Major OS design flaw could have serious ramifications
A serious flaw in the design of almost every CPU and/or operating system will result in cybersecurity-required updates, or patches, being published for Microsoft, Apple, and Linux operating systems.
One of our cybersecurity engineers noticed a flurry of Linux and Windows emergency kernel patches being published that are enabling and implementing KPTI (Kernel Page Table Isolation) protections (or barriers). Enabling KPTI for all operating systems will likely impact the computer's performance, in some cases running 30% slower.
[ Jan 4, 2018 Update: This exploit was discovered by Google back in the early summer of 2017. The exploits are known as "Meltdown" and "Spectre" — two methods of exploiting a security vulnerability found in Intel, AMD, and ARM processors that, between them, threaten almost all PCs, laptops, tablets, and smartphones, regardless of manufacturer or operating system. ]
Why is there a need to do this now?
Smart money seems to be that a variation of a known cyber attack, called rowhammer, has been found in the wild. This attack is likely a hypervisor exploit ... meaning the Big Brandsin the virtualization world (Amazon S3, Google Computer Engine, Microsoft Azure) could be at risk of a process in one Virtual Machine (VM) gaining access to data in another VM.
Click here to read more about this cybersecurity issue.
Use ONLY the Equifax Website to check your account!
Another massive data breach has occurred. This time, one of the three primary credit records companies, has announced that almost half of all American's personal information INCLUDING Social Security Numbers, have been stolen from Equifax. Because the information includes names, addresses, SSI, credit card numbers and more, this breech may cause more harm to individuals than any previous cyber attack.
One thing you shouldn't do about this? DON'T click on any website that promises to show whether your account is one of the stolen records. Some of those sites will definitely be set up to capture more information about you and won't even be related to the Equifax.
What should you do? Equifax has set up this website you should use to check your account status.
Researchers hack Philips Hue bulbs to create IoT meltdown.
As we've previously blogged, the Internet of Things (IoT) is embedding itself into all aspects of our culture. We're concerned that most IoT technology doesn't address much about cybersecurity, rather they are focused on ease of connectivity and use. That's a nightmare we're still facing with our more traditional computing and networking platforms.
A new paper was published by research scientists out of Israel which exposes how a popular IoT communication standard, called Zigbee, can be exploited using the Philip Hue IoT smart lighting products. The paper opens with the following statement:
″Within the next few years, billions of IoT devices will densely populate our cities. In this paper we describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will rapidly spread over large areas, provided that the density of compatible IoT devices exceeds a certain critical mass.
In particular, we developed and verified such an infection using the popular Philips Hue smart lamps as a platform. The worm spreads by jumping directly from one lamp to its neighbors, using only their built-in ZigBee wireless connectivity and their physical proximity. The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes. It enables the attacker to turn all the city lights on or off, to permanently brick them, or to exploit them in a massive DDOS attack."
More on how this was done can be read here.
Trauma Patients diverted to other Hospitals; Surgeries cancelled.
Brian Krebs of KrebsonSecurity.com posted an in-depth article about a UK Hospital System that has been crippled by a computer virus. This cybersecurity breach has forced multiple hospitals to cancel surgeries and divert trauma patients and "at risk" women in labor. Although no information was released about what kind of computer virus infected the Hospital systems, it is likely an infestation of ransomware — a malware scourge whose purveyors have taken to targeting hospitals and healthcare facilities.
Ransomware scours an infected computer for documents, audio files, pictures and other things likely to be of value to the system’s owner, and then encrypts that data with very powerful encryption software. Most ransomware variants also scour the local network for other systems or network shares to infect. Victims usually can only get their files back after paying a specified ransom demand using a virtual currency, such as Bitcoin.
Data Breaches Expose 169 Million Records So Far in 2016
The latest data breach count from the Identity Theft Resource Center (ITRC) reports that there have been 725 data breaches recorded this year through October 4, 2016, and that more than 29 million records have been exposed since the beginning of the year. The total number of reported breaches increased by 13 since ITRC’s last report on September 27. The number of breaches in 2015 totaled 781, just two shy of the record 783 breaches that ITRC tracked in 2014. The 725 data breaches reported so far for 2016 are more than 16% above the number reported (623) for the same period last year. A total of more than 169 million records were exposed in 2015.
Apache Spot uses big data analytics and machine learning for advanced threat detection
Sentar has been using Artificial Intelligence and Machine Learning technology for years to provide advanced malware detection and classification. Our technology was derived from concepts in the Human Genome Bioinformatics efforts and it was the genesis of DARPA's Cyber Genome project. Now, there is an open source project, Apache Spot that provides access to similar technology that you can explore yourself. Apache Spot uses Big Data Analytics and Machine Learning that can be applied to improve or create new cybersecurity applications.
(Ok, not "we". One of our Experts.)
We recently hired a new cybersecurity expert in our Research & Development group. We were chatting, just kind of getting to know each other, and he mentioned he had successfully hacked one of the Pentagon's websites.
Instead of hauling him off to jail, they paid him. It's a smart move that many corporations should consider. Of course, he was participating in the Department of Defense-sponsored, first-ever, Hack The Pentagon exercise. And he found several vulnerabilities.
And, yesterday it was announced that the DoD had finished closing all 138 verified security vulnerabilities uncovered by that 'exercise'. They estimate it could have cost $1M if they paid a professional firm to do so, instead they shelled out ~$150K. Hey, 85% off! Get your discounted vulnerabilities right here!
(More details of the past event, which has future ones coming, is available by clicking "Continue Reading" under this teaser block.)
What is the role of Cybersecurity in Manufacturing Plants?
Tiaan van Schalkwyk at Deloitte South Africa has sage advice for those that work in the Manufacturing Industry. He suggests the fear we face isn't "The Rise of the Thinking Machines", but rather those who might take them over by cybersecurity attacks.
“Manufacturers need to have the peace of mind that the safety, availability, and reliability of all aspects of their systems are nigh on guaranteed. Furthermore, the temptation exists to compromise on the security of some part of the chain in favour of usability. This does place the entire system at risk. But even if this is not the case, it is only a matter of when and not if a manufacturer will be compromised.”