The domain name : LadyKiller.me is for sale.
With GoDaddy : Expires On 10th Feb 2018
Articles from February 18-24
Apple deleted server supplier after finding infected firmware in servers
Ars Technica | Sean Gallagher | February 24, 2017
A mid-2016 security incident led to Apple purging its data centers of servers built by Supermicro, including returning recently purchased systems, according to a report by The Information. Malware-infected firmware was reportedly detected in an internal development environment for Apple’s App Store, as well as some production servers handling queries through Apple’s Siri service. An Apple spokesperson denied there was a security incident. However, Supermicro’s senior vice-president of technology, Tau Leng, told The Information that Apple had ended its relationship with Supermicro because of the compromised systems in the App Store development environment. Leng also confirmed Apple returned equipment that it had recently purchased. An anonymous source was cited as the source of the information regarding infected Siri servers. Apple has used a variety of other companies’ server hardware—since the company got out of the server business itself and never used its own in datacenters—including servers from HP and storage from NetApp. A few years ago, Apple added Supermicro as a supplier for some of its development and data center computing infrastructure. But Apple has been squeezing the cost of its data center supply chain and moving toward more custom hardware much like the other cloud giants. In August of 2016, Digitimes reported Apple was increasing its orders for full-rack systems from the integrator ZT Systems and adding the China-based Inspur as a server supplier. Leng told The Information that Apple was the only company to report the firmware issue, and he said the servers are used by thousands of customers. He asserted that when his company asked Apple’s engineers to provide information about the firmware, they gave an incorrect version number—and then refused to give further information.
First-in-nation state-mandated cybersecurity regulation takes effect March 1
SC Magazine | Greg Masters | February 23, 2017
The nation’s first state-mandated cybersecurity regulations regarding banking and financial services companies are scheduled to go into effect in New York state on March 1. The rules are intended to set up protections for financial institutions as well as consumers. “This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyberattacks to the fullest extent possible,” Governor Andrew Cuomo stated in September when proposing the “first-in-the-nation cybersecurity regulation.” The rules as released by the governor along with New York’s Department of Financial Service, were originally proposed in September 2016 and, following a 45-day comment period, a final version was issued on February 20, 2017. The regulation adapts industry best practices – such as guidelines issued by the Securities and Exchange Commission and Financial Industry Regulatory Authority (FINRA) – and contains 23 sections calling for such things as encryption of data of all non-public information, appointing a CISO, employee training in security, enhanced multifactor authentication and the yearly submission by a senior officer of a certification affirming that the company is in compliance with the regulation’s requirements.
New macOS ransomware spotted in the wild
PCWorld | Lucian Constantin | February 22, 2017
A new file-encrypting ransomware program for macOS is being distributed through BitTorrent websites, and users who fall victim to it won’t be able to recover their files, even if they pay. Crypto ransomware programs for macOS are rare. This is the second such threat found in the wild so far, and it’s a poorly designed one. The program was named OSX/Filecoder.E by the malware researchers from antivirus vendor ESET who found it. OSX/Filecoder.E masquerades as a cracking tool for commercial software like Adobe Premiere Pro CC and Microsoft Office for Mac and is being distributed as a BitTorrent download. It is written in Apple’s Swift programming language by what appears to be an inexperienced developer, judging from the many mistakes made in its implementation. The application installer is not signed with a developer certificate issued by Apple, which makes the malware’s installation harder on recent OS X and macOS versions, as users would need to override the default security settings. The biggest problem with this malware, though, is the way in which it encrypts files. It generates a single encryption key for all files and then stores the files in encrypted zip archives. However, the malware doesn’t appear to have any ability to communicate with an external server, so the encryption key is never sent to the attacker before being destroyed. This means that even if victims follow the hacker’s instructions (included in a README!.txt file left on the computer) on how to pay the ransom, they won’t get their files back. The encryption appears to be strong, so it cannot be cracked using alternative means either.
