#infoSec

now browsing by tag

 
 

#infosec | UK Labour Party Hit By “Sophisticated” and “Large-Scale” Cyber-Attack

Source: National Cyber Security – Produced By Gregory Evans

The UK Labour Party has stated that it has been hit by a “sophisticated and large-scale cyber-attack” on its digital platforms.

As report by Sky News, a party spokesperson said that the attack failed to breach any data because of the party’s robust security systems.

“Security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed,” she said. “We have reported the matter to the National Cyber Security Centre.”

Sky News’ Technology Correspondent Rowland Manthorpe said the attack appears to have been a Distribute Deniable of Service attack.

Commenting on the news, Corin Imai, senior security advisor at DomainTools, said: “This should be a significant concern to all voters in the UK regardless of their political viewpoints. During a General Election, it is imperative that the main political parties are all given a fair and impartial hearing, and considering the importance of digital campaigning in modern election cycles, a DDoS attack such as this could give other parties an advantage.

“While there is no indication of where this cyber-attack comes from, and it is obviously encouraging that the Labour party said these attempts failed, the incident is an example of just how susceptible to cyber-criminal activity our democratic process can be.”

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | UK Labour Party Hit By “Sophisticated” and “Large-Scale” Cyber-Attack appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Report Reveals Businesses Aren’t Ready for 5G

Source: National Cyber Security – Produced By Gregory Evans

A new report looking at 5G cybersecurity readiness has found that many businesses are inadequately prepared for the latest big data acceleration. 

The AT&T Cybersecurity Insights Report: Security at the Speed of 5G, published today, found that enterprises are lagging behind on expanding their virtualization and software-defined networking (SDN) capabilities and are not taking the opportunity to automate security. 

A degree of reticence was also detected when it came to the planned adoption of a shared security model that would enable certain functions to be shifted to carriers.

The report was built using data drawn from a survey of 704 cybersecurity professionals from around the globe, all of whom work for organizations with more than 500 employees. 

Nearly all respondents in the survey expect to make 5G-related security changes within the next five years, and 16% say they have already started preparing before the mainstream wave of 5G deployments arrives. 

Asked about what their preparations were focused on, the larger attack surface topped the list as a worry for 44% of respondents, followed by the greater number of devices accessing the network, which was a concern for 39%. 

Ranking third and fourth, drawing the focus of 36% and 33% of respondents, respectively, were the need to extend security policy to new types of IoT devices and the need to authenticate a larger number and wider variety of devices.

Only 29% of respondents said they plan to implement security virtualization and orchestration during the next five years.

Researchers wrote: “Most of the transitions in networking have been about faster speeds or increased capacity. 5G introduces more complex networking and is being delivered with virtualization in mind. 

“The latter appears to be a crucial gap in the way enterprises are preparing for 5G, as enterprises will need to take advantage of virtualization to make the network nimbler and more responsive, with the ability to provide just-in-time services. Many enterprises are not considering this as a possibility, according to our data.”

With 5G, the size of the cyber-attack surface expands, creating more opportunities for bad actors to strike. Despite this, researchers found that enterprises did not appear to have fully considered how to boost their vulnerability management programs (both patching and mitigation) for devices at the edge, which may carry vulnerabilities that go unnoticed and unpatched.

Additionally, only 33% of enterprises surveyed had implemented multi-factor authentication, and 7% said they plan to implement it during the next five years.

A spokesperson for AT&T wrote: “To better realize how large (and vulnerable) the attack surface becomes with 5G, consider that 274 petabytes of data are currently crossing AT&T’s network each day, and with 5G this number is expected to increase by 10x.”

Currently, neither 5G service nor 5G phones are available everywhere in the United States, and release dates vary for every carrier. Verizon, Sprint, Starry, AT&T, and T-Mobile are providing some coverage already, mostly in major cities, including New York, Washington, DC, Los Angeles, Houston, Chicago, Phoenix, Atlanta, Boston, Denver, and Dallas–Fort Worth.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Report Reveals Businesses Aren’t Ready for 5G appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | What you Need to Know

Source: National Cyber Security – Produced By Gregory Evans

What is BlueKeep?

