers say could belong to thousands of different patients. The data was generated at clinics around the world using software made by French imaging company NextMotion. Images in the database included before-and-after photos of cosmetic procedures. Those photos often contained nudity, the researchers said. Other records included images of invoices that contained information that would identify a patient. The database is now secured.
https://www.cnet.com/news/plastic-surgery-images-and-invoices-leak-from-unsecured-database/
The articles talks about the concern of the internet/mobile device controls over car. In the article, Mathew Marulla’s experience is the example how serious of this issue can impact. He found out that he still gained remote access from his used car (Ford) last 4 years ago. That means he can login to his account and track to current owner information such as working place, home address. This issue happened because the car dealer might not reset the information and connection by using “a master reset” function. Therefore, before leasing a used car, it is important to clear all personal data from the vehicle and to make sure that the previous owner cannot again authorization of the car.
https://krebsonsecurity.com/2020/02/when-your-used-car-is-a-little-too-mobile/
https://www.infosecurity-magazine.com/news/education-nonprofit-leaks-data/
This article talks about a data breach that occured in a US education nonprofit organization releasing a lot of sensitive information about their students such as links to passport scans, emails, and other personal information.
Popular vendor of Firewalls and other security products, Imperva announced a breach in its WAF product. Some of the data exposed contained Emails, hashed and salted passwords, SSL certificates.
https://threatpost.com/imperva-firewall-breach-api-keys-ssl-certificates/147743/
EXFILTRATING DATA FROM AIR-GAPPED COMPUTERS USING SCREEN BRIGHTNESS
It may sound creepy and undoable, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with the Hacker News revealed. This clever idea rely on exploiting little-noticed emissions of a computer’s components, such as light, sound, radio frequencies, or ultrasonic waves, and even using the current fluctuations in the power lines.
According to the head of the cybersecurity research center at Israel’s Ben Gurion University (Mordechai Guri), this covert channel does not require network security or physically contacting the devices, it is invisible, and works even while the user is working on the computer.
https://thehackernews.com/2020/02/hacking-air-gapped-computers.html
US government goes all in to expose new malware used by North Korean hackers
The US government provided details behind the malware that north Korean hacking groups are using to steal money to found state operations. Its currently estimated that north Korea has stole over 2 billion dollars through cyber crime. This announcement comes in a growing trend of the US government deliberately identifying other governments cyber crime programs. The details of 7 different strains of malware were released and made public so signatures could be distributed to the Antivirus companies.
https://arstechnica.com/tech-policy/2020/02/us-government-exposes-malware-used-in-north-korean-sponsored-hacking-ops/
Personal Data of 144K Canadians Breached by Federal Government
In this article published by the Info-Security Magazine, Sarah Coble reports on some of the more alarming figures to come out of the 800 page long report on the handling and security of sensitive information by federal bodies. Among the more frightening of the numbers in the report come from the Canada Revenue Agency (CRA), who experienced over 3,020 data breaches in the span of the last year, effecting over 60,000 Canadians. All in all, counting the total number of those effected by every breach to varying degrees from every federal organization in the last year, the total number of people who have had their personal information leaked is 144,000.
Source: https://www.infosecurity-magazine.com/news/personal-data-of-144k-canadians/
Connected medical devices, such as radiology equipment, monitors, and anesthesia machines, are more vulnerable to a BlueKeep exploit than other hospital devices, putting patients and hospital staff in more risk of a cyber attack.
Microsoft issued a patch for BlueKeep in May 2019 after learning of the exploit, an RDP vulnerability that impacts Windows 7 and Windows Server 2008 and 2008 R2, however patching hospital devices still remains a challenge due to the need for continuous patient care.
Experts have recommended that these devices be segregated from the rest of the hospital network and closed off from the external internet, since they cannot be patched and are running on obsolete systems.
https://www.zdnet.com/article/cybersecurity-warning-almost-half-of-connected-medical-devices-are-vulnerable-to-hackers-exploiting-bluekeep/
This weeks in the news is actually very relevant to this weeks lesson plan. A new tactic leveraged by Emotet malware attacks devices through Wi-FI networks.. The malware migrates from device to device on unsecured Wi-Fi networks. The malware is especially scary because of the passive nature of the malware. The infection only needs a wife network and several devices at once could be infected and damaged by the malware.
https://threatpost.com/emotet-now-hacks-nearby-wi-fi-networks-to-spread-like-a-worm/152725/
Security researchers have joined the dots on a long-running Iranian cyber-espionage campaign that targeted unpatched bugs in VPN and RDP to infiltrate target organizations globally.
Iranian Hackers Backdoored VPNs Via One-Day Bugs.
https://www.infosecurity-magazine.com/news/iranian-hackers-backdoored-vpns/
The rise of malicious software that USES encryption shows the importance of checking network traffic.Encryption makes our information transmission more secure.However, this technique is used to encrypt malware to make defense systems (such as firewalls).It’s hard to identify aggressive software.According to the study, 23 percent of malware communications or stolen information is encrypted.
https://www.securityweek.com/rise-malware-using-encryption-shows-importance-network-traffic-inspection