Here’s an overview of some of last week’s most interesting news and articles:
Hacking Team hacker explains how he did it
In a Pastebin post, he shared that he exploited a zero-day vulnerability in a embedded device deployed inside the company’s network in order to gain a foothold in the network. (He declined to give more details about the vulnerabilities, as they are still not patched.)
Over 3 million servers running outdated JBoss software open to attack
Spurred by the recent discovery that the Samas (aka SamSam) ransomware is being spread via compromised servers running out-of-date versions of Red Hat’s JBoss server software, Cisco Talos researchers have begun scanning the Internet for machines that might be at risk.
US government is lousy at cybersecurity
SecurityScorecard released its 2016 Government Cybersecurity Report, a comprehensive analysis that exposes alarming cybersecurity vulnerabilities across 600 local, state, and federal government organizations in the United States.
The spam campaigns delivering these attachments range from blank emails pretending to deliver a business cards and fake “order status” emails, to bank-related and resume-themed spam.
Opera browser’s VPN is just a proxy, here’s how it works
On Thursday, Opera announced they’ve added a free VPN client with unlimited data usage in the latest developer version of their browser. Sounds great, doesn’t it? Michal Špaček, a web developer and security engineer based in Prague, researched the way Opera’s VPN works and discovered there’s more marketing than security behind Opera’s claims.
PGP-encrypted comms network allegedly used by criminals shuts down
The Dutch police has announced on Tuesday that they have pulled a system of encrypted communications used by Dutch and possible foreign criminals off the air, and that they have arrested a 36-year-old man from Nijmegen on suspicion of money laundering.
The many faces and tactics of Jigsaw crypto-ransomware
The Jigsaw crypto-ransomware got its name from the main bad guy from the popular horror movie franchise Saw, as its initial ransom note (either in English or Portuguese) shows the image of a very distinctive puppet used in the films.
Spring network cleaning: Quick tips to reduce risk
A few spring cleaning tips organizations can apply towards their network security – and encourage their vendors to apply as well.
Identity protection: The critical intersection of biometrics and commerce
In light of some high-profile data breaches in recent years, businesses are constantly seeking possible forms of authentication to replace passwords.
Researcher develops tool that blocks OS X crypto-ransomware
In his spare time, security expert Patrick Wardle (who’s also director of R&D at Synack) creates OS X security tools. The latest addition to his collection is RansomWhere?, a tool for foiling OS X crypto-ransomware.
FBI warns farming industry about equipment hacks, data breaches
As Internet-connected equipment is increasingly used in many industry sectors, alerts like the latest one issued by the FBI to US farmers will likely become a regular occurrence.
A password for your eyewear computer: The sound of your skull
Could the unique frequency response your skull makes when hit with an ultrasonic signal be a good way for authenticating yourself to an eyewear computer (e.g. Google Glass, or a VR headset)?
Flaw allows eavesdropping and tracking of mobile phone users
German hacker Karsten Nohl has demonstrated to the crew of CBS News’ 60 Minutes program how easy it can be for well-resourced attackers to eavesdrop on the phone calls and track the current geographic position of any one user. All the attacker needs to know about the target is his or her phone number, and have access to Signalling System No. 7 (SS7).
TeslaCrypt: New versions and delivery methods, no decryption tool
TeslaCrypt ransomware was first spotted and analyzed in early 2015, and soon enough researchers created a decryption tool for it. The malware has since reached versions 4.0 and 4.1 but, unfortunately, there is currently no way to decrypt the encrypted files except by paying the ransom and receiving the key.
Five steps to GDPR compliance
Agreed upon just days ago, after years of negotiations, the GDPR is the biggest legal change of the digital age.
The future of ICS security depends on OT-centric security solutions
New cybersecurity operational technologies are emerging to protect industrial control systems (ICS) against impending IT threats and attacks.
How to automate a custom password dictionary for your pen test
The OWASP Basic Expression & Lexicon Variation Algorithms Project (pyOwaspBELVA) is a custom dictionary builder that enables the user to import data from proxies such as ZAP and Burp, substitute letters/numbers/special characters, apply policies to select and remove words, as well as write plugins for extendability.
A global data analysis of hostile activity
Solutionary’s latest Global Threat Intelligence Report contains information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks and nearly 8,000 security clients across six continents.
Why a layered defense is your best protection against malware
There are a lot of misconceptions about malware, so here are some of the key things we do know.
Oracle patches 136 flaws in 49 products
Oracle released the April 2016 Critical Patch Update, which provides fixes for 136 vulnerabilities in 49 products, including Java SE and MySQL, the company’s Database Server and E-Business Suite, its Fusion Middleware, and its Sun Systems Products Suite.
Hacking and manipulating traffic sensors
With the advent of the Internet of Things, we’re lucky to have researchers looking into these devices and pointing out the need for securing them better. One of these researchers is Kaspersky Lab’s Denis Legezo, who took it upon himself to map the traffic sensors in Moscow and see whether they could be tampered with.
Exploit kits: The rise in user-friendly malware
The most concerning aspect of exploit kits is their ease of use.
ISPs are putting their enterprise customers at risk of DDoS attacks
The vast majority of enterprise end users (85%) want their ISPs to offer more comprehensive DDoS protection-as-a-service, according to Corero Network Security.
AI system predicts cyber attacks using input from human experts
In a new paper, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and the machine-learning startup Pattern-Ex demonstrate an artificial-intelligence platform called “AI2” that predicts cyber-attacks significantly better than existing systems by continuously incorporating input from human experts.