BlueKeep is the name that has been given to a security vulnerability that was discovered earlier this year in some versions of Microsoft Windows’ implementation of the Remote Desktop Protocol (RDP).

The vulnerability was described as “wormable” by Microsoft, and users were warned that BlueKeep might be exploited in a similar fashion to how the WannaCry ransomware used the Eternal Blue vulnerability to spread widely in 2017.

Warnings about the BlueKeep vulnerability have been issued by the UK’s National Cyber Security Centre (NCSC) and United States’s National Security Agency (NSA), as well as equivalent agencies in Germany and Australia, as well as Microsoft itself.

Microsoft considered the threat posed by BlueKeep to be so serious that the software giant took the unusual step of releasing patches for no-longer supported versions of Windows such as Windows Server 2003, Windows Vista, and Windows XP.

Sounds serious. Which other operating systems are vulnerable?

The RDP functionality on Windows 7 and Windows Server 2008 (both reaching the end of their support life-cycle) is also vulnerable, and should be patched as a matter of urgency.

But didn’t this all happen a while ago?

Yes, the patches from Microsoft came out in May, and although some IT teams acted fast to secure their critical Windows systems, hundreds of thousands of other internet-connected computers remain unpatched to this day.

So what have bad guys been doing with the BlueKeep vulnerability?

For some months it seemed not much was happening. But recently an attack was seen in the wild which attempted to install cryptomining software onto RDP servers that had not been patched, and had exposed port 3389 to the internet.

You said “attempted”…

Yes, the attack – first spotted by security researcher Kevin Beaumont – caused systems to crash with the infamous “blue screen of death.”

According to a ZDNet report, the reason why the attack failed was because of an incompatibility between the exploit code and a patch Microsoft had previously issued for the Intel CPU vulnerability known as Meltdown.

So, having vulnerable computers crash is bad but better than having them compromised by malicious code, right?

Right. If a computer crashes it might alert you that something’s wrong, and is certainly better than an attacker silently installing unauthorised code.

But it is widely expected that a revised version of the BlueKeep exploitation code will be issued this week which will NOT caused Meltdown-patched computers to crash.

So what should we do?

  • Patch your vulnerable computers now, with the fixes Microsoft issued earlier this year.
  • Block port 3389 used by the RDP protocol at your firewalls, especially if they are exposed to the internet.
  • Disable remote desktop services if they are not required.
  • Enable Network Level Authentication (NLA) to control who connects to your systems, and protect your network from unauthorised users and software.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Source link

The post #cybersecurity | #infosec | What you Need to Know appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | UK Government Spends £2M on Anti-Drone Projects

Source: National Cyber Security – Produced By Gregory Evans

The UK government is set to spend £1.8m developing anti-drone capabilities, as threats from the skies increase.

The Ministry of Defence’s Defence and Security Accelerator (DASA) this week announced funding for 18 projects, which will each receive around £100,000. Successful organizations included University College London, Thales UK, QinetiQ, Northumbria University and BAE Systems Applied Intelligence.

Projects include developing methods to detect 4G and 5G-controlled drones, AI sensors to automatically identify aerial vehicles and low-risk ways of stopping drones through electronic interception.

The first, proof-of-concept, phase will run until summer 2020 and will be followed by a second phase focused on maturing these projects into integrated solutions.

“The introduction of Unmanned Air Systems (UAS), often referred to as drones, has been one of the most significant technological advances of recent years and represents a shift in capability of potential adversaries,” explained competition technical lead, David Lugton.

“The threat from UAS has evolved rapidly and we are seeing the use of hostile improvised UAS threats in overseas theatres of operation. There is a similar problem in the UK with the malicious or accidental use of drones becoming a security challenge at events, affecting critical infrastructure and public establishments; including prisons and major UK airports.”

Drones famously forced hundreds of flights to be cancelled at London’s Gatwick Airport last Christmas, with tens of thousands of passengers stranded. In fact, the number of near-misses involving UAS in the UK soared by over a third from 2017 to 2018.

