Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
January 4, 2018.
By The CyberWire Staff
The vulnerabilities found in processor chips (now generally being called "Meltdown" and "Spectre") enable side channel attacks in affected systems. Yesterday's reports said only Intel chips were affected; some competing manufacturers initially said their processors were unaffected. That optimism seems to have been misguided: most recent processors share the Spectre vulnerabilities. They've been identified in ARM and AMD chips as well.
Meltdown (CVE-2017-5754) permits ordinary applications to evade the security boundaries usually enforced at chip level to access the private contents of kernel memory. This vulnerability appears confined largely to Intel chips. Spectre (CVE-2017-5753 and CVE-2017-5715) is the more widespread and potentially dangerous of the two. It enables an attacker to bypass isolation among different applications. According to Google, which says its Project Zero discovered the flaws last summer, the vulnerabilities are rooted in the way chips are engineered for efficiency to perform speculative execution, which enables the threading that lends processes the smooth speed users expect.
Microsoft has issued an out-of-band patch to mitigate the problem for its products. Other vendors either have or shortly will make mitigations available. These are expected to fix the security issues, but at the expense of performance. Many experts are advising people that their patched devices will run noticeably more slowly. Cloud users should experience similar slowdowns.
Google expels bogus security products from the Play store.
Iran's crackdown on the Internet continues as the regime declares victory in quashing unrest, but few observers take the Islamic Republic's claims of triumph at face value.
Whether you're focused on IT or national security, exploits and data loss incidents put your mission at risk. Your current tools assess and analyze content after it's breached your network - they all work right of boom. It's only a matter of time until boom happens to you. Don't let it. getleftofboom.com
Apps Disguised as Security Tools Bombard Users With Ads and Track Users' Location(TrendLabs Security Intelligence Blog) In early December, we found a total of 36 apps on Google Play that executed unwanted behavior. These apps posed as useful security tools under the names Security Defender, Security Keeper, Smart Security, Advanced Boost, and more. They also advertised a variety of capabilities: scanning, cleaning junk, saving battery, cooling the CPU, locking apps, as well as message security, WiFi security, and so on. The apps were actually able to perform these simple tasks, but they also secretly harvested user data, tracked user location, and aggressively pushed advertisements.
Report: Most agencies vulnerable to phishing(Fifth Domain) Nearly half of agency email domains have adopted policies to collect data on unauthorized emails as mandated by an Oct. 16, 2017, Department of Homeland Security directive.
Security Patches, Mitigations, and Software Updates
Ransomware, Automation, and IoT Bots, Oh My!(Security Boulevard) Happy New Year to all our readers! In 2017, we conducted several studies and wrote several reports on the state of cyber security. Let’s take a look at how 2017 shaped up: How Lucrative is Confidential Data? Prime Bounty for Hackers, Top Concern for Businesses Radware’s annual Global Application & Network Security Report combines a The post Ransomware, Automation, and IoT Bots, Oh My! appeared first on Radware Blog.
Users are compromising most security tech(PaymentsSource) Cybersecurity systems, as sophisticated as they are, are clearly not doing the job. And maybe they never will, given that in the end the effectiveness of those systems can be overridden by workers inside the organization, writes Tal Vegvizer, director of research and development for Bufferzone.
Ireland Not Prepared for Increased Cyber Criminality Warn Experts(Business World) Irish information security provider, Ward Solutions, has today claimed that 2018 will be the year that a full-scale cyber war breaks out between countries. The provider also predicts that nation states and law enforcement agencies around the world will begin to use cyber tactics offensively.
Barracuda Acquires PhishLine(Barracuda Networks) PhishLine's Social Engineering Simulation and Training Platform Expands Barracuda Solutions to Protect Against Email-borne Targeted Attacks Barracuda Networks, Inc . (NYSE: CUDA), a leading provider of cloud-enabled security and data protection solutions, today announced it has acquired PhishLine , LLC, a leading SaaS platform for social engineering simulation and training. Combining Barracuda's AI-driven protection against phishing and spear phishing with PhishLine's platform gives customers co
Locked Doors, Open Windows: Failures in Guarding Private Sector Information(The Cipher Brief) Not a day goes by that Americans don’t wake to the news of a new cyber intrusion affecting private sector or government networks, whether major cyber hacks at Target or Equifax, sloppy data breaches like those Verizon experienced, or nation-state-sponsored efforts like the WannaCry virus. Companies and institutions are pouring more time, attention and resources … Continue reading "Locked Doors, Open Windows: Failures in Guarding Private Sector Information"
Berger: NAFCU ramping up data security push in new year(CUInsight) NAFCU President and CEO Dan Berger asserted the association’s ongoing focus on winning passage of comprehensive data and cybersecurity legislation, one of the association’s top priorities for 2018, in an op-ed published yesterday in CUTimes. Berger noted that frequent data security breaches – in 2017 there were more than 1,200 reported by late November – …
The labs that protect against online warfare(BBC) A worrying form of conflict has begun – cyber-attacks aimed at infrastructure and society, all done without a shot being fired. Christian Borys visits some of those fighting back.
The Dark Side of Quantum Computing(Security Boulevard) Despite its promise, quantum computing has the potential to undermine the foundations of internet privacy and commerce.
Trump roots on Iran's protesters, declares 'time for change'(Military Times) The Trump administration has thrown the weight of the U.S. government behind the protesters taking to the streets of Iran, rooting them on despite the risk of helping Iranian authorities dismiss a week of major demonstrations as the product of American instigation.
2018: The year of the NIS Directive(Help Net Security) The NIS Directive is the first piece of EU-wide legislation on cybersecurity and, by May 9, 2018, all EU member countries will have to have it incorporated it into their own national laws.
Contrasting penalties for Metrobank, RCBC(Standard) Two of the nation’s biggest banks have received “huge” fines from the Bangko Sentral ng Pilipinas for internal fraud and involvement in a money laundering scam in a span of two years. But some bankers are puzzled over the contrasting penalties imposed on the two banks.
Phishing to Rural America Leads to Six-figure Wire Fraud Losses(SANS Internet Storm Center) We often focus on malware and hacking in terms of the tools the criminals use, but often good old-fashioned deception is simple enough. A recent case I worked on involves phishing sent to rural real estate professionals (law firms, title companies, realtors, etc). It is particularly effective on targets that use the various web-mail / free e-mail services.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
CYBERTACOS(Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.