[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
IBM: CoreBot now ready for front line use as banking Trojan
CoreBot is now armed with 55 URL triggers that cause it to attack the online banking sites.
Once in action, CoreBot’s first step is to grab the victim’s credentials; the malware then uses social engineering to con the victim into disclosing personally identifiable information and then commences to take over the session, the IBM report said.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0d1363f91f&e=20056c7556
63% in favor of encryption backdoors to respond to national security threats
Vormetric did a survey on how Americans view “backdoor” access by government entities to the encrypted data of private businesses.
Ninety-one percent recognized that there were risks to encryption backdoors, but also felt that it is justified in some circumstances.
Enterprises recognize this; as shown by the results of another recent survey by IANS, 84% of businesses are considering encrypting all sensitive data.
But adding backdoors to encryption compromises the technology, and this has not gone unnoticed by the American public.
In certain circumstances Americans are in favor of backdoor access.
This may be due to the strong “pro backdoor” language coming from the White House and senior federal law enforcement officials.
Respondents were in favor of backdoor access:
– In response to a national security threat (63%)
– As part of a federal investigation (39%)
– As part of a state or local investigation (29%).
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=21bdd69f44&e=20056c7556
Millions of UK emails on global virus plotters’ hitlist
British cyber-security experts have uncovered a trove of hundreds of millions of email addresses being used as a hitlist by criminals stealing financial data from banks, government bodies and other corporates.
Specialists at GCHQ have been alerting companies named in the files, as an international investigation seeks to track down those using it.
The vast database of 385âmillion addresses was uncovered by the IT services giant Fujitsu, after following a trail from major clients who had fallen victim to hackers.
The attack was global but particularly targeted the UK.
In collaboration with anti-virus companies, Fujitsuâs specialists traced Dridex to a series of servers in Russia that were being used to direct it.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f2a52c1244&e=20056c7556
Self-destructing computer chip can protect a top secret data
âXerox Parcâs new chip isnât quite on store shelves yet.
It doesnât really even do much.
But as a proof of DARPA-funded concept, it has one gigantic advantage that could help security-minded computer users and paranoid âMr.
Robot âfans: it can self destruct.
Made out of materials similar to smartphone display glass, modified to already have minute stress fractures.
A circuit was laid throughout the surface, and a laser activated transistor placed at the bottom.
Once the laser was shined, it created a cascading effect, including pieces that continued to shatter into smaller pieces until all that was left was irrecoverable fragments.
It could be used as a storage method for security fobs, encrypted passwords, and more.
In the event of a data breach, storage fabricated on the chip could be destroyed within seconds, making the data physically irretrievable.
Conversely, it could make for a great hackathon for people to figure out how to break into a system and shatter the chips (supposing a triggering element is installed internally) in order to either further strengthen the security, or just to be a butthead.
In a demonstration on Thursday, the glass was stressed to breaking point by heat.
When a circuit was switched on, a small resistor heated up and the glass shattered into thousands of pieces.
Even after it broke up, stress remained in the fragments and they continued breaking into even smaller pieces for tens of seconds afterwards.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=93c144ba3e&e=20056c7556
The coming private cyber ‘war’
The nature of cyber warfare â and whether the U.S. government would even be among the combatants â was one of the foremost discussion topics at the NextGov Prime conference Sept. 10.
âMost companies have realized that the federal government is not coming to their rescue in the cyber sense,â said journalist Shane Harris. âThey are essentially on their own against organized criminals in Russia, against state-sponsored hackers in China, against groups like Anonymous, and sort of the various threats out there that might be trying to steal their data or take out their systems.â
âCompanies are not just going to keep taking this,â the journalist warned. âIf the government is saying to them, âWe canât really protect you, and weâre not necessarily going to go on the offense for you,â I think itâs only a matter of time before you see a company take matters into its own hands and essentially go on the offense and take the fight back to the hackers.â
Will that fight take the form of U.S. companies hacking foreign firms, or even hacking foreign governments?
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9fcd5cd22b&e=20056c7556
Google shifts Flash advertisements to HTML5 to prevent malware
Google updates advertisement’s format in Chrome Browser beginning September 1.
This update is about stopping advertisements to automatically play through Flash.
Advertisements that are in Flash will be converted to HTML5 and others which are in HTML5 format will continue to work.
