|
Windows 10 Security Alert: Hidden Backdoor Found By Kaspersky Researchers
The pernicious and technologically advanced piece of APT malware was discovered by researchers at security vendor Kaspersky during a recent analysis of Platinum APT group activity. The Titanium backdoor itself is the final act of a complicated infection sequence. The infection vector is thought use malicious code within local intranet websites, but the actual seven-step sequence itself is the same in every case analyzed by the researchers.
https://www.forbes.com/sites/daveywinder/2019/11/12/windows-10-security-alert-hidden-backdoor-found-by-kaspersky-researchers/
This unusual new ransomware is going after servers
In this case, attacks are being launched against servers, with the aim of holding them hostage and only returning them to operation after a cryptocurrency ransom has been paid. Ransomware attacks against servers often lead to demands for payments of hundreds of thousands of dollars in exchange for decrypting the systems, and can be accompanied by a threat to destroy the data if the ransom isn't paid.
https://www.zdnet.com/article/this-unusual-new-ransomware-is-going-after-servers/
MITRE Establishes Engenuity, a Foundation to Foster Private Sector Collaboration on Critical Infrastructure
MITRE has launched a tech foundation to advance its mission of solving problems for a safer world by working with the private sector to strengthen critical infrastructure. The foundation provides MITRE a new pathway to work with industry, academia, and other organizations beyond its work with the federal government. MITRE Engenuity is a distinct, not-profit company with a separate board of directors and private funding.
https://finance.yahoo.com/news/mitre-establishes-engenuity-foundation-foster-180000098.html
What happens when your healthcare data is stolen or held for ransom? It depends
In the immediate aftermath of an attack, healthcare executives have to determine how state and federal rules apply to the data breach. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides some guidance and each state has its own set of laws. Healthcare leaders also must decide how to announce the fact that an attack has happened as well as decide how much to tell employees and patients. The decision to announce a breach is not as clear cut as it should be.
https://www.techrepublic.com/article/what-happens-when-your-healthcare-data-is-stolen-or-held-for-ransom-it-depends/
How should AI be regulated?
Mehra listed healthcare as one of the many “drastic improvements and advancements” AI will be responsible for in the years ahead, noting that the technology will spark new research and quicker clinical trials. He also added that “the application requirements for AI in healthcare” are far different from the requirements for other industries, a key reason why regulating the application of AI makes so much more sense than just regulating the actual technology.
https://www.aiin.healthcare/topics/policy/government-ai-regulation-policy-healthcare
Labour confident no data breach after cyber attack on party systems
Mr Corbyn said the cyber attacks took place yesterday against the Labour Party platform, adding it was a "very serious cyber attack". He said: "We have a system in place in our office to protect us against these cyber attacks, but it was a very serious attack against us. So far as we're aware none of our information was downloaded and the attack was actually repulsed because we have an effective in-house developed system by people within our party.
https://www.heraldscotland.com/news/18030453.hackers-mount-large-scale-cyber-attack-labour-party-systems/
EU unveils new cooperation projects in training, cyber operations, naval warfare
The aim of another scheme, the Cyber and Information Domain Coordination Center (CIDCC), is to create a “standing multinational military element” where the participating member states “continuously contribute with national staff but decide sovereignly on case-by-case basis,” reads an EU announcement. The Integrated European Joint Training and simulation Centre (EUROSIM) will integrate tactical training and simulation sites in Europe into a “real-time, networked, connected system.”
https://www.defensenews.com/global/europe/2019/11/12/eu-unveils-new-cooperation-projects-in-training-cyber-operations-naval-warfare/
Ahead of the 2020 election, this Israeli start-up is using military-grade tech to fight fake news
In the lead-up to the 2020 presidential election, Cheq is using artificial intelligence to try to identify fake news and make sure brands and agencies don’t place ads on them. The five-year-old start-up made the 2019 CNBC Upstart 100 list announced on Nov. 12. [...] It recently released a study sampling 20,000 domains that are known publishers of disinformation, then sampled the advertising and traffic, and determined those sites were bringing in $235 million a year. The organization seeks to provide advertisers with risk ratings for online news domains.
https://www.cnbc.com/2019/11/12/israeli-start-up-cheq-is-using-military-grade-tech-to-fight-fake-news.html
Can regulations improve cybersecurity? In APAC, opinions vary
Two thirds of respondents think that it is of paramount importance for a country to have a powerful regulatory framework governing cybersecurity. [...] Although the Japanese government is making sure that the country is prepared for potential cyberattacks, including by testing IoT devices and reviewing cybersecurity guidelines, 57% of respondents are skeptical that the revision will bring any improvement.
