Top CyberSecurity News For 31st July 2016

  1. America uses stealthy submarines to hack other countries’ systemsFrom Washington Post. When Donald Trump effectively called for Russia to hack into Hillary Clinton’s emails Wednesday, the GOP nominee’s remarks touched off a (predictable) media firestorm. Here was a presidential candidate from a major U.S. party encouraging a foreign government to target American interests with cyberspying — an act that could not only expose national security information but also potentially undermine the actual security infrastructure of the United States.

Top CyberSecurity News For 30th July 2016

  1. MEET DANGER DRONE – A FLYING COMPUTER DESIGNED TO HACK INTO ALL YOUR UNPROTECTED DEVICESFrom Digital Trends. For Fran Brown, one of the managing partners at renowned security firm Bishop Fox, it all started with Top Gun. “I was watching [the movie] as I often do, and Kenny Loggins’ song came on, and I suddenly thought ‘Danger Drone‘ — that would be an awesome name for a project,” he told Digital Trends. “It went from there.” Feeling inspired, Brown went on to co-create Danger Drone — or, as he puts, “a hacker’s laptop that can fly.” In essence, the concept is a $500 Raspberry Pi-based quadcopter drone, kitted out with all the regular hacking software security firms deal with on a regular basis.

Top CyberSecurity News For 29th July 2016

  1. South Korea Says North Korea Is Blackmailing One of Its Top Online RetailersFrom Softpedia. According to reports from South Korean media, on Monday, authorities announced they were investigating a data breach at Interpark Corp, a company that runs the online shopping portal, one of South Korea’s biggest online stores. Two days later, on Wednesday, June 27, South Korean authorities made the first public statements regarding this incident after conducting a basic investigation surrounding the IP addresses involved in the Interpark hack.

Top CyberSecurity News For 28th July 2016

  1. Chrome, Firefox Vulnerable to Crashes via Search SuggestionsFrom Softpedia. 

    Security researchers from Nightwatch Cybersecurity have discovered a way of crashing Chromium and Firefox browsers on mobile and desktop devices. Their method relies on using the search suggestions feature that these browsers support. The issue is not a software bug, but a design implementation that allows their attack to be executed. Most of today’s browsers have a search field or allow users to search via the URL address bar. Based on the search engines supported inside the browser, search suggestions can be shown as the user types their query.

Top CyberSecurity News For 27th July 2016

  1. How the Chinese Government Became the World’s Hacking Superpower. From Motherboard. In January of 2010, Google made a shocking announcement: The Chinese government had broken into its systems to steal sensitive data. This was the first time an American company had the guts to publicly stand up and point the finger at the government of China. “We detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google,” the company wrote in a boringly titled blog post.

Top CyberSecurity News For 26th July 2016

  1. US Government to Pay $2 Million for Automatic Hacking and Patching SystemFrom Softpedia. At this year’s DEF CON security conference scheduled to be held in Las Vegas at the start of August, the Defense Advanced Research Projects Agency (DARPA) will be giving away a total of $4 million to seven teams participating in the Cyber Grand Challenge (CGC). Started in 2014, the Cyber Grand Challenge is a classic CTF (Capture The Flag) competition, but with a kink. Instead of pinning two teams of security researchers against each other in an attempt to hack and/or protect a network or device, the CGC will have the seven teams battle using automated computer programs that are built to hack other systems and to automatically detect and fix weaknesses on their own.

    Read more:

Top CyberSecurity News For 25th July 2016

  1. Canadian Man Behind Popular ‘Orcus RAT’. From Krebs On Security. Far too many otherwise intelligent and talented software developers these days apparently think they can get away with writing, selling and supporting malicious software and then couching their commerce as a purely legitimate enterprise. Here’s the story of how I learned the real-life identity of Canadian man who’s laboring under that same illusion as proprietor of one of the most popular and affordable tools for hacking into someone else’s computer.

Top CyberSecurity News For 24th July 2016

  1. Flaws in Oracle file processing SDKs affect major third-party productsFrom CSO Online. Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors, including Microsoft. The vulnerabilities were found by researchers from Cisco’s Talos team and are located in the Oracle Outside In Technology (OIT), a collection of software development kits (SDKs) that can be used to extract, normalize, scrub, convert and view some 600 unstructured file formats.

1. Auto Industry Develops Security Best PracticesFrom Infosecurity Magazine. Car manufacturers have released a new best practices document designed to improve vehicle cybersecurity in the industry. The doc was penned by the 15 car-maker members of the Automotive Information Sharing and Analysis Center (Auto-ISAC) and draws on the expert advice of over 50 automotive cybersecurity experts. It includes advice in seven key topic areas: governance; risk assessment & management; security by design; threat detection and protection; incident response; awareness & training; and collaboration & engagement with third parties.

Top CyberSecurity News For 22nd July 2016

  1. Cicis Restaurant Chain Data BreachFrom While this matter is still under investigation, we wish to report what we currently know.  In early March of 2016, we received notice from several of our restaurant locations that their Point of Sale (POS) systems were not working properly.  Our POS Vendor began an investigation to assess the problem and initiated heightened security measures.  When the POS Vendor found malware on the POS software at some Cicis restaurants, we immediately began a restaurant by restaurant data security review and remediation.