Cyber security expert issues bizarre warning that sex robots could be easily hacked and made to KILL their owners

All The Top IT Security News. View this email in your browser Monday 11th September 2017 We collect the news so that you don't have to! Cyber security expert issues bizarre warning that sex robots could be easily hacked and made to KILL their owners A cybersecurity buff has issued a bizarre warning that sex robots could one day rise up and KILL their owners if hackers can get inside their heads. Last month, tech billionaire Elon Musk claimed that artificial intelligence could take over the planet, and he's not the only one concerned about the dangers of killer tech. With sex robots becoming increasingly popular and sophisticated, Cyber security lecturer Dr Nick Patterson revealed that the lifelike dolls could end up going all Terminator on us. However, in the case of sex robots, the danger isn't that the love dolls will end up developing minds of their own, Westworld-style. Instead, the risk is that hackers could breach the realistic robots' inner defences and catch out their owners with their pants down. http://www.itsecurityguru.org/2017/09/11/cyber-security-expert-issues-bizarre-warning-sex-robots-easily-hacked-made-kill-owners/ Popular Minnesota state park hit with malicious malware, warns visitors to check their credit cards The popular Tettegouche State Park on the North Shore of Lake Superior in Minnesota said its computer systems have been infected with malware, authorities confirmed on Friday (8 September). The malware was discovered on 25 August after security specialists noticed a spike in "unusual activity" around 4pm. The state park said experts initiated actions to isolate the site, protect sensitive data, and replace any infected equipment. Local authorities said they are conducting a full forensic analysis into the incident. http://www.itsecurityguru.org/2017/09/11/popular-minnesota-state-park-hit-malicious-malware-warns-visitors-check-credit-cards/ New malware in India which steals money through mobile phones: Report A new malware Xafecopy Trojan has been detected in India which steals money through victims' mobile phones, cyber security firm Kaspersky said in a report. Around 40 per cent of target of the malware has been detected in India. "Kaspersky Lab experts have uncovered a mobile malware targeting the WAP billing payment method, stealing money through victims' mobile accounts without their knowledge," the report said. Xafecopy Trojan is disguised as useful apps like BatteryMaster, and operates normally. The trojan secretly loads malicious code onto the device. http://www.itsecurityguru.org/2017/09/11/new-malware-india-steals-money-mobile-phones-report/ Insurers increasingly concerned about silent cyber exposure Around half of industry practitioners see the risk of silent cyber exposure – potential cyber-related losses due to silent coverage from insurance policies not specifically designed to cover cyber risk – as growing over the coming year, according to Willis Re. In the Willis Re survey, respondents were asked to assess the extent to which, over the next 12 months, the cyber aspect of exposure would increase the likelihood of a covered loss. Around half of respondents felt that the risk of a silent cyber loss from property or other liability was greater than 1 in100 while close to a quarter considered the risk to be greater than 1 in10, illustrating the degree of uncertainty surrounding potential exposure. http://www.itsecurityguru.org/2017/09/11/insurers-increasingly-concerned-silent-cyber-exposure/ Hackers can remotely access and manipulate wireless syringe infusion pumps Internet connected medical devices have increasingly become commonplace. However, such devices could potentially be hacked by cybercriminals. New vulnerabilities uncovered by a security expert show that wireless syringe infusion pumps could be remotely accessed by hackers, who could also exploit the bugs to manipulate the operations of the device. The US Industrial Control Systems (ICS) CERT has issued out an alert, which details that Medfusion 4000 wireless syringe infusion pumps, manufactured by Smiths Medical was found riddled with not one or two, but eight vulnerabilities. The flaws, which were uncovered by independent security researcher Scott Gayou, could potentially be exploited by hackers. http://www.itsecurityguru.org/2017/09/11/hackers-can-remotely-access-manipulate-wireless-syringe-infusion-pumps/