https://www.welivesecurity.com/2019/11/12/can-regulations-improve-cybersecurity-apac-opinions-vary/
When cyberwar struck its first civilian target
NotPetya was a turning point. It deployed what looked to be ransomware, using a ‘back door’ in a Ukrainian tax-preparation software package. Ransomware encrypts a computer’s files and offers to sell users a decryption key for a ransom, often paid in cryptocurrency such as Bitcoin. Greenberg shows how, while seemingly targeting Ukraine, the malware spread rapidly around the world. And although it seemed to be conventional ransomware, it did not offer a real way to decrypt files.
https://www.nature.com/articles/d41586-019-03457-9
Furious backlash after it emerges that Google has secretly amassed healthcare data on millions of people
Lawyers, medical professionals and tech experts have reacted with a mixture of horror and fury after it emerged that Google has been secretly acquiring sensitive medical data on millions of people without their knowledge or consent. Questions were immediately raised around the ethics of the data-gathering operation - code-named Project Nightingale - as well as the security of patient data after the program was first reported on Monday.
https://www.dailymail.co.uk/news/article-7676093/Furious-backlash-emerges-Google-secretly-amassed-healthcare-data-millions-people.html
Why Virtual Private Networks Aren’t Very Private
Not only are VPNs hampered in cloud settings, but their many drawbacks may now outnumber their benefits. These disadvantages include, but aren’t limited to: complex management; unreliable, sloth-like connections; limited scalability; data and network vulnerabilities; and high, continuously escalating costs. This isn’t just conjecture. Earlier this year, two U.S. Senators labeled VPNs a “national security risk” and alerted the Department of Homeland Security about it.
https://www.cpomagazine.com/cyber-security/why-virtual-private-networks-arent-very-private/
US violated Constitution by searching phones for no good reason, judge rules
"The district court order puts an end to CBP and ICE's asserted authority to search and seize travelers' devices for purposes far afield from the enforcement of immigration and customs laws," the ACLU announcement said. "Border officers must now demonstrate individualized suspicion of contraband before they can search a traveler's device." Because of the ruling, travelers will be able to "cross the international border without fear that the government will, in the absence of any suspicion, ransack the extraordinarily sensitive information we all carry in our electronic devices[.]"
https://arstechnica.com/tech-policy/2019/11/us-cant-search-phones-at-borders-without-reasonable-suspicion-judge-rules/
Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks
The vulnerability (CVE-2019-8144), which carries a severity ranking of 10 out of 10 on the CVSS v.3 scale, could enable an unauthenticated user to insert a malicious payload into a merchant’s site through Page Builder template methods, and execute it. Page Builder allows websites to design content updates, preview them live and schedule them to be published. The bug specifically exists in the preview function.
https://threatpost.com/magento-warns-upgrade-asap/150115/
Ransom payments averaging $41,000 per incident
Researchers at Coveware credited the victims with being better prepared to restore their data on their own negating the need to pay the ransom. However, that was not enough to offset malicious actors using Sodinokibi and Globelmposter variants to go after big-game targets, like managed service providers and large enterprises, that potentially offer massive payouts. And in many cases the payouts were excessive with Coveware noting that daily ransom payment amounts surpassed $100,000 on many occasions during the third quarter.
https://www.scmagazine.com/home/security-news/ransomware/ransom-payments-averaging-41000-per-incident/
Microsoft Patches RCE Bug Actively Under Attack
The vulnerability exists in Internet Explorer and allows an attacker to execute rogue code if a victim is coaxed into visiting a malicious web page, or, if they are tricked into opening a specially crafted Office document. “An attacker who successfully exploits the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker…could take control of an affected system,” Microsoft wrote in its advisory.
https://threatpost.com/microsoft-patches-rce-bug/150136/
Deepfake of Boris Johnson Wants to Warn You About Deepfakes
Digital artist Bill Posters is back, following his deepfakes of Facebook CEO Mark Zuckerberg and celebrities, with a set of face-swapped videos that make Corbyn and Johnson look and sound like they're endorsing each other. [...] The deepfakes of Johnson and Corbyn look pretty realistic, and for an ignorant American who has spent almost no time listening to or watching either of these politicians, they could be them, for all I know. Except that they admit, at the end of each of the videos, to being fakes.
https://www.vice.com/en_us/article/8xwjkp/deepfake-of-boris-johnson-wants-to-warn-you-about-deepfakes
|
