Welcome to SCIAP
SCIAP MISSION: To create a virtual cyber security support group supporting the Cybersecurity Community by facilitating communication, sharing information and providing free posting resources to do all that (with no ADs or collecting / using any of your info.) Contact us with your ideas for supporting our Security Community. For more information, contact Welcome to Cyber News Tidbits 4U ! Another periodic cyber security news gram / digest = tidbits. (.. been over 3 weeks since the last one, so….) Arranged in a top down, couple of ‘likely” interest levels as before…with more short snippets, fewer threats and only a few local events (at the very bottom) Feedback is always welcome too… as is sending me articles to share… cyber information sharing in action ! (all links have been checked out… though you may need to cut & paste into your browser.. NOVEMBER 22 —Microsoft Invests $1 Billion In ‘Holistic’ Security Strategy Executives detail strategic and cultural shift atMicrosoft to an integrated security approach across its software and services, and announce new managed services group and cyber defense operation center. —Millions of sensitive records exposed by mobile apps leaking back-end credentials Thousands of mobile applications, including popular ones, implement cloud-based, back-end services in a way that lets anyone access millions of sensitive records created by users, according to a recent study. —NIST Seeks Review of Email Safety Doc Email systems have become so routine that consumers and workers often regard them as simply part of the furniture — like a standard-issue desk at a government or business office. However, the technology is more complex than most users appreciate — and that complexity makes it constantly vulnerable to cybersecurity threats. — Backup Your Files To Thwart A Ransomware Attack On Your Laptop And PC Ransomware is on the rise and you should protect yourself by backing up your laptop and PC files today.An advisory from the FBI’s Internet Crime Complaint Center this past June stated that more than $1 million a month, on average ($18 million over the prior 15 months), was paid to recover computers from Ransomware incidents. The FBI had received nearly one thousand Ransomware complaints from citizens, businesses, and government agencies. —Cybercriminals turn to video ads to plant malware Cybercriminals have been delivering malware through online display ads for years, but they appear to be making headway with a new distribution method: video advertisements. Both methods of attack, known as malvertising, can have a broad impact and are a major headache for the ad industry. A single malicious advertisement, distributed to several highly trafficked sites, can expose tens of thousands of computers to malware in a short time. —IBM Report: Ransomware, Malicious Insiders On The Rise X-Force’s top four cyber threat trends also names upper management’s increasing interest in infosec. —One in six US employees who find lost USBs use them Some 17% of US consumers picked up USB sticks they `found’ and plugged them into their devices, opened the text file and either clicked the unique link or emailed the listed address, according to an experiment by The Computing Technology Industry Association. —Cryptolocker/Cryptowall Ransomware Kit Sold for $3,000 – Source Code Included The Cryptolocker/Cryptowall 3.1 ransomware kit is being sold for $3,000 worth of bitcoins, according to a Pastebin post, which claims to even offer the source code along with the manual and free support. For those interested in purchasing only a couple of binaries, the malware developers offer a bundle of 8 per customer for $400. However, the developer also seems open to an affiliation program in which both you – the customer – and the developer split the revenue 50/50. —Healthcare Apps, WordPress Most Popular Web Attack Targets Content management systems were attacked three times more oftenthan other Web applications — especially WordPress, which was hit 3.5 times more often, according to Imperva’s new Web Application Attacks Report. WordPress, the most popular CMS, has taken a beating this year, marred by a variety of vulnerabilities — particularly, weaknesses in plug-ins, of which the CMS has over 30,000 — and an increase in brute-force attacks. —Microsoft to Host Data in Germany to Block the US from Spying on Its Users Microsoft’s getting ready to take the fight with the United States government over user data to a completely new level, as the company is ready to turn to data centers in Germany in order to block American agencies from snooping in on customers. —Don’t Toy With The Dark Web, Harness It The Dark Web’s sinister allure draws outsized attention, but time-strapped security teams would benefit from knowing what’s already circulating in places they don’t need Tor or I2P to find. —Microsoft Finally Ties the Knot with Red Hat for Linux on Azure –Network World In a move many consider long overdue, Microsoft and Red Hat on Wednesday announced a new partnership through which Microsoft will offer Red Hat Enterprise Linux as the preferred choice for enterprise Linux workloads on Azure. —Emerging Threats to Maritime Energy Infrastructure Countries are increasingly dependent on the security of maritime energy infrastructure, which is vulnerable to a range of well-known risks and threats, including terrorist attacks, piracy and natural disasters. More recently, concerns about the potential consequences of cyber attacks have become more widespread. —Everyone Should Get a Security Freeze This author has frequently urged readers to place a freeze on their credit files as a means of proactively