Intel Security has released a tool that allows users to check if their computer's low-level system firmware has been modified and contains unauthorized code.The release comes after CIA documents leaked Tuesday revealed that the agency has developed EFI (Extensible Firmware Interface) rootkits for Apple's Macbooks. A rootkit is a malicious program that runs with high privileges -- typically in the kernel -- and hides the existence of other malicious components and activities.The documents from CIA's Embedded Development Branch (EDB) mention an OS X "implant" called DerStarke that includes a kernel code injection module dubbed Bokor and an EFI persistence module called DarkMatter.To read this article in full or to leave a comment, please click here
China today asked the U.S. government to stop spying on it, China's first reaction to WikiLeaks' disclosure of a trove of CIA documents that alleged the agency was able to hack smartphones, personal computers, routers and other digital devices worldwide."We urge the U.S. to stop listening in, monitoring, stealing secrets and [conducting] cyber-attacks against China and other countries," said Geng Shuang, a Foreign Ministry spokesman said today in a Beijing press briefing.Geng also said that China would protect its own networks, was willing to work with others toward what he called "orderly cyberspace," and repeated his government's stock denunciation of hacking.To read this article in full or to leave a comment, please click here
You heard it here first. Don’t do a damn thing in response to the WikiLeaks dump that you’re not already doing. Don’t sit still, be vigilant, keep your eye on the targets. Because this isn’t news.What? Not news?!?No. Between the three-letter agencies, if they want you, they have you. They’ll find a way. It’s a matter of time. But they’re largely ahead of the ne’er-do-wells. You should expect this.+ Also on Network World: Apple, Cisco, Microsoft and Samsung react to CIA targeting their products +
If hardware and device makers gasp that their stuff is crackable, it’s only time to snicker. Nothing is foolproof because 1) fools are so ingenious and 2) with a big enough hammer you can crack anything. Even you. You are not impregnable. It’s a matter of degree—and if you can detect the breach quickly.To read this article in full or to leave a comment, please click here
Information about purported CIA cyberattacks was "passed around" among members of the U.S. intelligence community and contractors before it was published by WikiLeaks this week, Julian Assange says.The CIA "lost control of its entire cyberweapons arsenal," the WikiLeaks editor in chief said during a press conference Thursday. "This is a historic act of devastating incompetence, to have created such an arsenal and stored all in one place and not secured it."Assange declined to name the source who gave the information to WikiLeaks, but he seemed to suggest the 8,700-plus documents, purportedly from an isolated CIA server, came from an insider source.To read this article in full or to leave a comment, please click here
Today, not only do we see a significant increase in the number of cyber attacks, but by design the incidents are also more fearless and larger in their scale and impact to the business. According to Cisco, the frequency of distributed denial of service (DDoS) attacks has increased more than 2.5 times since 2013, with the current average DDoS attack large enough to take many organizations completely offline.RELATED: Machine learning offers new hope against cyber attacks
Most businesses have cybersecurity initiatives, but how can we be sure the policies and people are keeping pace with the threats that are becoming more dynamic as technology progresses? TechRepublic reported that an estimated 90 million cyber attacks occurred in 2016, which means 400 attacks every minute. As data travels through a virtual ecosystem, security must extend beyond the device itself. To read this article in full or to leave a comment, please click here
IBM this week said its speech recognition system set an industry record of 5.5% word error rate, a percentage that lets a computer understand human conversation almost as well as the average person does.According to IBM human parity was considered a 5.9% word error rate but IBM who partnered with Appen, a speech and technology service provider, reassessed the industry benchmark and determined that human parity is lower than what anyone has yet achieved: 5.1%.+More on Network World: Gartner: Artificial intelligence, algorithms and smart software at the heart of big network changes+To read this article in full or to leave a comment, please click here
Different shapes and sizesImage by ThinkstockHackers, like the attacks they perpetrate, come in many forms, with motivations that range from monetary to political to ethical. Understanding the different types of hackers that exist and what motivates them can help you to identify the attackers you are most susceptible to and properly defend yourself and your organization against cyberattacks. Travis Farral, director of security strategy at Anomali, outlines the top 10 types of hackers you should have on your radar.To read this article in full or to leave a comment, please click here
In the world of cybercrime, ransomware and DDoS attacks had the highest profile by far during the past year. There was an entire day devoted to a ransomware “summit” at the recent RSA conference in San Francisco.But when it comes to money being lost (and made), bot fraud is king – by a lot.Most estimates of losses in the US from ransomware during 2016 were in the $1 billion range. By contrast, a study published in January 2016 by White Ops and the Association of National Advertisers (ANA) titled “Bot Baseline: Fraud in Digital Advertising,” estimated global losses in 2016 would be $7.2 billion.To read this article in full or to leave a comment, please click here
Blackhawk Network, a $1.9 billion multinational in the prepaid-card industry, was undergoing a consolidation of its security architecture in an effort to give better visibility into threats as they unfolded and that would also adapt to the threat environment as attackers changed their strategies.
That included hiring a new head of cyber defense, Vari Bindra, in December of 2015, who wanted to create a central security operations center and consolidate the company’s varied data centers down to just two.
