Top CyberSecurity News For October 5th 2016

  1. Guccifer 2.0 dumps a bunch of Clinton Foundation donor dataFrom Endgadget. Julian Assange’s “October surprise” press conference may have been a bust but his Gilligan, the hacker calling himself Guccifer 2.0, came through on Tuesday, releasing a large database of information reportedly stolen from the Clinton Foundation. The dump includes the names, addresses and emails of both individual and corporate donors as well as their contribution amounts.

Advertisements

Top CyberSecurity News For 28th May 2016

  1. North Korea Linked With Hacks Stealing From BanksFrom US News And World Report. Network security researchers have linked cyber attacks that stole millions of dollars from Asian banks to hacking incidents attributed to North Korea, raising questions as to whether the cash-strapped hermit kingdom is seeking new ways to replenish its coffers.

  2. Did the Clinton Email Server Have an Internet-Based Printer?From Krebs On Security. The Associated Press today points to a remarkable footnote in a recent State Department inspector general report on the Hillary Clinton email scandal: The mail was managed from the vanity domain “clintonemail.com.” But here’s a potentially more explosive finding: A review of the historic domain registration records for that domain indicates that whoever built the private email server for the Clintons also had the not-so-bright idea of connecting it to an Internet-based printer. 

Top CyberSecurity News For 16th May 2016

  1. Emails raise more questions of Clinton infosec practices From SC Magazine.  A batch of recently released documents set off renewed discussions about Hillary Clinton’s information security practices as former U.S. Secretary of State. The documents, which were obtained by Judicial Watch through a Freedom of Information Act request, included 296 pages of declassified State Department documents. Contained in the released documents is an email discussion between Clinton and her then-Chief of Staff Cheryl Mills. After Clinton landed from a February 22, 2009 trip abroad, she and Mills tried unsuccessfully to connect through Clinton’s secure communication. After an hour of trying to connect, Clinton wrote to Mills, “Are you calling me? What #? I called ops and they gave me your ‘secure’ cells… but only got a long high pitched whining sound.”

  2. Why incident response plans failFrom TechCrunch. Following a cyber attack on critical infrastructure, emotions run high and the clock starts ticking. Suddenly what appears to be a well-structured incident response (IR) plan on paper can turn into a confusing “storming session” around who owns what. Rather than identifying, analyzing and eradicating the threat, organizations can easily become entangled in processes hindering response time and further endangering operations.The longer the “dwell time,” or the time an attacker remains within the system, the more damage the attacker can cause, whether it be data loss, impacts to operations or physical damage to assets. According to a recent survey done by the SANS Institute, 50 percent of organizations took two days or longer to detect breaches, and 7 percent didn’t know the length of an attacker’s dwell time.

Top CyberSecurity News For 7th May 2016

  1. Student who hacked into a public transport network and got $18 in free trips is found guilty of fraud after he contacted authorities to warn them about the system’s flaws. From Daily Mail.  A student who hacked into a public transport system to show it had flaws has been been found guilty of fraud after he and a co-convicted got $18 worth of free trips. Jack Carruthers, a student at Perth’s Murdoch University, hacked into the city’s SmartRider transport travel card and later owned up to TransPerth, alerting them to the issues with the system. However, he ended up being charged for his actions after the Public Transport Authority (PTA) noticed what had happened and was eventually found guilty.
  2. Charles Schwab data breach exposed client investment dataFrom SC Magazine.  Charles Schwab informed some of its customers on May 4 that the company had noticed unusual login activity on their account, possibly due to an unauthorized person having obtained their account username and password. In a letter posted on the California Attorney General Office website, the company said the unusual activity began on or after March 25 and that the account sign-on credentials were likely taken from a non-Schwab source and then successfully used to access the customer’s account, possibly exposing the client’s names, account numbers, stock positions and transaction history.

  3. Prince of Persia: Infy Malware Active In Decade of Targeted AttacksFrom Palo Alto Networks. Attack campaigns that have very limited scope often remain hidden for years. If only a few malware samples are deployed, it’s less likely that security industry researchers will identify and connect them together. In May 2015, Palo Alto Networks WildFire detected two e-mails carrying malicious documents from a genuine and compromised Israeli Gmail account, sent to an Israeli industrial organization. One e-mail carried a Microsoft PowerPoint file named “thanks.pps” (VirusTotal), the other a Microsoft Word document named “request.docx”.

  4. Romanian hacker Guccifer: I breached Clinton server, ‘it was easy’. From Fox News. The infamous Romanian hacker known as “Guccifer,” speaking exclusively with Fox News, claimed he easily – and repeatedly – breached former Secretary of State Hillary Clinton’s personal email server in early 2013. “For me, it was easy … easy for me, for everybody,” Marcel Lehel Lazar, who goes by the moniker “Guccifer,” told Fox News from a Virginia jail where he is being held.
  5. Why malware authors keep using the same old Microsoft Office exploitsFrom SophosLabs. SophosLabs Principal Malware Researcher Gabor Szappanoshas closely studied Microsoft Office exploits for the past few years. We’ve previously covered his investigation of the Microsoft Word Intruder exploit creation kit, and his recent paper exploring the most popular Office exploit kits.