|
Healthcare Cybersecurity - Points to Ponder Upon
Even if you believe your organization is doing everything it can to keep your technology private and secure, you should know that it’s still easy to miss or overlook some issues. This is where a fresh perspective from an outside, non-biased entity is beneficial. Having a third party perform a comprehensive audit, test for any weaknesses, review staff training materials, and recommend ways of improving on everything is the best way to make sure you’re always well protected.
https://www.readitquik.com/articles/security-2/healthcare-cyber-security-points-to-ponder-upon/
Why healthcare organisations need a privileged access management system
Outdated and unsupported software, a massive cyber security skills shortage and more exposed networks have left the healthcare system and their ePHI vulnerable to ransomware and internal threats– both malicious and those resulting from human error. All the while, regulations around ePHI, such as HIPAA HITECH and GDPR, continue to increase while non-compliance is bringing stiffer penalties, particularly with regard to privileged access management.
https://www.technative.io/why-healthcare-organisations-need-a-privileged-access-management-system/
Top of Mind 2019 survey underscores challenges and opportunities in digital health
The CCM, which is jointly operated by GE Healthcare, Nokia and UPMC, partnered with The Academy for the Top of Mind 2019 survey. Conducted in three parts, the research started with a survey of health system information officers in May 2018 to determine the top areas of health IT for 2019; 63 chief information officers (CIO), chief medical information officers (CMIO), and chief nursing information officers (CNIO) responded.
https://www.news-medical.net/news/20181120/Top-of-Mind-2019-survey-underscores-challenges-and-opportunities-in-digital-health.aspx
How the Shortage of Cybersecurity Talent is Causing Wreckage to Our Financial Systems
Why the Financial Sector is Prone to Cyberattacks
1. Technology without Security
2. Unsecured Mobile Banking
3. Lack of Security Policies for New Forms of Hacking
4. Lack of Efficient Cybersecurity Personnel
https://blog.eccouncil.org/how-the-shortage-of-cybersecurity-talent-is-causing-wreckage-to-our-financial-systems/
E-commerce site is infected not by one, but two card skimmers
The site belongs to sportswear seller Umbro Brasil, which as of Tuesday morning was infected by two rival skimmer groups. The first gang planted plaintext JavaScript on the site that caused it to send payment card information to the attackers as customers were completing a sale. [...] A second gang exploited either the same or a different website vulnerability as the first. The second group then installed much more advanced JavaScript that was encoded in a way to prevent other programs from seeing what it did.
https://arstechnica.com/information-technology/2018/11/sign-of-the-times-payment-card-skimmers-go-head-to-head-on-e-commerce-site/
DHS Hopes Supply Chain Task Force Will Enhance Federal IT Security
The task force is a public-private partnership designed to examine and develop “consensus recommendations” to identify and manage risk to the global ICT supply chain. Although the task force is not specifically focused on protecting just the hardware and software that government agencies use, a DHS official has said that one of its key goals is to help prevent agencies from buying technologies with security problems.
https://fedtechmagazine.com/article/2018/11/dhs-hopes-supply-chain-task-force-will-enhance-federal-it-security
Chinese spies responsible for surge in cyber hacking
An investigation by The Australian Financial Review and Nine News has confirmed China's Ministry of State Security (MSS), is responsible for what is known in cyber circles as "Operation Cloud Hopper", a wave of attacks detected by Australia and its partners in the Five Eyes intelligence sharing alliance. A senior Australian government source described China's activity as "a constant, significant effort to steal our intellectual property".
https://www.afr.com/news/policy/foreign-affairs/chinese-spies-responsible-for-surge-in-cyber-hacking-20181119-h182j3
China says reports of its wide use of cyberhacking are 'sheer fabrication'
Asked to respond to an investigation by The Australian Financial Review and Nine News that found China had breached an agreement with Australia not to steal each other's commercial secrets, China's Foreign Ministry said on Tuesday that "related reports and accusations are sheer fabrication". [...] "Cyber security is a global issue and cyber hacking is a common challenge faced by every country in the world," a Foreign Ministry spokesman said at a regular press conference when asked to respond to the reports.
https://www.afr.com/news/world/asia/china-says-cyber-hacking-is-a-common-challenge-20181120-h18468
Where Did North Korea’s Cyber Army Come From?
“North Korea was inspired by the Chinese cyberwar units and learned from them,” said NK Intellectuals Solidarity director Heung Kwan Kim, “Recognizing their power, North Korea set up the first unit within the central government in 1993.” While Pyongyang’s Reconnaissance General Bureau is comprised of six divisions and overseas operations in South Korea, the United States, and Japan, it’s another bureau that is responsible for the bulk of North Korea’s cyber warfare.
https://www.voanews.com/a/north-korea-cyber-army/4666459.html
Ukraine detects new Pterodo backdoor malware, warns of Russian cyberattack
According to the CERT-UA bulletin, the new version of Pterodo generates a unique URL for command and control based on the serial number of the hard drive of the infected system. Data about the infected system is uploaded to that URL, allowing the attackers to analyze which tools to remotely install and run. The domains associated with the attack so far include updates-spreadwork.pw, dataoffice.zapto.org, and bitsadmin.ddns.net.