updates

All The Top IT Security News. View this email in your browser Tuesday 12th September 2017 We collect the news so that you don't have to! FA to beef up cybersecurity if England qualify for Russia World Cup The FA will strengthen its cybersecurity before the 2018 World Cup amid fears about Russian hackers Fancy Bears and concern that tactical and team selection information could be leaked before games. England are top of Group F and on course to qualify automatically for the tournament which begins on 14 June. The FA is still assessing training bases but wherever the squad stay all computer equipment belonging to players and support staff will sophisticated anti-hacking software installed. http://www.itsecurityguru.org/2017/09/12/fa-beef-cybersecurity-england-qualify-russia-world-cup/ 10 D-Link zero-day flaws that may give hackers backdoor access and more have been publicly released Zero-day vulnerabilities are generally scary enough that when one is made public, vendors begin scrambling to issue a fix. By nature, zero-day flaws are vulnerabilities that the affected vendor has no knowledge about and thus no patches exist. Alarmingly, not one or two but 10 zero-day flawshave recently been uncovered affecting D-Link routers, which could potentially leave users at risk of cyberattacks. Pierre Kim, a security researcher, chose to publicly expose the vulnerabilities related to D-Link 850L routers, citing "difficulties" working with the vendor on a coordinated disclosure. According to the researcher, the zero-day flaws, if exploited by hackers, could potentially lead to attackers gaining root access to devices and getting backdoor access. They could also remotely hijack and control routers as well as leave users vulnerable to XSS and command injection attacks and more. http://www.itsecurityguru.org/2017/09/12/10-d-link-zero-day-flaws-may-give-hackers-backdoor-access-publicly-released/  Paradise Ransomware Uses RSA Encryption to Encrypt Your Files Today, a victim of a new ransomware called Paradise posted in the BleepingComputer.com forums and uploaded a sample so we could take a look at it. While this ransomware is not revolutionary by any means, since it is in active distribution and a Ransomware as a Service (RaaS), I thought I would provide a brief analysis of how this ransomware works. Unfortunately, the Paradise Ransomware is not decryptable without paying the ransom and affected users should attempt to recover files via alternate methods. http://www.itsecurityguru.org/2017/09/12/paradise-ransomware-uses-rsa-encryption-encrypt-files/ India's "robust" biometric database let millions get fake IDs Criminals managed to circumvent the "robust" security of India's biometric database to issue over 8 million fake identity cards — which Indian citizens use for everything from opening bank accounts to getting married. Police in the northern Indian state of Uttar Pradesh Sunday arrested 10 men as part of a crackdown on a sophisticated fraud scam which involved cloning fingerprints and cracking the security features of the Aadhaar enrollment system — which was described in August as "robust and uncompromised" by the authority charged with protecting it. http://www.itsecurityguru.org/2017/09/12/indias-robust-biometric-database-let-millions-get-fake-ids/  Another reason to hate Excel: its Macros can help pivot attacks A white-hat has taken a good look at whether you can pivot an attack from one machine to others using Microsoft Excel, and you probably won't like what he found. The researcher, Matt Nelson of SpecterOps (@enigma0x3) writes that he's found loose default launch and access permissions, meaning a macro-based attack doesn't need to interact with the victim. The nutshell version is this: Excel.Application is exposed via DCOM; it has no explicit launch or access permissions set; since the attacker would have to find some other means for the initial compromise, Microsoft Office Macro security won't stop the pivot; and Excel.Application can be launched (and interacted with) remotely. http://www.itsecurityguru.org/2017/09/12/another-reason-hate-excel-macros-can-help-pivot-attacks/

