[From the desk of Paul Davis – his opinions and no-one else’s]
So onto the news:
Hacker Implants NFC Chip In His Hand To Bypass Security Scans And Exploit Android Phones
That’s why US navy petty officer Seth Wahle, now an engineer at APA Wireless, implanted a chip in his hand, in between the thumb and the finger – the purlicue apparently – of his left hand. It has an NFC (Near Field Communications) antenna that pings Android phones, asking them to open a link. Once the user agrees to open that link and install a malicious file, their phone connects to a remote computer, the owner of which can carry out further exploits on that mobile device. Put simply, that Android device is compromised. In a demo for FORBES, Wahle used the Metasploit penetration testing software on his laptop to force an Android device to take a picture of his cheery visage.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cd2e16deb3&e=20056c7556
Portland General Electric : WEI and Concordia University-Portland Introduce Incident Management Center for Utilities
The new Incident Management for Utilities National Training Center is located at Concordia University’s Columbia River Campus, along with Concordia’s Center for Homeland Security Studies and Homeland Security Simulation Center.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1cbfe61954&e=20056c7556
Marsh Launches New Cyber Risk Assessment Solutions
NEW YORK, Apr 27, 2015 (BUSINESS WIRE) — Marsh, a global leader in insurance broking and risk management, today announced the launch of Marsh Cyber Monitor and Marsh Cyber View, new cyber risk assessment services to help the risk management community effectively understand, measure, and manage their cyber risk. These offerings are part of a broader effort by Marsh to integrate its industry-leading risk and insurance advisory capabilities with best-in-class cyber technology and service providers to offer a unified solution of tools and resources companies need to better assess, mitigate, and manage complex cyber exposures.
Marsh Cyber Monitor enables companies to understand their cyber risk by examining a comprehensive set of threat indicators that are continuously updated using a variety of data collection methods. With Marsh Cyber Monitor, individual companies can proactively understand their cyber security posture, gain insight into how their cyber risk is changing, and benchmark themselves against their peer group on an ongoing basis.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=60ea68f600&e=20056c7556
Nine Threats to the Global Security Landscape
Threat Horizon 2017, the latest in our annual series of reports which provide businesses a forward-looking view of the increasing threats in today’s always-on, interconnected world, was released. In Threat Horizon 2017, it highlighted the top nine emerging threats, as determined by ISF research, to information security over the next two years.
– Increased Connectivity Speeds Present Issues in Organizational Response Time
– Criminal Organizations Become More Structured and Sophisticated
– Widespread Social Unrest Breaks Out Led by ‘Tech Rejectionists’
– Dependence on Critical Infrastructure Becomes Dangerous
– Malicious Agents Weaponize Systemic Vulnerabilities
– Legacy Technology Crumbles
– Disruption to Digital Systems Leads to Verifiable Human Deaths
– Global Consolidation of Organizations Endangers Competition and Security
– Cost and Scale of Data Breaches Increases Dramatically
– Be Prepated
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=11279bb7bb&e=20056c7556
6 hard truths security pros must learn to live with
The following six hard truths of IT security show not only why today’s security solutions fall short but how we, as IT pros and an industry, can mitigate at least some of the inevitable fallout of imperfect security solutions.
– Imperfect distribution of defenses
– Insufficient staffing for deployment and monitoring
– Hackers need to find only one weakness
– Hackers can change tactics on a dime
– Lack of focus on the right risks
– No solution addresses the real root of the problem
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=be69461b25&e=20056c7556
US hospitals to treat medical device malware with AC power probes
The unnamed hospitals will be the first in a list to test the add-on monitoring platform dubbed WattsUpDoc to check for potentially life-threatening malware running on critical medical devices. PhDs Benjamin Ransford and Denis Foo Kune developed the platform which uses the “traditionally undesirable” power consumption side channel to detect malware with the accuracy of desktop anti-virus at run-time without the need to modify the hardware or software of systems.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f37e5dd704&e=20056c7556
NINETY PER CENT of Java black hats migrate to footling Flash
“2014 saw a shift from a balanced targeting of Java and Flash to over 90 per cent focus on Flash,” the team told delegates to RSA San Francisco last week. “The drop in Java exploits corresponds to a new Internet Explorer feature which blocks the use of out-of-date Java.”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e923129c76&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=52191dd12e)
** Update subscription preferences (http://paulgdavis.us3.list-manage1.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)