Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
January 3, 2018.
By The CyberWire Staff
Iran continues to crack down on dissent as the government faces street protests and online organizing. Statements by senior officers make it clear that in their view the unrest is driven by foreign enemies whose weapon is information. Telegram and Instagram have received most of the government's attention. As ready access to these platforms is lost, many in the country seem to be turning to Tor. Security experts warn those outside of Iran who may have had actual or apparent contact with Iranian citizens to beware of spearphishing on the part of Iran's government-associated "Infy" threat group.
A major security flaw has been reported in Intel x86-64 processors produced over the past decade. Details remain sketchy as Intel prepares an announcement, but apparently attackers can identify and exploit normally protected kernel memory. All major operating systems are affected. Users of cloud services may also experience issues. Amazon Web Services has told users to expect a "major security update" Friday; observers speculate that Microsoft will address the problem in its January 10 patches. Cloud users should also expect slowdowns in their service.
A researcher known by the handle "Siguza" has published a macOS local privilege escalation vulnerability that could be exploited for root access and code execution. The vulnerability was apparently not disclosed to Apple before publication; there's currently no fix.
Two researchers yesterday disclosed issues with a vulnerable API used for GPS tracking services that can expose location data, audio recordings, image files, and device information. (They're calling it "Trackmageddon.")
Whether you're focused on IT or national security, exploits and data loss incidents put your mission at risk. Your current tools assess and analyze content after it's breached your network - they all work right of boom. It's only a matter of time until boom happens to you. Don't let it. getleftofboom.com
Jazayeri calls for barricade against enemy’s cyber attack(Mehr News Agency) TEHRAN, Jan. 02 (MNA) – Iranian Brigadier General Jazayeri said any inefficiency and weakness in managing cyberspace and protecting it against enemy troops was unforgivable and called for creation of strong fortresses against any possible cyber attack.
Insecurity Not to Be Allowed in Tehran: IRGC Commander(Tasnim News Agency) The deputy commander of IRGC’s Sarallah headquarters, a key base for handling security affairs in Tehran, said the headquarters is not responsible for dealing with the recent unrest in the capital but made assurances that related officials will not allow insecurity to continue.
GPS tracking vulnerabilities leave millions of products at risk(CSO Online) It's an IoT nightmare. One that is entirely preventable. Two researchers have disclosed problems with hundreds of vulnerable GPS services using open APIs and trivial passwords (123456), resulting in a multitude of privacy issues including direct tracking. Further, many of the vulnerable services have open directories exposing logged data.
MacOS LPE Exploit Gives Attackers Root Access(Threatpost) A researcher with the Twitter handle ‘Siguza’ published details of a macOS local privilege escalation vulnerability dating back to 2002 that could give an attacker root access to systems.
macOS Exploit Published on the Last Day of 2017(BleepingComputer) On the last day of 2017, a security researcher going online by the pseudonym of Siguza published details about a macOS vulnerability affecting all Mac operating system versions released since 2002, and possibly earlier.
Apps Disguised as Security Tools Bombard Users With Ads and Track Users' Location(TrendLabs Security Intelligence Blog) In early December, we found a total of 36 apps on Google Play that executed unwanted behavior. These apps posed as useful security tools under the names Security Defender, Security Keeper, Smart Security, Advanced Boost, and more. They also advertised a variety of capabilities: scanning, cleaning junk, saving battery, cooling the CPU, locking apps, as well as message security, WiFi security, and so on. The apps were actually able to perform these simple tasks, but they also secretly harvested user data, tracked user location, and aggressively pushed advertisements.
Top 5 Ways to Hack a Business(BankInfo Security) Simulated attacks by an information security testing firm have found that fresh WannaCry, NotPetya and EternalRocks would still rip through many an enterprise network. Here's how organizations must respond.
Security Patches, Mitigations, and Software Updates
Opera browser updated to stop crypto-currency mining(HOTforSecurity) The last year has seen a rise in the number of websites hogging visitor’s CPU and browser resources by surreptitiously mining for cryptocurrencies while you surf. Sites like Pirate Bay have found themselves in hot water after visitors discovered it had added... #bitcoinmining #cpu #cryptocurrency
10 startups outside Silicon Valley to watch in 2018(VentureBeat) Earlier this week, I wrote that the two questions I get most frequently from people who are interested in learning about Heartland Tech are about what cities they should be watching and what startups should be on their radar. I wrote about cities to watch here, and now I'd like to talk about startups to keep an eye on in 2018.
Law Firm Cybersecurity Assessment and Services(TCDI) Law firms are entrusted with their clients’ most sensitive information and have an ethical obligation to protect it. In today’s digital world, that means ensuring technical and procedural safeguards are in place to prevent data breaches. Failure to do so can result in catastrophic damage to a firm’s reputation and bottom line.
Are you crypto-agile?(CSO Online) A recent spate of successful attacks against our most popular and trusted cryptographic algorithms has me hoping that all companies understand the importance of crypto-agility.
CIO upfront: 3 steps towards a cyber resilient organisation(CIO New Zealand) True cyber resilience means having the insight to anticipate a changing threat landscape, the agility to adapt and respond quickly to a cyberattack, and the resources to support the costs of recovery, writes Ian Raper, regional vice president, ANZ, Palo Alto Networks
The Big Hack Attack(Financial Advisor) Rob is an advisor in Cincinnati at a firm with some half a billion in assets. He’s always thought his cybersecurity was pretty good and figured his firm would be a fairly unappealing target for thieves and hackers.
Trump ready to punish Iran’s elite guard unit(Times) The Trump administration is preparing to impose severe sanctions on Iran’s Revolutionary Guard as a state crackdown on protesters intensifies. The elite militia, responsible for protecting the...
The West must seize this chance to change Iran(Times) When Iranian students took to the streets against president Mahmoud Ahmadinejad almost a decade ago, he called them “khas o khashak” — dust and trash — and sent in security services to crack their...
You realize, of course, this means War(Security Boulevard) Security researchers have long spoken about “the attribution problem” – that is, the difficulty of pinning a specific security event to a specific threat a
What is the GDPR, its requirements and deadlines?(CSO Online) GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that does business in Europe needs to know about GDPR.
Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes(KrebsOnSecurity) The individual who allegedly made a fake emergency call to Kansas police last week that summoned them to shoot and kill an unarmed local man has claimed credit for raising dozens of these dangerous false alarms — calling in bogus hostage situations and bomb threats at roughly 100 schools and at least 10 residences.
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
CYBERTACOS(Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.