What to expect from the Trump administration on cybersecurity
CSO | Grant Gross | February 22, 2017
Look for U.S. President Donald Trump’s administration to push for increased cybersecurity spending in government, but also for increased digital surveillance and encryption workarounds. That’s the view of some cybersecurity policy experts, who said they expect Trump to focus on improving U.S. agencies’ cybersecurity while shying away from new cybersecurity regulations for businesses. Trump is likely to look for ways for the National Security Agency and other agencies to assist the government and companies defend against cyberattacks, said Jeffrey Eisenach, a visiting scholar at the American Enterprise Institute and a tech adviser during Trump’s presidential transition. “Cyber has to be top of mind for any view of the United States’ global strategy,” Eisenach said Wednesday during a discussion about Trump’s cybersecurity priorities. “If you’re not thinking of cyber first, I don’t know what you should be thinking about.” A proposed executive order from Trump on cybersecurity was leaked in January, but its formal release was postponed. Beyond the leaked drafts, it’s difficult to read the tea leaves of a Trump cyber policy, other cybersecurity experts said. Given Trump’s focus on fighting terrorism during his presidential campaign, he’s likely to push for greater surveillance powers, said Adam Klein, a senior fellow at the Center for a New American Security. A foreign surveillance provision in U.S. law is set to expire at the end of the year, and Klein expects the Trump team to push for unfettered reauthorization. Trump “campaigned on vigorous counterterrorism efforts, and that is likely to lead [his] approach on surveillance and privacy issues,” Klein said. Trump may move away from former President Barack Obama’s attempts to balance privacy and national security, he said.
A Fifth of Spam Emails Sent in 2016 Distributed Ransomware
Softpedia | Gabriela Vatu | February 22, 2017
In a rather worrying new report coming from Kaspersky Lab, it was revealed that in last year’s fourth quarter, about a fifth of all spam emails carried ransomware with them. While this is reason enough for everyone to worry and triple check any incoming email, it’s not exactly a surprise given the skyrocketing popularity of ransomware among hackers. According to Kaspersky’s Spam and phishing in 2016 report, the volume of spam emails in 2016 rose to over 58% of overall email traffic, which is over 3% more than in 2015. As per usual, the US remained the biggest source of spam with 12% of it coming from computers across the 50 states. Second place is occupied by Vietnam, with 10.3%, while the third spot goes to India with 10.15%. When it comes to the countries that are most targeted by malicious emails, Germany takes the lead with little over 14%. The second spot goes to Japan with nearly 7.6% and China with 7.3%.As mentioned before, phishing attacks, in particular ransomware infections have grown quite a bit in the financial sector and across other businesses, places where attackers could make a little bit more money. Kaspersky notes that in 2016 the average proportion of phishing attacks against customers of financial institutions was over 47%, up from the 34% of the previous year.
Phishing attack nabs hospital employees’ W-2 info
Information Management | Joseph Goedert | February 21, 2017
Citizens Memorial Hospital is offering two years of identity protection services after an employee fell for a phishing email scam and released all 2016 W-2 tax form information on current and former employees to a hacker. The attack occurred on February 8, and the 86-bed hospital in Bolivar, Mo., learned of the breach the following day. “The information was sent by an employee who believed the phishing email scam was a legitimate internal hospital request,” the hospital states in a notification to media. “When we learned of the incident, we notified the FBI, the IRS and state taxing authorities.” Citizens Memorial is not notifying the HHS Office for Civil Rights about the incident because W-2 forms are not protected health information under the HIPAA breach notification rule, a spokesperson said in an interview. The hospital has paid for affected individuals to receive the ProtectMyID program from Experian. The suite of services includes text/email alert notifications that an unauthorized person may be using your personal information, credit and identity theft monitoring, scanning illicit sites were personal data is being traded, monitoring fraudulent changes of address requests at post offices and notification when an individual’s identity is free of illicit activity. Citizens Memorial is not revealing the number of affected individuals and is enhancing its data security education programs.
