some

now browsing by tag

 
 

#cybersecurity | #hackerspace | The NYPD (and the rest of us) need some new barricades

Source: National Cyber Security – Produced By Gregory Evans

Not all security barricades are made of wood. Some are made of bits.

According to the New York Post, the New York Police Department ran into some security trouble back in October, when a contractor plugged an infected Intel NUC computer in to the network at the Queens location of the Police Academy as part of work on the school’s digital signage system. The NUC quickly did what infected computers do and reached out and touched 20+ other systems, infecting them with malware.

The interesting part (and lesson for all of us) is that the infected machines were part of the NYPD’s LiveScan fingerprint system, which I think we can all agree would count as a critical system for any law enforcement agency. It appears that the cops reacted quickly, isolating the infection, cleaning the systems and determining that there was no malicious intent on the part of the contractor who caused the mess.

So?

This is a great example of why network segmentation is a good idea and a good security control to consider in your organization.

I can’t think of any reason for the Police Academy’s digital signage network to have the ability to talk to the LiveScan network (or pretty much anything else other than systems holding content and network management tools). Had firewalls or access control lists separated the signage network from the rest of the network, the damage could have been contained to the less critical signage network.

While the NYPD would probably have not have had to buy additional equipment to implement network segmentation, this control is not without a cost. Having a more segmented network does mean that thought has to be given as to what systems need to communicate with each other and adds to the workload of the networking team, who need to open needed ports and routes and keep track of why systems communicate.

However, the security rewards of segmenting networks are significant, making it much more difficult for malware to spread and for attackers to move laterally once they have breached a portion of the network. Hunting for suspicious traffic on segmented networks is also made easier – just look for firewall drops between segments to see if malware or attackers are rooting around. Finally, this kind of setup makes it harder for internal users to set up applications and servers without the knowledge of networking and security personnel.

Making the commitment to network segmentation is a non trivial project and in today’s fast paced business world, processes need to be in place to quickly evaluate and implement needed connectivity. But when an event occurs, a segmented network is much easier to defend, coordinate response on and clean up.

*** This is a Security Bloggers Network syndicated blog from Al Berg's Paranoid Prose authored by Al Berg. Read the original post at: https://paranoidprose.blog/2019/11/29/the-nypd-and-the-rest-of-us-need-some-new-barricades/

Source link

The post #cybersecurity | #hackerspace |<p> The NYPD (and the rest of us) need some new barricades <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | Facebook and Twitter warn some users’ private data accessed via SDK

Source: National Cyber Security – Produced By Gregory Evans

Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts.

According to a report by CNBC, users of Android apps that made use of a software development kit (SDK) named oneAudience may have unwittingly shared information such as their email addresses, usernames and recent tweets.

CNBC says that amongst the offending Android apps are the photo-editing tools Giant Square and Photofy. Presently there is no indication that iOS users are affected by the issue.

According to an advisory published by Twitter, data extracted from accounts via the use of the oneAudience SDK (which it describes as “malicious”) in a smartphone app could be used to take control of a Twitter account, although it has seen no evidence that this has occurred.

Twitter was keen to emphasise that the “issue is not due to a vulnerability in Twitter’s software, but rather the lack of isolation between SDKs within an application,” and says it will be notifying users of the Twitter for Android app who may have been affected.

Furthermore, Twitter says it has “informed Google and Apple about the malicious SDK so they can take further action if needed.” I presume what they mean by that is that so Google and Apple can kick any offending apps out of their respective app stores.

In response, oneAudience has issued a statement claiming the “data was never intended to be collected, never added to [its] database and never used.”

According to the company, it “proactively” updated its SDK in mid-November so user data could not be collected, and asked developer partners to update to the new version. However, it has now announced it is shutting down the offending SDK.

Facebook meanwhile has issued a statement saying that it is taking action against not only the oneAudience SDK, but also an SDK from marketing company MobiBurn:

“Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores.”

“After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn. We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender. We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”

On its website, MobiBurn describes how it helps app developers generate revenue – not by placing more ads within an app, but through the “monetization of your applications’ valuable data in a safe and confidential way.”

However, in light of the revelations and action taken by Facebook and Twitter, MobiBurn says it has “stopped all its activities” until investigations are complete.

mobiburn statement

This is all very well and good, but what are users supposed to do to protect themselves?

When they install an app, they have no way of knowing whether the developers chose to make use of a malicious SDK which might leave personal information exposed.

All you can realistically do is exercise restraint regarding which third-party apps you connect to your social media profiles. The fewer apps you connect to your Facebook and Twitter, the smaller the chance that someone’s code will be abusing that connection to access information you would rather not share.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Source link

The post #cybersecurity | #infosec | Facebook and Twitter warn some users’ private data accessed via SDK appeared first on National Cyber Security.

View full post on National Cyber Security

Facebook #secretly deleted #some of Mark Zuckerberg’s private #messages over fears the #company could be #hacked

Want to delete that embarrassing message you just sent? WhatsApp will let you, and so will Instagram — but if you’re using Facebook, then you’re out of luck.

Unless you’re Mark Zuckerberg, the CEO and cofounder of Facebook.

TechCrunch reported Thursday that some old messages sent by Zuckerberg and senior executives have disappeared from recipients’ Facebook Messenger inboxes, proven by the original email receipts sent at the time.

The company appeared to confirm the unique arrangement, telling TechCrunch the change was made in response to an uptick in hacking.