However, drones could also represent a growing threat not just to physical safety but also network security.

Just this week, defense contractor Booz Allen Hamilton warned that 2020 could see hackers use UAS as rogue access points — landing them in concealed places on corporate property while they harvest credentials, perform man-in-the-middle attacks against employees and carry out network reconnaissance.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | UK Government Spends £2M on Anti-Drone Projects appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Amazon Doorbell Camera Lets Hackers Access Household Network

Source: National Cyber Security – Produced By Gregory Evans A vulnerability detected in Amazon doorbell cameras made it possible for hackers to gain access to the owner’s household computer network. The weakness in the Ring Video Doorbell Pro IoT device was discovered by researchers at Bitdefender in June of this year. Researchers found that the credentials of […] View full post on AmIHackerProof.com

#cybersecurity | #infosec | Smashing Security #153: Cybercrime doesn’t pay (but Uber does)

Source: National Cyber Security – Produced By Gregory Evans The cybercrime lovebirds who hijacked Washington DC’s CCTV cameras in the run-up to Donald Trump’s inauguration, the truffle-snuffling bankers at the centre of an insider-trading scandal, and the hackers that Uber paid hush money to hide a security breach. All this and much more is discussed […] View full post on AmIHackerProof.com

#infosec | North Korean Malware Found at Indian Nuke Plant

Source: National Cyber Security – Produced By Gregory Evans

A malware infection at one of India’s nuclear power plants has been confirmed by its owner, with researchers speculating that it is North Korean in origin.

News began circulating on social media earlier this week that the Kudankulam Nuclear Power Plant (KNPP) may have been hit by an attack. A third party contacted cyber-intelligence analyst Pukhraj Singh who in turn notified the country’s National Cyber Security Coordinator on September 3, he said.

He added that the malware in question was later identified by Kaspersky as Dtrack.

Although initially KNPP officials said an attack on the plant was “not possible,” they changed their tune in a letter dated Wednesday.

The government-owned Nuclear Power Corporation of India (NPCIL) released a statement saying the original reports had been correct, and handled by CERT-In when the organization was notified on September 4.

“The investigation revealed that the infected PC belonged to a user who was connected in the internet connected network used for administrative purposes,” it clarified. “This was isolated from the critical internal network. The networks are being continuously monitored. Investigation also confirms that the plant systems are not affected.”

Dtrack was first revealed in late September by Kaspersky as linked to the infamous Lazarus Group. It discovered over 180 samples of the malware, which is said to take advantage of weak network security, password management and a lack of traffic monitoring to deploy information stealing and remote access capabilities to victim systems.

It’s unclear what the attacker’s goals were in this raid — whether it was an accidental infection, a deliberately targeted multi-stage IP-stealing mission, or something more sinister still.

However, at the time of discovery, Singh tweeted about a causus belli (act of war) in Indian cyberspace. He later clarified this was a reference to a second, as-yet-unnamed, target.

“Actually, the other target scared the sh*t out of me. Scarier than KKNPP in some ways,” he said.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | North Korean Malware Found at Indian Nuke Plant appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | #ISC2Congress: IoT Devices Pose Off-Network Security Risk

Source: National Cyber Security – Produced By Gregory Evans

Internet of Things (IoT) devices can still be a serious security threat even when they are off network.

Speaking on day three of the (ISC)² Security Congress in Orlando, Florida, 802 Secure CSO Michael Raggo shared research that demonstrated the risks posed by everyday IoT devices. 

In his talk titled “Cyber Physical Security: Addressing IoT Risks,” Raggo cited examples of threat actors gaining access to data centers via WiFi thermostats and spying on conferences by hacking into smart TVs mounted on boardroom walls.

“The problem goes far above and beyond the potential breach of data or risks to that data. It also has an impact on safety, privacy, and the whole operation of your entire network, especially if it’s an industrial IoT type of network,” said Raggo.