preventing identity theft. Now, a major consumer advocacy group is recommending the same: The U.S. Public Interest Research Group (US-PIRG) recently issued a call for all consumers to request credit file freezes before becoming victims ofID theft. —States’ Cyber Security Readiness Presents “Grim Picture” Pell Study Finds Just eight states of 50 fared decently in a Pell study on their preparedness to deal with current and emerging cyberthreats —US-China Security Review Commission Discusses ‘Hack-Back’ Laws Commission’s annual report to Congress recommends a closer look at whether companies should be allowed to launch counterattacks on hackers. —DDoS And The Internet’s Liability Problem It’s past time for an improved liability model to disrupt DDoS. —What The Boardroom Thinks About Data Breach Liability Most public companies subscribe to cybersecurity insurance of some sort, and 90% say third-party software vendors should be held liable for vulnerabilities in their code. —How Web Analytics Is Being Used for Cyber Attacks Today, websites are being altered to redirect users to a profiling script known as WITCHCOVEN. The purpose is to track and profile Internet users and infect their computers withtargeted malware. WITCHCOVEN is part of a large-scale effort by cyber criminals that uses web analytics and open source tools for reconnaissance. The effort has been highly successful, with vast amounts of information collected on web traffic and Internet visitors from around the world. —Insider’s Guide to Incident Response handy guide provides expert, practical tips on how to build an incident response plan and team, and what tools and training you can use to arm those team members. Learn insider secrets like: Arming & Aiming Your Incident Response Team Incident Response Process & Procedures The Art of Triage: Types of Security Incidents —Is Your Data Governance Program Heading Down the Wrong Path? Good data governance is as much about doing things the right way as not doing things the wrong way. Although enterprise data governance efforts have been launched at many companies, the success rate of these initiatives isn’t encouraging. There’s a lot of advice available on datagovernance best practices that should be adopted; this expert guide lists the top “worst practices” that your company needs to avoid. You’ll view both sides of the issue: How data governance done right will add value to your business – and how data governance done wrong will create more work for your company, without any of the benefits. —Who’s Really In Charge If a Massive Cyberattack Strikes US? —FFIEC Updates Cybersecurity Expectations for Boards —IoT begs for Privacy | 21st Century Privacy —Clarifying the fog of cyber security complexity – the “sweet 16” capabilities / portfolios. Functionally decompose what “cyber” is into manageable portfolios! 2 ++++++ —Security researcher warns “future is extortion” as cyber-criminals target SMEs Sitting in the F-Secure Labs in Helsinki, Sean Sullivan, security researcher at F-Secure warned that the “future is extortion”. Referring to a significant rise in ransomware attacks by organised crime gangs, he warned thatransomware operations have become ‘slick’, so much so their customer support could be viewed as ‘enterprise’ grade. —Study: Serious Web Security Flaws Rampant on Embedded Devices The web interface is a bit like the “bacon” of the Internet of Things – every device tastes (and works) a lot better with one. But, if implemented or deployed improperly, those web interfaces can be fat targets for remote attackers. Now a survey of firmware by researchers in France and Germany finds that many of those web interfaces are, indeed, vulnerable. —Report: Botnets Help Bump Cyberattack Attempts by 20 Percent ThreatMetrix last week reported that it had detected and prevented more than 90 million attempted cyberattacks in real time across industries from July to September. The attempted attacks covered fraudulent online payments, logins and new account registrations, and represented a 20 percent increase over the previous quarter, according to ThreatMetrix Cybercrime Report: Q3 2015. —Decryption Tool Foils Linux Server Ransomware Attacks Bitdefender on Monday released a free decryption tool designed to wrest data from the grip of a rare type of ransomware that’s been plaguing Linux servers. Details for performing the decryption are available on the company’s website. Essentially, the solution takes advantage of a flaw in the ransomware, which Bitdefender discovered through reverse-engineering. —U.S. and U.K. Test Response to Major Financial Cyberattack Britain and the United States carried out a planned drill with leading global firms on Thursday to see how they would respond to a cyber incident in the financial sector. The test focused on how the world’s two biggest financial centers, New York and London, would cope with a cyberattack in terms of sharing information, communicating with the public and handling an incident. —The Lingering Mess from Default Insecurity The Internet of Things is fast turning into the Internet-of-Things-We-Can’t-Afford. Almostdaily now we are hearing about virtual shakedowns wherein attackers demand payment in Bitcoin virtual currency from a bank, e-retailer or online service. Those who don’t pay the ransom see their sites knocked offline in coordinated cyberattacks. This story examines one contributor to the problem, and asks whether we should demand better security from ISPs, software and hardware makers. —Gmail to Warn When Messages Take Unencrypted Routes Google plans to ramp up security at its free email service by letting users know when messages arrive