• Contrast Security Responds to OWASP Top Ten Controversies
    Contrast Security has addressed the recent backlash over section A7 of the OWASP Top 10 list for 2017. The company issued a statement on the matter after industry professionals suggested the A7 addition was an example of a vendor pushing their agenda on the OWASP Top 10 project. A7: Insufficient Attack Protection: According to Contrast Security, this new addition to the OWASP Top 10 means that applications will need to detect, prevent, and respond to both manual attacks, as well as automated ones. The idea is to remove, "invalid input" messages with actions, such as blocking the attempts and flagging the account in question. Contrast Security offers a product called Contrast Protect, which could deal with the situations covered by A7. In addition, Contrast Security was one of the vendors who made suggestions leading to the creation of A7. The outline of A7 even mentions Runtime Application Self Protection (RASP) directly, which is what Contrast Security offers.Read More
  • Just a Couple of $11 Radio Gadgets Can Steal a Car
    A group of researchers at the Beijing-based security firm Qihoo 360 recently pulled off the so-called relay hack with a pair of gadgets they built for just $22. The Qihoo researchers say their upgrade also significantly multiplies the radio attack’s range, allowing them to steal cars parked more than a thousand feet away from the owner’s key fob. The attack essentially tricks both the car and real key into thinking they’re in close proximity. One hacker holds a device a few feet from the victim’s key, while a thief holds the other near the target car. The device near the car spoofs a signal from the key. That elicits a radio signal from the car’s keyless entry system. The hacker’s devices copy’s radio code, then transmit it via radio from one of the hackers’ devices to the other, and then to the key. Then they immediately transmit the key’s response back along the chain, effectively telling the car the key is in the driver’s hand.Read More
  • Threat Actor Delivering Millions of Scam Ads- NoTrove
    Researchers at RiskIQ have identified NoTrove, a threat actor that is delivering millions of scam ads that threaten consumers and further undermine the digital advertising industry. NoTrove was so effective that one of his pages ranked as one of the internet’s most visited pages for one day. How NoTrove works: 1) NoTrove uses automation to constantly change how the ads are delivered and clickthroughs re-routed. 2) The scam master has burned through 2,000 randomly generated domains and more than 3,000 IPs, operating across millions of Fully Qualified Domain Names; an FQDN is a complete web address, typically including subdomains for ad scammers. 3) RiskIQ observed 78 variants of NoTrove campaigns, such as scam survey rewards, fake software downloads, and redirections to PUPs. 4) Alexa rankings for its domains show how effective NoTrove is; even though each domain is short-lived, the rankings often shoot up into the Alexa top 10,000 based purely on scam ad deliveries.Read More
  • Janit0r: This Hacker Is My Latest Hero
    The hacker’s name is Janit0r. Janit0r is reportedly the one behind a particularly gnarly but undeniably fascinating form of malware called BrickerBot. BrickerBot, as the name implies, will brick internet of things (IoT) devices that fail a simple security test. This is surely illegal. News recently emerged that a third and fourth version of BrickerBot was spotted in the wild. BrickerBot scan the internet for IoT devices using default passwords and, eventually, wipe the device, corrupt its storage, and disconnect it from the internet. All this sounds bad but the reason is very clear: BrickerBot is shutting down devices before truly malicious software can take control of them. Destroying other people’s property is not a good thing. However, if this tool can force the manufacturers of IoT devices to take security seriously, the outcome could benefit everyone. So here’s to you, Janit0r. You’re breaking the law, but you’re doing it for a valiant reason.Read More
  • How Your Company Should Train Workers in Cybersecurity
    With workplace cyberattacks on the rise, industry experts are pressing businesses to train their workers to be more vigilant than ever to protect passwords and sensitive data and to recognize threats. Cybersecurity education doesn’t mean hosting a one-time course or seminar; it means making security a collaborative, continuous cultural initiative. National Cyber Security Alliance urges companies to talk frequently to workers about: 1) Rules for keeping a clean machine, including what programs, apps and data that workers can install and keep on their work computers; 2) Best practices for passwords, including making them long and strong, with uppercase and lowercase letters, numbers and symbols, and changing them routinely; 3) Throwing out suspicious links in email, tweets, posts, online ads, messages or attachments—even if they know the source; 4) Remembering to back up work, based on the policies of each company; 5) Speaking up if they notice strange happenings on their computer.Read More
  • Police around The Globe Learn to Fight Global-Scale Cybercrime
    From 2009 to 2016, a cybercrime network called Avalanche grew into one of the world’s most sophisticated criminal syndicates. The multinational cooperation involved in successfully taking down the Avalanche network can be a model for future efforts in fighting digital crime. Coordinated by Europol, the European Union’s police agency, the plan takes inspiration from the sharing economy. Uber owns very few cars, they help connect drivers and homeowners with customers who need transportation. Similarly, while Europol has no direct policing powers or unique intelligence, it can connect law enforcement agencies across the continent. This “uberization” of law enforcement was crucial to synchronizing the coordinated action that seized, blocked and redirected traffic for more than 800,000 domains across 30 countries. To keep their enterprises alive, the criminals will share their experiences and learn from the past. Police agencies around the world must do the same to keep up.Read More
  • What Part Should Internet Service Providers Play in Cybersecurity?