“What that means in terms of your policies and how you approach the problem, is that this is more than just protecting data and avoiding data exfiltration. Now we are talking about the safety and the privacy of people and employees.”

The impact of IoT security issues is far-reaching. According to Raggo, “roughly 50% of the new buildings being built in the United States have some kind of IoT functionality.”

Raggo said that ensuring the reliability and security of the lighting, power, and HVAC systems of your home and your business is a real challenge if those systems aren’t connected to your own network.

Although many people are familiar with Wi-Fi and Bluetooth, according to Raggo they often don’t have a clear understanding of how IoT devices are configured and who can actually connect to them.   

Raggo referenced experiments conducted in his own lab that had produced worrying results, exposing vulnerabilities in smartphones and surveillance cameras. In one test, he used a wireless thumb drive to access data on a hub.

“I simply plugged it into a USB port in the back of the hub and immediately videos started being recorded to my thumb drive. There was no authentication required,” said Raggo.

One threat Raggo drew attention to was Bluetooth skimming, where threat actors steal money by breaching credit card details used in transactions. After being asked to investigate a fast-food restaurant that had suffered a breach, Raggo used readily available Bluetooth scanning tools to detect a long-range Bluetooth device placed under the cash register that had been used to skim data.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | #ISC2Congress: IoT Devices Pose Off-Network Security Risk appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | #(ISC)²: Hero Pilot Schools Cybersecurity Professionals

Source: National Cyber Security – Produced By Gregory Evans

The ninth annual (ISC)² Security Congress got off to a flying start with a lesson in handling pressure from retired pilot captain Chesley “Sully” Sullenberger.

Sullenberger famously landed US Airways Flight 1549 in the Hudson River on January 15, 2009, after both engines were disabled by a bird strike. While the Canada geese that struck the plane didn’t live to see another day, incredibly, everyone on the plane survived.

The feat performed by Sullenberger and the flight’s first officer, Jeffrey Skiles, on that cold winter day was even more remarkable since the only water-landing training they had undergone was a theoretical discussion of how it might be done.

Sullenberger began his keynote by paying tribute to Jeff, the crew, and the first responders, emphasizing that “a successful outcome requires the efforts of many people.”

He then described the terrifying events of that fateful day, which unfolded over just 208 seconds. Sullenberger said a lifetime of preparation was what enabled him to deal with the genuine life-or-death situation he encountered. 

The former pilot, now aged 68, paid tribute to his grandparents, who imbued him with a “lifelong love of reading and learning.” 

He entreated the gathered crowd to “never stop investigating” and to “change before you’re forced to”—to embrace innovation and change so they are better able to handle adversity. 

Sullenberger added: “As the pace of change accelerates, most of us can’t get through our entire working lifetime with just one skillset. Instead, we must keep on learning, growing, stretching ourselves.” 

The husband and father of two credited his grandparents and parents with teaching him that with any authority comes responsibility, a lesson that was ground in even deeper during his US air force training.

Sullenberger underlined the importance of civic responsibility for normal life to function, saying: “If we didn’t give each other these little gifts of civic behavior, civilization wouldn’t be possible. Everyday activities we take for granted, like driving down the highway, would be suicidal if we didn’t.”

Other key takeaways from Sullenberger’s keynote were that decisions “must be based on facts, not fears, and certainly not falsehoods,” and that leaders should lead through personal example. 

Sullenberger finished by saying that his colleagues had observed the way he lived his life, helping people and sticking to his core values. 

“It turned out my reputation had been built one interaction, one person, one day at a time.” 

He asked people to take the opportunity each encounter with another person provides to do good.  

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | #(ISC)²: Hero Pilot Schools Cybersecurity Professionals appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | How Facebook helps an abusive ex-partner find out your new identity, even after they’ve been blocked

Source: National Cyber Security – Produced By Gregory Evans Imagine the scenario. You’re a woman in an abusive relationship with a man. Things have turned violent. You leave the man, block his account on Facebook, and maybe even change your name legally as you want to start afresh. You update your Facebook profile to reflect […] View full post on AmIHackerProof.com