via unencrypted connections that could be prone to snooping or tampering. —The Secret Pentagon Push for Lethal Cyber Weapons – Defense One With nearly $500 million allotted, military contractors are competing for funds to develop the next big thing: computer code capable of killing. —Federal Legislation Targets “Swatting” Hoaxes A bill introduced in the U.S. House of Representatives on Wednesday targets “swatting,” an increasingly commonand costly hoax in which perpetrators spoof a communication to authorities about a hostage situation or other violent crime in progress in the hopes of tricking police into responding at a particular address with deadly force. —Heat map identifies need for cybersecurity professionals The US National Institute of Standards and Technology (NIST) is creating “a heat map visualization tool that will show where cybersecurity jobs are open across the country”, enabling employers and job seekers to harmonize. —IT professionals reveal top challenges in web security A new report from CYREN describes the challenges to web security that IT professionals face.. —DISA director: ‘We expect a cyberattack as a prelude to war’ —CES Announces the Most Innovative Tech Products for 2016 —Why The Java Deserialization Bug Is A Big Deal Millions of app servers are potentially open to compromise due to how they handle serialized Java apps, researchers say. —GCHQ chief (UK) claims thateverything is failing cyber security —Privileged Account Control Still Weak In Most Organizations Two studies this week show there’s a long way to go in securing credentials for risky accounts. —NIST official: Move past passwords A group of identity access experts, including one from NIST, debated whether passwords were worth the trouble. —Security in 2016: The death of advanced persistent threats Kaspersky predicts that APTs will cease to exist next year — but what will take their place? —The State of Cyber Insurance Immature market, land grab for customers, high premiums, little change in the short-term. —Global Privacy & Cybersecurity Update, Issue 8 (great laws, etc overview) —Five moves for every new CISO’s playbook —Get Ready for Next-Generation Endpoint Security 3 ++++++ —“Cherry Picker” PoS Malware Cleans Up After Itself A point-of-sale (PoS) malware that went largely undetected for the past several years has been analyzed byresearchers at Trustwave. Dubbed by the security firm “Cherry Picker,” the threat has been around since at least 2011, but it managed to stay under the radar thanks to its sophisticated functionality and use in highly targeted attacks. —Thousands of Java applications vulnerable to nine-month-old exploit A popular Java library has a serious vulnerability, discovered over nine months ago, that continues to put thousands of Java applications and servers at risk of remote code execution attacks. —Britain Develops Cyber Attack Powers to Take on ISIS (OK, yet hack back is s slippery slope for any entity) British spies are developing an offensive cyber capability to attack terrorists, hackers and rogue states, finance minister George Osborne said on Tuesday after warning Islamic State militants wanted to launch deadly cyber attacks of their own. —Thousands of cheap tablets sold on Amazon have Trojans pre-installed Security researchers at Cheetah Mobile have discovered potentiallythousands of Android tablets for sale on Amazon that come pre-installed with a Trojan called Cloudsota. The Cloudsota Trojan has root permissions and can give its author remote control of your device, as well as install adware, malware, or even uninstall your anti-virus app. The researchers believe that the Trojan originated in China. —Hackers Claim Million-Dollar Bounty for iOS Zero Day Attack Hacking Apple’s IOS isn’t easy. But in the world of cybersecurity, even the hardest target isn’t impossible – only expensive. And the price of a working attack that can compromise the latest iPhone is apparently somewhere around $1 million. —Tricky New Malware Replaces Your Entire Browser with a Dangerous Chrome Lookalike This malicious browser looks and acts just like Chrome–except for all the pop-up ads, system file hijacking, and activity monitoring. —New 4G LTE Hacks Punch Holes In Privacy Black Hat Europe researchers to demonstrate newly found flaws in 4G mobile that exposeprivacy and disrupt phone service. —Anonymous’s Cyber War with ISIS Could Compromise Terrorism Intelligence “As French police scoured Paris and surrounding areas in search of those responsible for Friday’s terrorist attacks on the French capital, a group of cyber activists took aim at the Islamic State’s online presence. The computer-hacker federation known as Anonymous claims to have disabled at least 5,500 pro-ISIS Twitter accounts —An app called Telegram is the ‘hot new thing among jihadists’ When ISIS terrorists want to hide what they’re saying, they are increasingly turning to an app called Telegram. It’s “the new hot thing among jihadists,” said Laith Alkhouri, director of Research at Flashpoint Global Partners.T he Berlin-based startup boasts two layers of encryption and claims to be “faster and more —Cyber ‘War Games’ against China, Iran and North Korea Set for 2016 In an unprecedented move, Congress just ordered U.S. Cyber Command to carry out simulated “war games”against, specifically, Russia, along with China, Iran and North Korea. The drills are expected to run uniformed service members, civilians and contractors through the motions of staving off a cyber assault the likes of which each nation state will be equipped for — five to 10 years from now. —Islamic State Determined to get Chemical Weapons (To be used ‘anywhere”!)