    For well over a decade, the security industry has debated what role Internet service providers (ISPs) should take in cybersecurity. Should they proactively protect their customers with upstream security controls and filters (e.g., intrusion prevention systems, IP/URL blacklists, malware detection, etc.), or are customers responsible for their own security? As far as preventative security controls go, ISPs can offer optional security services, but ultimately should leave it to their customers to decide whether to protect themselves or not. However, there is one thing all ISPs should do to protect everyone today: block IP address spoofing. IP address spoofing is a very old and simple attack in which a malicious computer sends a network packet with a false source IP address. By definition, ISPs have full knowledge of the public IP addresses we all receive, and know which ones belong on their networks. With this information, IP spoofing is dead simple to detect and block.Read More
  • Event : ShakaCon IX
    Shakacon is recognized as Hawaii’s premier information security centric conference with speakers and attendees from around the globe. Shakacon attracts Hawaii’s top security professionals and executives, and our audience consists of CIOs, CISOs, CTOs, IT Managers, Network Engineers, Security Managers, IT Auditors, and various IT professionals. It is scheduled on July 12th this year. Shakacon will offer local, national, and international participants a casual and social learning environment designed to present a “holistic” security view, as well as the opportunity to network with peers and fellow enthusiasts in a relaxed setting. Read More
  • You Can Now Purchase Revenge Services on Dark Web
    Usually, the dark web marketplaces are famous for selling illegal drugs, weapons or in some cases renting hacking tools. But now a vendor going by the handle of “Etimbuk” is offering their services to anyone looking for revenge. The advertisement offers revenge services in USD 700.50 (BTC 0.5594). The listing’s description further explains that these services will be provided to people looking for “Revenge on ex, co-worker, neighbor, someone they hate, boss or an ex-friend.” Furthermore, Etimbuk goes into details that they have helped thousands of people all over the world to get revenge on people who did something wrong to them and all that without getting traced. This is not the first time when a dark web listing has offered violent activities in exchange for money. Last year, a dark web website was asking for funds to assassinate the President of United States Donald Trump and Vice President Mike Pence.Read More
  • Cyber Infrastructure: Too Large to Fail, and Failing
    Joshua Corman, a founder of I am The Cavalry and director of the Cyber Statecraft Initiative for the Atlantic Council, said in his opening keynote at SOURCE Boston this week that he was there to tell some “uncomfortable truths” about the state of cybersecurity. “The critical infrastructure of our space is too big to fail, and it’s failing.” “At best, you’re getting about 50 percent coverage of the knowns [vulnerabilities]. When you make a risk decision, you’re doing it with a 50 percent blind spot." He added that there is even less coverage for industrial control systems (ICS) and medical devices. “And it’s about to get a lot worse,” he said. Healthcare cybersecurity, “is in critical condition” for these reasons: 1) A severe lack of security talent. 2) No proper defense for legacy systems. 3) Premature overconnectivity. 4) Vulnerabilities that impact patient care. 5) An epidemic of known vulnerabilities. These problems are solvable, he said, “but we’re not focused on them.”Read More