Speaking with advertisers, Bulletin Leader stated that Google notified them about the shifting of format from Flash to HTML5 since the start of the year.
The purpose of Google with the shift of video and animation model is to promote the advocacy of bug prevention with its users along with other online companies.
The said transition was initiated on September 1, 2015.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b2bd4527da&e=20056c7556
Ten reasons threat intelligence is here to stay
Over the past couple of years, the volume and frequency of new malware and its variants has exploded.
But it takes considerable time, effort and expertise to sift through data and transform it into pertinent information.
So out with old and in with the new.
To alter traditional approaches, threat intelligence emerged as a way to gather data about vulnerabilities and alter approaches based off that intel.
In this article, Iâve laid out 10 arguments being made against threat intelligence.
– Argument: Intelligence feeds will do very little to substantially improve cybersecurity.
– Argument: Threat intelligence plots dots on a blank sheet of paper, and may at best connect some of the dots, but it cannot paint the larger picture.
– Argument: Most organizations are unable to add the expertise required.
– Argument: No single vendor ever has a complete view of a campaign. A failure to note activity could give a client a flawed view of the picture and cause a low priority to be assigned to the threat, ultimately leaving the client no better off than before.
– Argument: Threat intelligence vendors operate in contrast to antivirus companies. When one antivirus company analyzes a new malware sample, those signatures are shared with peer organizations which reduce the burden for individual companies and ultimately protect the entire user community from known threats.
– Argument: Organizations do not need the details of the attack; they just want to know they are protected.
– Argument: Threat intelligence vendors guard their research to the detriment of the wider community
– Argument: Prices ensure that only those companies able to pay the hefty subscriptions get access, leaving many SMBs and critical parts of the supply chain in the dark.
– Argument: Networks, the solutions and resources defending them, and the data that resides on them vary greatly, and so do attacks.
– Argument: At its best, threat intelligence might provide occasional protection from attacks. At its worst itâs an expensive source of information that bears no relevance to securing a network and could mislead decision-makers.
The only way for companies to defend themselves is by adopting a more pragmatic and intelligent threat response: stopping a compromise at the host, proactively segmenting networks, and spending the time to develop in-depth situational awareness.
Otherwise, the next decade will end up much like the current.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=126c6d3070&e=20056c7556
The 10 things you need to know about cyberconflict
The first step to understanding cyberconflict is to define the domain.
Here are 10 things to know about the cybersecurity debate, as taken from our recently released book from Oxford University Press, Cyber War versus Cyber Realities.
1. Terminology is important
2. We need data and theories about cyberconflict
3. Cybertactics are not used often
4. Cyber-actions to date have not been very severe
5. Most cyber-incidents are regional
6. Cyber-operations havenât gotten much reaction
7. Many cyber-incidents would be classified as espionage
8. Cyberterrorism is an inflated threat
9. Cyber-hygiene is important
10. A taboo is developing against cybertactics
Our research program in some ways clashes deeply with futurist proposals of those who would like to suggest war and conflict will be different with the rise of new weapons.
We have seen little variation in the methods of warfare and diplomacy used through the history of human civilization.
These processes have remained remarkably stable.
We do not see that the use of cyber-technologies as a tactic will reshape the future.
Of course, cyberconflict will happen, and with greater frequency.
But what we see is that the actionsâ severity will be minimal, and that clear norms are developing that will institutionalize the idea that there are only limited acceptable options for states in cyberspace if they wish go on the offense.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0bbc0f36e9&e=20056c7556
Lebanon library at center of internet privacy debate in shutting off its Tor server
A public library in Lebanon finds itself at the center of a complicated debate over internet privacy and safety, after questions from the Department of Homeland Security led the library to think twice about participating in the global anonymous web-surfing network known as Tor.
The server, located at the Kilton Public Library in West Lebanon, was the first in the country to be operated by a public library under the Boston-based Library Freedom Project, which advocates for open software and privacy projects for public libraries.
Fleming shut off the server after it had run for about a month, when Lebanon police raised the issue with city officials.
The Lebanon Public Libraries Board of Trustees, which unanimously supported the project in June, is scheduled to discuss the issue at its meeting on Tuesday at 7 p.m. in the main library.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=39f91b0aed&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=84a5adaed5)
** Update subscription preferences (http://paulgdavis.us3.list-manage1.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)