news

Snap! Equifax experiences major breach, Amazon to hunt for new headquarters A daily dose of today's top tech news, in brief. You need to hear this. Atlassian unveils Stride, the successor to chat app HipChat Atlassian, the parent company of popular apps like Jira, Trello, and Bitbucket announced today a successor to its chat app HipChat, which is called Stride. HipChat is one of the most popular chat services in tech, used by industry giants including Tesla and Expedia. Facing competition from major offerings like Slack and Microsoft Teams, Atlassian rebuilt its chat app from the ground up, hoping to secure its foothold as the segment gets more crowded. The app sports an entirely redesigned interface, with a fresh look and less division between text chat, phone meetings, and videoconferencing. "Right within Stride, any member can start a videoconference meeting for the members of a channel," Business Insider writes. "For the duration of that meeting, anybody who comes into the channel will be able to see that there's a call going on and be able to join." Although HipChat and its competitors support video calls, the goal of Atlassian's newest offering is to make implementation of the feature more natural and less intrusive. Users are also able to take public notes within the app while on a call, allowing collaborative tasking and note-taking. The announcement comes less than a week before Slack holds its first-ever user conference in San Francisco, likely intending to reduce hype and redirect focus to its new app. Equifax experiences data breach, 209,000 credit cards may have been stolen Equifax Credit Bureau, which supplies credit reports and other services, said today a cybersecurity breach may have leaked information on 143 million consumers. The leaked data includes 209,000 credit cards, and the birth dates, social security numbers, addresses, and possibly drivers licenses of millions. Personal identifying information of roughly 182,000 consumers was also breached. The company's CEO Richard Smith apologized to consumers and customers, saying that the breach "strikes at the heart of who we are and what we do." "Equifax said it is now alerting customers whose information was included in the breach via mail, and is working with state and federal authorities," CNBC writes. "Its private investigation into the breach is complete." Adobe and Microsoft announce expanded partnership Representatives from Adobe and Microsoft have announced today it will expand its partnership with more integrations between the two companies' platforms. Microsoft now considers Adobe Sign its "preferred" e-signature service across Office 365 and Dynamic 365, and Microsoft Teams is now the "preferred" collaboration service for Adobe Creative Cloud, Document Cloud, and Experience Cloud. Adobe has also selected Microsoft's Azure as its "preferred" hosting platform for Adobe Sign. While these services may be "preferred," the agreement is not actually exclusive, and when Adobe announced Azure was its "preferred" cloud provider last year, it continued hosting some of its services on Amazon's AWS, and continues to do so. "In the fall of 2016, the pair said that Adobe Creative Cloud, Marketing Cloud, and Document Cloud would all be available on Azure, and Azure would be the "preferred cloud platform" for these services," ZDNet writes. "The two companies also announced that Adobe's Marketing Cloud would be Microsoft's Marketing module for the Enterprise version of Dynamics 365, its combined CRM/ERP suite." The two companies also say they are planning to work in tandem on machine learning and intelligent document automation, which they say will be implemented into most facets of both platforms. But there's more going on in the world than that. Amazon is looking for the location of its next headquarters Amazon has asked for bids from local and state governments, and hopes to receive proposals from prospective locations in which it could build its new headquarters. The company intends the second location to be equal in size and importance to its massive Seattle tower, saying that it expects to invest more than $5 billion in the location and employ as many as 50,000 employees. Mayors from cities including Memphis, Chicago, Philadelphia, Hartford, Tulsa, St. Louis, and Providence have expressed interest, with many more likely to follow suit. Several cities in Texas are also likely to be considered, as will as major Canadian cities like Vancouver. "We expect HQ2 to be a full equal to our Seattle headquarters," Amazon CEO Jeff Bezos said in a statement. "Amazon HQ2 will bring billions of dollars in up-front and ongoing investments, and tens of thousands of high-paying jobs." Amazon says the average compensation at the new location could top $100,000, and development is likely to begin in 2019. And you can't not know this. Delta passengers get a bumpy ride as their plane flies right through Hurricane Irma Delta flight DJ302 took off from San Juan, Puerto Rico Wednesday afternoon before flying right through one of the most powerful Atlantic hurricanes in history. Shocking, terrifying, and extremely dangerous, right? According to WIRED and the commercial airline pilots they spoke to, flying through most storms is just another day at the office. "It's not that much different from flying through the Midwest in the summertime with thunderstorms," Douglas M. Moss, a commercial pilot and aviation consultant told WIRED. "It's the same techniques, the same tools, the same procedures you use for avoiding thunderstorms." According to experts, it would have been more dangerous and costly to leave the plane on the ground or in the hangar. Officials on the ground elected not to turn the plane away as it was approaching San Juan to land, and after much deliberation, decided to race the storm and get the plane back to safer conditions. Once in the air, highly trained pilots don't find hurricanes to be a significant challenge to fly in. "The flight might have been bumpy for about 15 minutes, a bit rainy and a bit dark," WIRED writes. "For the seasoned traveler, conditions like that are probably NBD."