RSA Trends: Cloud, IoT, Cybersecurity Skills Gap Drive Security Services Demand
Channel Partners | George Hulme | February 21, 2017
When it comes to the business of information security and the big technology trends that will likely shape the year ahead, the RSA Conference is perhaps the most important source of insights. And with a record attendance of more than 43,000, RSAC 2017 was no exception. Service Providers Help Fill the Skills Gap: The supply of skilled cybersecurity professionals seems unable to catch up to demand. According to the industry association group ISACA’s report, “State of Cyber Security 2017,” 59 percent of the organizations they surveyed received five job applicants per opening. Typically, corporations get 60 to several hundred applications per opening. The ISACA report also found that, for 55 percent of enterprises, it takes a minimum of three months to fill an information security vacancy. For 32 percent of enterprises, it’s taking six months or more to fill those positions. When considering the steep challenges that enterprises face in finding the security professionals they need, coupled with the rapid adoption of cloud, mobile and now IoT, it’s no wonder that security services continue expanding so rapidly. A report recently published by Allied Market Research estimates that the global managed security services market will grow at a 16.6 percent annual clip between now and 2022. And there’s a good chance that five years from now, RSA conference attendees will be discussing not how these challenges were solved, but how they grew in complexity.
Google Shines Light On Corporate Gmail Threats
Dark Reading | Kelly Sheridan | February 21, 2017
New research from Google shows how different types of email attacks are more likely to land in corporate inboxes than personal ones. Each minute, Google prevents more than 10 million unsafe emails from reaching users who could fall victim to phishing attacks or malicious attachments, report Ali Zand and Vijay Eranti of Anti-Abuse Research and Gmail Abuse at Google. At last week’s RSA Conference, Google shared data on the diversity of security threats to corporate Gmail accounts. Spam is a common problem, for example, but malware and phishing attacks are more likely to target enterprise users. Attackers send 4.3x more malware, 6.2x more phishing emails, and 0.4x as much spam to corporate inboxes than to personal email accounts. Cybercriminals pick their victims based on several variables: the size and type of the business, industry, and geographical location. In a landscape where no two corporate entities face the same threats, security managers must adjust their strategies to align with specific attacks. Looking at business inboxes as a baseline, Google found attackers are 2.3x more likely to target nonprofits with malware, followed by educational institutions (2.1x), and government-related industries (1.3x). Businesses are more likely to be targeted with phishing and spam attacks.
The value of sharing threat intelligence
Information Age | Nick Ismail | February 20, 2017
Aristotle Onassis once said, “The secret of success is to know something nobody else knows. ”The idea that businesses should keep their best practice secrets to themselves is a popular one. It’s a way to stay ahead of the competition and retain a competitive advantage. Often industries become crowded with competition and knowing what your neighbor doesn’t can be the savior in difficult times. But this way of thinking doesn’t bode well for tackling the ever-growing threat of cyber attacks. It is evident from the data breaches that occurred in 2016 that companies are making the same mistakes over and over again, from running old computer software and failing to patch vulnerabilities, to falling for phishing emails and not having an effective attack response plan in place. A proven method of tackling the issue is by encouraging business leaders to share threat intelligence and openly discuss the challenges they have faced to maintain a strong security policy. This is crucial, particularly given the new threats caused by innovations in technology, such as artificial intelligence (AI) and machine learning. As these technologies become commoditized, we will start to see hackers take advantage of them in the same way businesses do. Progress has already been made in this area, with initiatives such as the Cyber Threat Alliance, allowing businesses to share threat intelligence on advanced attacks, their motivations and tactics of the actors behind them. The US government also announced the Cybersecurity Information Sharing Act (CISA) in 2015, creating an environment that encourages businesses to share more information. In the UK, a £1.9 billion government investment is under way for a new cyber security strategy, aiming to make it one of the safest places to do business in the world. The launch of the National Cyber Security Centre as a bridge between industry and government is also expected to make significant headway in helping educate businesses and consumers alike about the biggest cyber risks today.
“The good, the bad and the ugly” An opportunity for readers to discuss what they like and don’t like about a particular company in the domain space. Each post will deal with just one company, readers are encouraged to share their positive and negative experiences. Suggestions for improvement are also encouraged. One of the goals […]