Week in review: Docker security, SWIFT warns of new attacks, SAP vulnerability exploited

Here’s an overview of some of last week’s most interesting news and articles:

SWIFT warns of new attacks, Bangladesh Bank heist linked to Sony hack
They believe that its customers are facing “a highly adaptive campaign targeting banks’ payment endpoints.”

Internet of Fail: How modern devices expose our lives
During the past few years we’ve seen examples of all sorts of IoT devices exhibiting glitches, getting hacked, manipulated, and the information they hold exfiltrated.

CryptXXX 2.0 foils decryption tool, locks PCs
CryptXXX ransomware, first spotted in mid-April, has reached version 2.0, and a new level of nastiness. It’s also on its way to become one of the top ransomware families in the wild.

Playbook: Prepare your business for DDoS attacks
Read the DDoS Response Playbok and find out how you can effectively plan and execute your DDoS response plan, what are the best practices for choosing and setting up the right mitigation solution for your organization, and what the steps and procedures for authoritatively responding to a DDoS attack.

Evaluating the security of the top enterprise apps
Wandera announced the findings of a comprehensive security assessment of the most popular business apps used on corporate mobile devices by enterprise customers across North America, Europe and Asia.

SAP vulnerability exploited to compromise enterprises worldwide
A SAP vulnerability, patched over five years ago, is being leveraged to exploit SAP systems of many large-scale global enterprises, US-CERT warns.

Exploit kits are the greatest danger for Windows users
Exploit kits are how most malware gets on victims’ computers and, according to Microsoft, encounters with exploit kits increased by more than a third from 3Q15 to 4Q15.

Do users’ perceptions of password security match reality?
Think your password is secure? You may need to think again.

It’s time to get serious about ICS cybersecurity
The proof of concept of a PLC worm is a viable scenario which could cause immeasurable damage both in the power industry, and to the lives of many people.

Let’s stop talking password flaws and instead discuss access management
Should we really care about the number of times our supervisors change their passwords compared to us? Probably not. We should be interested in addressing the bigger problem – managing access credentials in an automated and timely fashion with solutions that make the entire process more efficient and more secure without focusing on when and how to change every password.

Adobe patches Flash 0day exploited in attacks
The latest update plugs 25 security holes, all of which could lead to remote code execution, i.e. be leveraged to ultimately take over the system running a vulnerable version of Flash Player.

Milagro: A distributed cryptosystem for the cloud
A new open source project within the Apache Incubator aims to create an alternative to outdated and problematic monolithic trust hierarchies such as commercial certificate authorities.

Facebook CTF platform is now open source
Capture the Flag competitions are a good – not to mention legal – way for hackers to build and hone their skills. But, quality CTF environments are difficult and expensive to build and run. This is a burden that Facebook aims to lighten by open sourcing the Facebook CTF platform.

Germany set to end copyright liability for open Wi-Fi operators
People who travel to Germany are often surprised at the lack of public, open Wi-Fi networks. That’s because German law (Störerhaftung – “liability of duty”) holds operators of public hotspots liable for everything their users do online, especially when these actions are against the law, and even if the operators weren’t aware of them.

DARPA calls for help to improve cyber attack attribution
The agency has called on academic, corporate, and governmental partners to provide research proposals for technologies that will able to generate relevant information about multiple concurrent independent malicious cyber campaigns, as well as allow the sharing of this information with interested parties without putting at risk the sources and methods used for collection.

New ransomware modifications increase 14%
Kaspersky Lab detected 2,896 new ransomware modifications during the first quarter, which is an increase of 14 percent on the previous quarter. In addition, the number of attempted ransomware attacks increased by 30 percent.

Bridging the security automation gap
Security teams have to take back control; keep the bad guys out while keeping business applications running smoothly and securely, all day, every day. Yet currently these skilled (and usually highly paid) security staff are spending their precious time mostly ‘keeping the lights on’ – manually maintaining existing systems, sifting through countless security alerts, making device configuration changes – while often inadvertently causing outages and creating security holes.

Healthcare under attack! 89% of organizations experienced data breaches
It’s a turbulent time for the healthcare industry: patient data is under siege and hospitals are big targets for cyber attacks, according to the Ponemon Institute.

Mozilla fights in court to get info about potential Firefox flaw
Mozilla has asked a Washington State District Court to compel FBI investigators to provide details about a vulnerability in the Tor Browser with them before they share it with the defendant in a lawsuit, so that they could fix it before the knowledge becomes public.

Universities to help train IBM Watson for Cyber Security
Training IBM Watson for Cyber Security is a critical step in the advancement of cognitive security. Watson is learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks and threats that could otherwise be missed.

Docker Security Scanning: Generate a security profile for Docker images
Docker announced Docker Security Scanning, an opt-in service for Docker Cloud private repo plans that provides a security assessment of the software included in container images.

Attackers keep flinging assorted ImageMagick 0day exploits
The bug has been patched in ImageMagick versions 7.0.1-2 and 6.9.4-0, but according to Sucuri Security and CloudFlare, attackers still hope not all web admins have yet implemented the updates.

How secure are the devices connecting to enterprise assets?
Duo Security, whose two-factor authentication solution is installed on over 2 million devices (laptops, PCs, mobile phones and tablets), has a good vantage point for evaluating the the security health of these devices, as the authentication app collects data about devices, including details about OS, browser, Java and Flash versions.

Researcher demonstrates website’s lax security, gets arrested
David Levin, CTO of pentesting company Vanguard Cybersecurity, has made a critical mistake while testing the security of the Lee County (Florida) elections website.




Share this