MANAGE SUBSCRIPTIONS UNSUBSCRIBE COMMUNITY PRIVACY POLICY

Security News

All The Top IT Security News. View this email in your browser Monday 4th September 2017 We collect the news so that you don't have to! Vulnerabilities Discovered in Mobile Bootloaders of Major Vendors Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the boot-up sequence, opening devices to attacks. http://www.itsecurityguru.org/2017/09/04/vulnerabilities-discovered-mobile-bootloaders-major-vendors/ Banking Trojan Now Targets Coinbase Users, Not Just Banking Portals The TrickBot banking trojan is a new malware strain that appeared in the autumn of 2016 and most experts believe it was developed by some of the developers who worked on the now defunct Dyre banking trojan, some of whose operators were arrested in late 2015 in Russia. http://www.itsecurityguru.org/2017/09/04/banking-trojan-now-targets-coinbase-users-not-just-banking-portals/ Police Seize Domain of Online Store That Stole User's Card Data According to a statement from the Edmonton Police Service (EPS), its Cyber Crimes Investigation Unit started looking into the website after a user complained of fraudulent purchases appearing in his bank statements in May this year. http://www.itsecurityguru.org/2017/09/04/police-seize-domain-online-store-stole-users-card-data/ £200m fake train ticket scam: We put season pass bought on dark web to the test at Britain's busiest station The Mirror team found fakes for sale on the so-called "dark web" – a shadowy corner of the internet which cannot be searched via mainstream browsers like Google. http://www.itsecurityguru.org/2017/09/04/200m-fake-train-ticket-scam-put-season-pass-bought-dark-web-test-britains-busiest-station/ Microsoft says every enterprise should have a plan for when cybersecurity fails No matter how good it is, enterprise cybersecurity is doomed to fail. Every enterprise should have a business continuity plan in place for when it does. http://www.itsecurityguru.org/2017/09/04/microsoft-says-every-enterprise-plan-cybersecurity-fails/