“After Sony Pictures’ emails were hacked in 2014 we made a number of changes to protect our executives’ communications. These included limiting the retention period for Mark’s messages in Messenger. We did so in full compliance with our legal obligations to preserve messages,” the company said.

The Sony hack targeted the emails of Sony film executives, which revealed a side of Hollywood rarely seen by outsiders, and the decision to name the event as a catalyst for Facebook’s message purge indicates how troubling the incident was in Silicon Valley — and that Facebook was concerned about being hacked.

The company also raised the idea of a “retention period,” though there is no such thing for normal users. If a user long presses a private message on Facebook a “Delete Message” pop up confirms that the function will “delete your copy of the message,” and the recipients’ copy will remain.

Facebook-owned Instagram has long had the option to “unsend” direct messages, while Facebook-owned WhatsApp recently launched a deletion function where unread messages can be deleted “for everyone.” A message is then displayed to all participants that content has been deleted.

But Zuckerberg’s deleted messages didn’t leave behind any such message, probably because they had already been read, many years ago.

The messages were originally sent to former employees and people outside of Facebook. According to TechCrunch, the recipients of the now-deleted messages were not informed at any stage that correspondence they received had been erased.

Zuckerberg may be the CEO of Facebook, but it’s unclear how the decision to remove senior executives’ messages would be allowed under the company’s terms of service. The terms only allow Facebook to remove content if the company believes “that it violates this Statement or our policies” or for infringing copyright.

Deleting messages quietly, and selectively, also appears to fly in the face of Facebook’s campaign to “make the world more open and transparent.” Its own policies say that the company “should publicly make available information about its purpose, plans, policies, and operations.”

Facebook appears to have not followed these policies in this instance, and it raises questions about the recipient’s right to privacy.

The news comes just weeks after the Cambridge Analytica scandal which has seen Zuckerberg admit that tens of millions of users probably had their data scraped.

advertisement:

The post Facebook #secretly deleted #some of Mark Zuckerberg’s private #messages over fears the #company could be #hacked appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

WannaCry Some More? Cybercriminals Using NSA Hacking Tools to Attack Citizens

Source: National Cyber Security – Produced By Gregory Evans

A cybersecurity firm has announced hacking tools linked to the US National Security Agency are being exploited by cybercriminals. NSA-linked hacking tools are being used by cybercriminals in efforts to remotely steal money and confidential information from online banking users, according to researchconducted by cybersecurity firm Proofpoint. Proofpoint researchers discovered two different banking trojans in the wild, with computer…

The post WannaCry Some More? Cybercriminals Using NSA Hacking Tools to Attack Citizens appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Fiat Must Face Some Claims In Drivers’ Hacking Risk Suit

Source: National Cyber Security – Produced By Gregory Evans

An Illinois federal judge on Monday refused to entirely dismiss a putative class action claiming some Fiat Chrysler Jeeps are susceptible to hacking, saying that the plaintiffs can continue to claim they overpaid for the vehicles. District Court Judge Michael Reagan dismissed remaining claims that possible future car hacking could…

The post Fiat Must Face Some Claims In Drivers’ Hacking Risk Suit appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers could take over your computer if they fragged you on some CS:GO servers

Source: National Cyber Security – Produced By Gregory Evans

An exploit in the Counter-Strike: Global Offensive Source (SDK) engine was removed in a June update, according a report from software security company One Up Security yesterday. The vulnerability allowed users in CS:GO community browser and third-party servers to hack into another player’s computer merely through killing them on a…

The post Hackers could take over your computer if they fragged you on some CS:GO servers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Dark Web Hosting Service Hacked, Some Data Was Stolen

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Source: National Cyber Security – Produced By Gregory Evans Deep Hosting — a Dark Web hosting service — admitted yesterday to suffering a major security incident during which “some sites have …

The post Dark Web Hosting Service Hacked, Some Data Was Stolen appeared first on Become007.com.

View full post on Become007.com

Computer expert: Some voting machines can be directly hacked

Source: National Cyber Security – Produced By Gregory Evans

Computer expert: Some voting machines can be directly hacked

A computer science professor told the Senate Intelligence Committee Wednesday that voting machines that create an electronic record of the voters’ decisions are open to fraud and computer hacking, vulnerabilities that are big enough to potentially change the outcome of some elections. J. Alex Halderman, professor of computer science at…

The post Computer expert: Some voting machines can be directly hacked appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Some question government’s responsibility in cyber security after latest breach

Source: National Cyber Security – Produced By Gregory Evans

This week’s news about the CIA having the ability to access cell phones didn’t come as a surprise to some. However, there are also those that are concerned about whether or not withholding that information from tech companies is safe …

The post Some question government’s responsibility in cyber security after latest breach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Meridian Police warn there are some apps parents shouldn’t allow their kids to have

MERIDIAN, Idaho – Lake Hazel Middle Schoolers are learning a valuable lesson outside the classroom. They’re working to make a friendship tree to show kindness to others.

“I’m hoping they learn kindness can go a long way if they are kind to each other, we have a better school environment,” said Jenna Lowman the counselor at Lake Hazel Middle School.

And in this digital age of bullying, kindness is quickly forgotten.

“Parents have no idea when you give this smart device to your kid, that it can get them into danger very quickly,” said School Resource Officer David Gomez of the Meridian Police Department.

Read More

View full post on Parent Security Online