Week in review: Snooping Tor nodes, Wi-Fi keyboards open to keystroke sniffing

Here’s an overview of some of last week’s most interesting news, reviews and articles:

Industry collaborates on automotive cybersecurity best practices
More than 50 automotive cybersecurity experts from around the world have participated in the development of these best practices to advance automotive cybersecurity capabilities. The effort began in early 2016 when the 15 automaker members of the Auto-ISAC formed a working group to examine all cybersecurity aspects of the motor vehicle ecosystem.

SpyNote Android RAT builder has been leaked
SpyNote is capable of viewing messages on the infected device, listening to calls made from it, collecting device information and GPS location, exfiltrating contacts and files, turning on the device’s microphone for real-type spying purposes, activating the camera, but also making calls from the device, installing new (malicious) APKs, and updating itself.

Researchers discover 110 snooping Tor nodes
In a period spanning 72 days, two researchers from Northeastern University have discovered at least 110 “misbehaving” and potentially malicious hidden services directories (HSDirs) on the Tor anonymity network.

Review: True Key for iOS
When choosing a password manager, there are a couple of things to take into consideration: ease of use, expected functionality, authentication methods, and the overall look and feel of the application. True Key excels at all of these things.

IoT: A hacker’s dream come true?
Most “things” will likely operate safely and securely without interference, but there will be some portion of the IoT that will attract the attention of the very same people and organizations who build botnets, steal IP, and carry out pay-for-DDOS attacks using the far less extensive internet we see now.

Low-cost wireless keyboards open to keystroke sniffing and injection attacks
Bastille Networks researcher Marc Newlin has discovered a set of security vulnerabilities in low-cost wireless keyboards that could be exploited to collect all passwords, security questions, sensitive personal, bank account and payment card info users input through them.

European privacy advisor wants encryption without backdoors
The confidentiality of online communications by individuals and businesses is essential for the functioning of modern societies and economies. The EU rules designed to protect privacy in electronic communications need to reflect the world that exists today.

50+ vulnerabilities found in popular home gateway modems/routers
Researcher Gergely Eberhardt with Hungarian security testing outfit SEARCH Laboratory has unearthed over fifty vulnerabilities in five home gateway modems/routers used by Hungarian Cable TV operator UPC Magyarország, but also by many ISPs around the world.

Pwnie Express open sources IoT and Bluetooth security tools
Pwnie Express announced the availability of open sourced versions of its Blue Hydra and Android build system software. The release of these tools enable comprehensive Bluetooth detection and community based development of penetration testing Android devices.

UAC bypass attack on Windows 10 allows malicious DLL loading
Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control springing into action and alerting users of the potential danger.

What a Chief Strategy Officer does, and why you need one
Seasoned IT security expert and former Gartner analyst Richard Stiennon recently became the Chief Strategy Officer for the Blancco Technology Group. It was the perfect opportunity to talk with him, and explore the challenges that come with filling this pivotal information security role.

88% of all ransomware is detected in the healthcare industry
Healthcare has been a target for ransomware campaigns because the industry has often paid ransom to retrieve vital customer data quickly.

Media-stealing Android app targets developers
Symantec researchers have unearthed another app on Google Play that secretly steals photos and videos from victims’ mobile devices. But the curious thing is that it’s not an app that would attract a massive number of random users, but a very specific subset: web and app developers.

As voice interaction increases, what will security look like in the next 5 years?
Things are getting chatty – everywhere.

Obama defines how the US government will respond to cyber incidents
The Presidential Policy Directive on United States Cyber Incident Coordination is especially geared towards defining the Federal government’s response to “significant” cyber incidents.

Investigating the supply on 17 underground hacker markets
Have you ever wondered what kind of malicious offerings can be found on dark web “hacker markets,” who sells them and how widely they are available?

Cybersecurity talent crisis continues, technical skills in high demand
In 2015, 209,000 cybersecurity jobs went unfilled in the United States alone. Despite 1 in 4 respondents confirming their organizations have lost proprietary data as a result of their cybersecurity skills gap, there are no signs of this workforce shortage abating in the near-term.

Infection Monkey: Test a network from an attacker’s point of view
Infection Monkey, a tool designed to test the resiliency of modern data centers against cyber attacks, was developed as an open source tool by GuardiCore’s research group.

LastPass zero-day can lead to account compromise
A zero-day flaw in the popular password manager LastPass can be triggered by users visiting a malicious site, allowing attackers to compromise the users’s account and all the sensitive information in it.

DDoS attacks increase 83%, Russia top victim
The newest report shows that Russia has become the No. 1 victim country. Starlink – a Russian ISP supporting small, medium and large enterprises – received more than 40 percent of the DDoS attacks measured over a two-day period.

Law enforcement and IT security companies join forces to fight ransomware
The Dutch National Police, Europol, Intel Security and Kaspersky Lab launched the No More Ransom initiative, a new step in the cooperation between law enforcement and the private sector to fight ransomware together.

Is your business still HIPAA compliant after the 2016 federal changes?
The US Department of Health and Human Services’ Office for Civil Rights (OCR) warned healthcare professionals and their business associates of its intention to launch a series of random HIPAA compliance audits throughout 2016.




Share this