Week in review: Actively exploited Windows 0-day, ICS and IoT security

Here’s an overview of some of last week’s most interesting news, podcasts and articles:

65% of Windows devices still running Windows 7, released in 2009
To analyze the current state of device security, Duo Security analyzed more than two million devices, 63 percent of which were running Microsoft operating systems.

Security startup confessions: Looking for investors
Running a startup is an amazing experience, and a lot like riding a roller coaster. The past couple of weeks at CTLRe are a good example of this thrilling ride, as we are preparing our first investment round.

Services disrupted at three UK hospitals due to virus attack
Computer systems of the Northern Lincolnshire and Goole NHS Foundation Trust have been hit by a “virus”, and the HNS Trust reacted by shutting down the majority of them.

The difference between IT security and ICS security
In this podcast recorded at IoT Solutions World Congress Barcelona 2016, Andrew Ginter, VP of Industrial Security at Waterfall Security, talks about the difference between IT security and ICS security.

Linux/IRCTelnet creates new, powerful IoT DDoS botnet
Linux/IRCTelnet is an interesting mix of capabilities associated with older malware.

Free download – SysAdmin Magazine: Tools & Tips for Security Admins
SysAdmin Magazine offers a wide range of helpful and time-tested tips and tools every security administrator will find useful.

Latest Windows zero-day exploited by DNC hackers
Due to Google’s public release of information about an actively exploited Windows zero-day, Microsoft was forced to offer its own view of things and more information about the attack.

New infosec products of the week​: November 4, 2016
A rundown of new infosec products released last week.

Firefox to prevent sites from tracking users by checking their battery status
Version 52 of the popular Firefox browser will no longer allow websites to access the Battery Status API and the information it can provide about the visitor’s device.

Most activity on the dark web is legal and mundane
Terbium Labs has conducted a data-driven, fact-based research report that looked to identify what’s really taking place on the far corners of the Internet.

Android Trojan targets customers of 94 banks in US, Europe
If you/ve recently installed a Flash Player Android app and now almost every app you open asks you for your payment card details, you’ve been infected with a banking Trojan.

What can we do about the critical cybersecurity skills shortage?
The industry is failing to provide a clear path for young people to find work, hone their skills, and serve society. Instead, they are being tempted to exacerbate cybercrime, rather than prevent it.

NICE framework: Resource for a strong cybersecurity workforce
The US Commerce Department’s National Institute of Standards and Technology (NIST) released a resource that will help U.S. employers more effectively identify, recruit, develop and maintain cybersecurity talent.

Most unpatched Joomla sites compromised in latest wave of attacks
If you run a Joomla-based website and you haven’t implemented the latest security release of the CMS, your site has been almost surely compromised.

Post-pumpkin Patch Tuesday: What’s in store for November
There has been a lot of activity since October’s Patch Tuesday. During that short period of time, Oracle released its quarterly CPU, including an update for Java JRE; Adobe resolved a zero-day in Flash Player; a security researcher identified a new form of attack called Atombombing, and there has been some rising discussion around the Server 2016 servicing model.

Microsoft extends support for EMET, but its days are numbered
The company has listened to the customers’ pleas, and is extending its end of life date to July 31, 2018 (it was previously scheduled for January 27, 2017).

Most employees violate policies designed to prevent data breaches
To mitigate the rising costs of breaches, organizations need to reduce the burden of complying with privacy policies.

Industry reactions: UK government cyber security strategy
The UK government announced a new £1.9bn cyber security strategy, which includes an increase in automated defences to combat malware and spam emails, investment to recruit 50 specialists to work on cybercrime at the NCA, the creation of a Cyber Security Research Institute, and an “innovation fund” for cyber security start-ups.

Can we extinguish the Mirai threat?
The recent massive DDoS attack against DNS provider Dyn has jolted (some of) the general public and legislators, and has opened their eyes to the danger of insecure IoT devices.

Nigerian scammers: Then and now
A recently released report by Palo Alto Networks reveals that Nigerian cyber actors have become a formidable threat to businesses around the world.

Building the IoT monster
We have a window of opportunity, a small one, to define security standards for IoT devices, to force manufacturers to adhere to them, and to name and shame those that don’t.

Smart machines: Is full automation desirable?
Google’s self-driving car project is a perfect example of why pursuing full autonomy may be neither possible nor desirable in smart machines.

Best practices for enterprises to effectively combat cybercrime
Employee training and cyber awareness, combined with a solid defense strategy and best-in-class cybersecurity tools and software, are essential to reducing the risks of data breaches.

Distil Networks releases Hi-Def fingerprinting solution
Hi-Def device fingerprinting goes beyond IP- and header-centric identification by actively pulling additional data from the browser to identify devices with precision. This approach minimizes false positives and creates an even clearer picture of web traffic, allowing web defenders to make access decisions with certainty.

More about

Don't miss