Ariana Grande’s Instagram Account Hacked

Monday 7th August 2017   We collect the news so that you don't have to!   Ariana Grande's Instagram Account Hacked This time, hackers managed to take control of Ariana Grande's Instagram account, and the attackers started posting racist and homophobic messages, while also threatening other American stars to breach their accounts. While no hacking group or individual claimed the attack, the Instagram account is believed to have been breached by a fan of Selena Gomez and Kylie Jenner, as reported by clevver. The main evidence pointing in this regard is some of the messages posted by the hacker, who called for Ariana Grande fans to follow two different accounts whose profile picture showing the two stars.  http://www.itsecurityguru.org/2017/08/07/ariana-grandes-instagram-account-hacked/ Cisco accidentally loses customer data due to Meraki cloud configuration error Cisco has admitted to losing some customers' data last week due to a Meraki cloud configuration data. The company revealed in an update on Friday that its engineering team made a configuration change on the North American object storage service that led to some of its customer data being deleted in the process. Meraki is a subsidiary of Cisco that offers cloud-managed information technologies for wireless, switching, security, EMM, communications and security cameras via its web-based dashboard interface. http://www.itsecurityguru.org/2017/08/07/cisco-accidentally-loses-customer-data-due-meraki-cloud-configuration-error/   China's web users fear losing tools to bypass 'Great Firewall' Enterprising internet users in China fear the tools they use to tunnel through the country's "Great Firewall" may soon disappear, as Beijing tightens its grip on the web. Tens of millions of people are estimated to use Virtual Private Networks (VPNs) to bypass Chinese internet restrictions -- getting access to blocked websites such as Facebook and Twitter. Beijing has for years turned a blind eye to these holes in its Great Firewall, but recent events suggest the virtual tunnels may soon be bricked up. In January China's Ministry of Industry and Information Technology (MIIT) announced it would be banning the use of unlicensed providers of the services. http://www.itsecurityguru.org/2017/08/07/chinas-web-users-fear-losing-tools-bypass-great-firewall/   Forget sexy zero-days. Siemens medical scanners can be pwned by two-year-old-days Hackers can exploit trivial flaws in network-connected Siemens' medical scanners to run arbitrary malicious code on the equipment. These remotely accessible vulnerabilities lurk in all of Siemens' positron emission tomography and computed tomography (PET-CT) scanners running Microsoft Windows 7. These are the molecular imaging gizmos used to detect tumors, look for signs of brain disease, and so on, in people. They pick up gamma rays from radioactive tracers injected into patients, and perform X-ray scans of bodies. http://www.itsecurityguru.org/2017/08/07/forget-sexy-zero-days-siemens-medical-scanners-can-pwned-two-year-old-days/ Cuscal behind Woolworths duplicate payment bungle Woolworths has apologised to customers on Monday following reports that some experienced a second batch of payments withdrawn from their bank accounts. A Woolworths spokesperson told ZDNet it received confirmation from Cuscal, one of its payment processors that services financial institutions, that due to an error at its datacentre, Woolworths customers may have received incorrect transactions on accounts processed by Cuscal. "We are working closely with Cuscal and can confirm any payment errors will be corrected as soon as possible," the spokesperson added, offering its 1300 767 969 call centre number for customers to call if they have experienced the error http://www.itsecurityguru.org/2017/08/07/cuscal-behind-woolworths-duplicate-payment-bungle/

Amber Rudd falls for hoax email prankster who also fooled Trump administration officials

Thursday 10th August 2017   We collect the news so that you don't have to! Amber Rudd falls for hoax email prankster who also fooled Trump administration officials The email hoaxer who previously duped Trump administration officials, as well as the governor of Bank of England, has tricked yet another high profile individual into engaging in an email exchange. UK home secretary Amber Rudd is reportedly the latest victim of the email prankster who goes by the pseudonym Sinon Reborn. The prankster reportedly posed as a senior Downing Street official to trick Rudd into responding to emails. Rudd reportedly disclosed that she was working on a series of upcoming announcements with her special adviser Mohammed Hussein, before realising that she was communicating with a hoaxer. The prankster reportedly used the free email service GMX to pose as newly appointed communications chief Robbie Gibb. http://www.itsecurityguru.org/2017/08/10/amber-rudd-falls-hoax-email-prankster-also-fooled-trump-administration-officials/ One in every 359 emails are carrying a malicious payload says report The number of emails carrying malware increased to a new high in July with one in every 359 emails carrying a malicious payload, according to Symantec's July Intelligence Report. July also saw increases in the number of phishing attempts and spam, but the increasing use by cybercriminals of email to spread malware took center stage reaching a level not seen since December 2016. The rate of infected emails in July was one in 359, up from one in 451 in June and significantly higher than the one in 784 emails that was reported in January. However, even July's rate is much lower than what was happening in late 2016 when the number of emails carrying malware ranged between one and 111 and one and 170. http://www.itsecurityguru.org/2017/08/10/one-every-359-emails-carrying-malicious-payload-says-report/ Locky Ransomware Returns with Spam Campaign Pushing Diablo6 Variant Through a large malspam campaign, Locky is back and currently being heavily distributed worldwide. While Locky was at one point considered the largest distributed ransomware, over time it became much more common to see other ransomware such as Cerber, Spora, and now even GlobeImposter. While it is too soon to tell if this is just another brief surge or an attempt to become a large player again, what we do know is that this particular campaign is strong with a wide distribution. http://www.itsecurityguru.org/2017/08/10/locky-ransomware-returns-spam-campaign-pushing-diablo6-variant/ Microsoft bins unloved Chinese cert shops Microsoft's decided not to support digital certificates issued by Chinese outfits WoSign and StartCom, but the first-mentioned CA disputes the decision. Google, Apple and Mozilla binned WoSign certs in 2016. Microsoft says it has now "... concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program." http://www.itsecurityguru.org/2017/08/10/microsoft-bins-unloved-chinese-cert-shops/ Salesforce fires red team staffers who gave Defcon talk Salesforce has fired its director of offensive security and another senior staff member after they gave talk at the Defcon security conference talk in Las Vegas last month. Josh Schwartz, director of offensive security based in San Francisco, and John Cramb, senior offensive security engineer in Sydney, Australia, worked on the cloud giant's security "red team," which launches offensive attacks against the company from within to test its cyber posture and defenses. http://www.itsecurityguru.org/2017/08/10/salesforce-fires-red-team-staffers-gave-defcon-talk/