https://arstechnica.com/information-technology/2018/11/ukraine-detects-new-pterado-backdoor-malware-warns-of-russian-cyberattack/
From Tor to Dooble: The browsers that prioritise privacy and security
By their nature, browsers are a very convenient tools for collecting data on user behaviour, habits, and preferences. Naturally, the more widely used the browser is, the more valuable it is for corporations and government organizations as a source of information. But the biggest problem is that we can’t even get a complete idea of how and for what purpose the collected data can be used in the future. We are dealing with a time bomb, and it is rather careless to ignore the fact of its existence.
https://www.ifsecglobal.com/cyber-security/tor-dooble-browsers-prioritise-privacy-security/
These AI-generated fake fingerprints can fool smartphone security
The researchers from New York University detail in a new paper how they used a neural network to create 'DeepMasterPrints', or realistic synthetic fingerprints that have the same ridges visible when rolling an ink-covered fingertip on paper. The attack is designed to exploit systems that match only a portion of the fingerprint, like the readers used to control access to many smartphones. The aim is to generate fingerprint-like images that match multiple identities to spoof one identity in a single attempt.
https://www.zdnet.com/article/these-ai-generated-fake-fingerprints-can-fool-smartphone-security/
Now it’s Office’s turn to have a load of patches pulled
Two of these updates, KB2863821 and KB4461522, both for Office 2010, are apparently very broken, causing application crashes. The company has suspended delivery of the patches, but the problem is so severe that Microsoft is recommending that anyone who has installed the updates already should uninstall them pronto (see instructions for KB2863821 here and for KB4461522 here).
https://arstechnica.com/gadgets/2018/11/now-its-offices-turn-to-have-a-load-of-patches-pulled/
Gmail Glitch Enables Anonymous Messages in Phishing Attacks
To pull off the trick, Cotten said he input the recipient’s email in the “from” header (“name, recipient_email_here”) and paired it with a large and arbitrary tag, like <object>, <script> or <img>. “This is a derivative of the previous bug… that can serve as a phishing vector,” Cotten told Threatpost. “The email sender comes out blank after you put a malformed image data in the front field.” The result was an email lacking a sender. Even when Cotten hit “reply” on the message, no sender’s name popped up on the reply message.
https://threatpost.com/gmail-glitch-enables-anonymous-messages-in-phishing-attacks/139247/
There’s bad news for those who rely upon SMS-based 2FA authentication.
A Berlin-based security researcher Sébastien Kaul has revealed that Voxox exposed a huge database containing tens of millions of text messages by storing it on an unprotected server.
The VOIP and Cloud communication for SMS and voice services provider firm, Voxox, has exposed sensitive data like 2FA codes, plaintext passwords, phone numbers, password reset codes, shipping notification, and verification codes to public access. Kaul was able to identify the unsecure server with the help of the IoT devices search engine Shodan.
https://www.hackread.com/cloud-communication-firm-expose-text-messages-to-public-access/
DirtyCOW is back in backdoor attack targeting Drupal Web Servers
“The attacker downloads three different implementations of DirtyCOW and runs them one after the other,” Avital said. “One of the implementations is downloaded in its raw format (C source code file) and is compiled at runtime.” Once the attacker switches to the root user and gains permission to install new services they install and configure SSH, add their key to the list of authorized keys used by the service and as long as the machine is running, have the ability to remotely transmit any command as the user root.
https://www.scmagazine.com/home/security-news/dirtycow-is-back-in-backdoor-attack-targeting-drupal-web-servers/
Report: Tens of Thousands of E-Commerce Sites at Heightened Security Risk
The heightened risk comes from unpatched vulnerabilities, including 2.3% of all the Magento websites that have not yet patched for Magento Shoplift, a vulnerability that was disclosed (and a patch made available for) in January of 2015. Foregenix delivered the results of their research in October at the Payment Card Industry Security Standards Council European Community Meeting in London.
https://www.darkreading.com/cloud/report-tens-of-thousands-of-e-commerce-sites-at-heightened-security-risk/d/d-id/1333319
The GNU Project Debugger (GDB): Short Tutorial with Examples
GDB, also called The GNU Project Debugger, is a tool to identify problems like segmentation fault in a code. It helps you to determine where the problem lies and what the program is doing at a particular instance. It can be run on the native machine, remote machine or on any simulator.
https://allabouttesting.org/the-gnu-project-debugger-gdb-short-tutorial-with-examples/
Cyber-security firm doxxes hacker who sold MySpace and Dropbox databases in 2016
Recorded Future, a US-based cyber-security firm, claims to have uncovered the real world identity of a notorious hacker who, back in 2016, had been behind the sale and proliferation of a slew of user databases from companies such as MySpace, Badoo, Dropbox, LinkedIn, and Twitter, just to name a few. Researchers found YouTube videos, images uploaded on forums and Imgur, and three Odnoklassniki profiles (Russian social network service for classmates) that provided enough clues to identify Maksim Donakov as the person behind Tessa88.
https://www.zdnet.com/article/cyber-security-firm-doxxes-hacker-who-sold-myspace-and-dropbox-databases-in-2016/
|