As he set out on that mission, he came across the Enterprise Immune System made by Darktrace that uses machine learning to detect threats, including those it has never seen before.To read this article in full or to leave a comment, please click here
Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.Apache Struts is an open-source web development framework for Java web applications. It's widely used to build corporate websites in sectors including education, government, financial services, retail and media.On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework's Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites and this was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.To read this article in full or to leave a comment, please click here
WikiLeaks has attracted plenty of haters over its controversial disclosures. But the site may be in a unique position to help tech vendors better secure their products.That’s because WikiLeaks has published secret hacking tools allegedly taken from the CIA, which appear to target smartphones, smart TVs and PCs.Companies including Apple and Cisco have been looking through the stolen documents to address any vulnerabilities the CIA may have exploited. However, WikiLeaks might be able to speed up and expand the whole process.To read this article in full or to leave a comment, please click here
WikiLeaks is back at it again, this time with more than 8,700 leaked documents apparently from inside the CIA’s Center for Cyber Intelligence. According to those documents, the CIA had knowledge of zero-day exploits it could use to hack iPhones. But Apple said many of those bugs have already been patched with the latest version of iOS.The WikiLeaks documents didn’t include details of the bugs or whether the CIA has actually used them, so it’s unclear if or how Apple knows the exploits have been patched. But the company released a statement to multiple media outlets following the WikiLeaks dump on Tuesday:
“Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest OS, we will continue work to rapidly address any identified vulnerabilities. We always urge Continue reading
Confide, a messaging app reportedly used by U.S. White House staff, apparently had several security holes that made it easier to hack.Security consultancy IOActive found the vulnerabilities in Confide, which promotes itself as an app that offers “military-grade” end-to-end encryption.But despite its marketing, the app contained glaring problems with securing user account information, IOActive said in a Wednesday post.The consultancy noticed it could access records for 7,000 Confide users by exploiting vulnerabilities in the app’s account management system. Part of the problem resided with Confide’s API, which could be used to reveal data on user’s phone numbers and email addresses.To read this article in full or to leave a comment, please click here
Purported CIA documents leaked Tuesday appear to confirm that the U.S. National Security Agency and one of CIA's own divisions were responsible for the malware tools and operations attributed to a group that security researchers have dubbed the Equation.
The Equation's cyberespionage activities were documented in February 2015 by researchers from antivirus vendor Kaspersky Lab. It is widely considered to be the most advanced cyberespionage group in the world based on the sophistication of its tools and the length of its operations, some possibly dating as far back as 1996.To read this article in full or to leave a comment, please click here
France has followed the Netherlands in placing its faith in paper-based voting systems ahead of key elections later this year, following allegations that Russian hackers influenced last year's U.S. presidential election.
The French government will not allow internet voting in legislative elections to be held in June because of the "extremely elevated threat of cyberattacks." The move follows a recommendation from the French Network and Information Security Agency (ANSSI), it said Monday.
The move will only affect 11 of the 577 electoral districts voting, those representing French citizens living outside their home country. These expatriates had previously been allowed to vote over the internet in some elections because the alternative was to require some of them to travel vast distances to the nearest embassy or consulate with a ballot box.To read this article in full or to leave a comment, please click here
A number of reports are warning businesses and consumers alike that a new round of ransomware based on the infamous Cryptolocker (aka TorrentLocker or Teerac) code is making the rounds.Today Cisco Talos wrote: “Crypt0l0cker has gone through a long evolution, the adversaries are updating and improving the malware on a regular basis. Several indicators inside the samples we have analyzed point to a new major version of the malware. We have already seen large campaigns targeting Europe and other parts of the world in 2014 and 2015. It seems to be that the actors behind these campaigns are back now and launching again massive spam attacks.”To read this article in full or to leave a comment, please click here
FBI Director James Comey told a Boston audience this morning that “ubiquitous strong encryption” – the kind now available on most smartphones and other digital devices – is threatening to undermine the “bargain” that he said has balanced privacy and security in the US since its founding.
Actually, he went further, declaring that such default encryption “shatters” the bargain.
“This is a big deal, and I urge you to continue to engage in a hard conversation about it. I love privacy, but I also love the bargain,” he said, noting that the FBI’s inability to crack encrypted devices means the investigative “room” where the agency works is increasingly growing dark, and therefore undermining security.To read this article in full or to leave a comment, please click here
Juniper is reshaping some of its top executive roles as Jonathan Davidson, executive VP and general manager of the firm’s Development and Innovation group resigned from the company.Davidson, a former Cisco executive in charge products such as the Cisco 7200 and Enterprise ASR 1000 product management team joined Juniper in 2010 to lead the company’s Security, Switching and Solutions Business Unit. He ultimately became executive vice president and general manager of the Juniper Development and Innovation group, where he replaced Rami Rahim who is now the company’s CEO.To read this article in full or to leave a comment, please click here
The delay in last month's Patch Tuesday fixes has caused considerable angst given there were several known problems, including two disclosed by Google.Microsoft is on track, as far as we know, for a patch release next week, but one company isn't waiting. It has issued its own fix for a minor bug.A U.K. security company called ACROS Security has released what they call their first "nano-patch" for CVE-2017-0038, a bug in EMF image format parsing logic that does not adequately check image dimensions specified in the image file being parsed against the amount of pixels in the file.If image dimensions are large enough, the parser is tricked into reading memory contents beyond the memory-mapped EMF file being parsed. An attacker could use this vulnerability to steal sensitive data in memory or as an aid in other exploits when ASLR needs to be defeated.To read this article in full or to leave a comment, please click here
From the trove of CIA documents dumped by WikiLeaks, we’ve heard a lot about attacks the agency could pull off against TVs and smartphones. Some of companies with targeted products have issued their initial responses.October 2014 notes discuss the CIA’s Embedded Devices Branch (EDB) and what it should target. For the “really non-technical,” the CIA would define “embedded systems” as “The Things in the Internet of Things.” But the fact that the CIA intended to exploit IoT should not surprise anyone, considering that in 2012, then-CIA Director David Petraeus said the CIA “cannot wait to spy on you” through your smart internet-connected devices.To read this article in full or to leave a comment, please click here