Week in review: DROWN attack breaks TLS encryption, hijacking police drones, RSA Conference 2016 coverage

Here’s an overview of some of last week’s most interesting news, reviews and articles:

RSA Conference 2016 coverage
Check out our coverage page to see what you’ve missed at RSA Conference 2016.

CTB Locker ransomware now also encrypts websites
The well-known crypto ransomware CTB Locker is back. After a considerable slowdown in distribution, it is being pushed onto users again, and this time its executable has been signed with a stolen certificate. But what is even more interesting is that there is a new variant of the malware, and this one targets websites instead of Windows workstations.

The everyday application interactions putting enterprises at risk
With greater awareness about the risks of unsecured privileged accounts allowing broad, anonymous access across the enterprise, privileged account security has become an organizational priority.

Researcher demonstrates hijacking of police drone
A security researcher has demonstrated to the RSA Conference crowd how he – or anyone, for that matter – can take over control of a drone used by the Dutch police and make it do anything the rightful owner can.

Cisco removes weak default static credentials from its switches
Cisco has released on Wednesday a bucketload of software updates for a wide variety of its products, fixing vulnerabilities of different types and severity. But one is deemed critical: default static passwords have been found on the company’s Nexus 3000 Series Switches and Nexus 3500 Platform Switches.

How effective are orgs at detecting and investigating cyber threats?
A new threat detection effectiveness survey compiling responses from more than 160 respondents around the world has provided valuable global insight into what technologies organizations use, what data they gather to support this effort, and their satisfaction with their current toolsets. Additionally respondents were asked what new technologies they plan to invest in and how they plan to evolve their strategies going forward.

DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable
There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users and a vulnerable server.

Cerber ransomware talks to its victims
The malware is relatively new, and its delivery method is still unknown, but there are a couple of things that make it stand out from the other ransomware out there.

Sea pirates and cyber attacks: Information security breaches in the maritime industry
The Maritime Trade Information Sharing Center, Gulf of Guinea (MTISC-GoG) has denied that it has suffered a data breach that could result in sea pirates knowing details about ships in the region, including their position.

Cyber onslaught threatens to overwhelm healthcare
Healthcare organizations average about one cyber attack per month, say the result of the recent Ponemon study on the state of cybersecurity in healthcare organizations.

Mozilla blocks popular Firefox add-on due to security issues
Mozilla has put the YouTube Unblocker add-on on its “blocklist”, as it has been discovered that it was changing users’ security settings and covertly downloading and installing an additional, malicious extension that injects ads in pages visited by users.

Hack the Pentagon: Hackers asked to help secure public-facing systems
The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the Department’s websites.

Review: Becoming a Global Chief Security Executive Officer
The goal of this book is push security executives into becoming leaders in business operations protection, and make them realize and internalize the fact that, in this day and age, the security department is as important to a business as the sales or any other department in the organization.

Crypto pioneers Diffie and Hellman win Nobel Prize of Computing
ACM, the Association for Computing Machinery has announced at RSA Conference that it has awarded crypto pioneers Whitfield Diffie and Martin E. Hellman the 2015 ACM A.M. Turing Award for critical contributions to modern cryptography.

Security audit identified risky e-filing tax services
The Online Trust Alliance (OTA) evaluated the privacy, security and consumer protection practices of the thirteen IRS-approved free e-filing tax services.

Is Hacking Team still using the same old, slightly modified malware?
A newly analyzed OS X malware sample shows that Hacking Team is likely still using old code for its newest spying tools. An alternative (but less likely) theory is that someone has been modifying the tools’ source code, which was leaked in the wake of the catastrophic hack the infamous intrusion and surveillance software seller suffered last year.

Cyberstalker sentenced to 10 years in prison
Urging leniency, the defendant’s counsel argued that, unlike bank robbery or drug dealing, cyberstalking was not something people thought of as a serious crime. United States District Judge Robert L. Hinkle responded, “Perhaps it’s time they learned.”

Which passwords to avoid for Internet-facing systems?
For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login attempts by random, opportunistic actors.

Bank password policies are often substandard, study finds
A study of 17 major US banks shows that six of them have weak password handling and that their password procedures are weaker than most social websites.

The rise of polymorphic malware
97% of malware is unique to a specific endpoint, rendering signature-based security virtually useless.

Repeat DDoS and web application attacks become the norm
Akamai Technologies has shared the latest DDoS and web application attacks numbers in its Q4 2015 State of the Internet report.

Ten technologies to unlock the full potential of the Internet of Things
Gartner has highlighted the top 10 Internet of Things (IoT) technologies that should be on every organization’s radar through the next two years.

Most infosec pros consider government-mandated encryption backdoors a bad idea
Of those surveyed, 81 percent of respondents said it is either very likely or certain that cybercriminals would abuse the government’s capability to access encrypted data if technology companies are required to provide it.

Snapchat falls for BEC scam, leaks employee payroll info
The scammer impersonated Snapchat’s CEO, and asked for the info. Unfortunately, one of the employees was tricked into believing the email was legitimate, and sent it.

Are CIOs wasting millions on infosec that doesn’t work?
There’s overwhelming consensus among IT executives that the foundation of cybersecurity—cryptographic keys and digital certificates—is being left unprotected, leaving enterprises blind, in chaos, and unable to defend their businesses.

Cybersecurity still seen as a tech issue, not a business imperative
Cybersecurity is now front and center on organizations’ boardroom agendas, but most chief information security officers (CISOs) have yet to earn a seat at the table.




Share this