TalkTalk fined £100k for exposing personal sensitive info

Friday 11th August 2017   We collect the news so that you don't have to! TalkTalk fined £100k for exposing personal sensitive info Blighty's Information Commissioner's Office has whacked TalkTalk with a £100,000 fine after the data of the records of 21,000 people were exposed to fraudsters in an Indian call centre. The breach came to light in September 2014 when TalkTalk started getting complaints from customers that they were receiving scam calls. Typically, the scammers pretended they were providing support for technical problems. They quoted customers' addresses and TalkTalk account numbers. http://www.itsecurityguru.org/2017/08/11/talktalk-fined-100k-exposing-personal-sensitive-info/ Kaspersky Lab patches up relationship with Microsoft as antitrust complaint dropped Russian cybersecurity firm Kaspersky Lab has dropped an antitrust legal complaint against Microsoft after the US technology giant agreed to give anti-virus vendors greater control over how their software will be compatible with future versions of its Windows OS. In June 2017, Kaspersky Lab filed legal cases against Microsoft in both the European Commission and the German Federal Cartel Office, alleging that it was taking advantage of its own "dominant position in the computer operating system market to promote its own software". http://www.itsecurityguru.org/2017/08/11/kaspersky-lab-patches-relationship-microsoft-antitrust-complaint-dropped/ Biological malware: Scientists use DNA to hack a computer Scientists at the University of Washington in Seattle, have successfully been able to code a malware program into a DNA sample and use it to hack into a computer that was studying it. By doing this, they have exposed a weakness in systems that could lead to hackers taking control of computers in research centres, universities and laboratories, reports MIT technology review. Researchers are calling this the first "DNA-based exploit of a computer system." http://www.itsecurityguru.org/2017/08/11/biological-malware-scientists-use-dna-hack-computer/ Recently Patched Flash Bug Can Leak Windows Credentials Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials. The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10. http://www.itsecurityguru.org/2017/08/11/recently-patched-flash-bug-can-leak-windows-credentials/ Android app stores flooded with 1,000 spyware apps Hackers have flooded Android app stores, including the official Google Play store, with over 1,000 spyware apps, which have the capability to monitor almost every action on an infected device. Dubbed SonicSpy, the malware can silently record calls and audio, take photos, make calls, send text messages to numbers specified by the attackers, and monitor calls logs, contacts, and information about wi-fi access points. http://www.itsecurityguru.org/2017/08/11/android-app-stores-flooded-1000-spyware-apps/