Home Tags Fallout

Tag: Fallout

More Shadow Brokers fallout: DoublePulsar zero-day infects scores of Windows PCs

Ten days ago, the group known as Shadow Brokers released a pile of exploits, apparently developed by the NSA.

After an initial period of dire predictions that the Windows sky was falling, Microsoft reassured us that most of the exploits were covered...

March madness: Microsoft’s terrible month of Windows and Office patches

On Tuesday, March 14, Microsoft released a big crop of patches for every version of Office since 2007 and every version of Windows since Vista. Many of those patches are broken. We're only beginning to document the fallout. Recall that Microsoft of...

Decrypted: The Expanse: “The shout came from Ganymede”

What's been happening on Ganymede?

Subway releases data after scientists weigh in on 50% chicken test...

Scientists question test, CBC walks back a little, and chicken passes Subway’s tests.

Threatpost News Wrap, March 3, 2017

The news of the week is recapped, including the fallout around CloudBleed, the CloudPets breach, and a Slack token bug.

The life of Howard Schmidt is also remembered.

PewDiePie calls out media “attack” in response to Disney fallout

The media and PewDiePie keep calling each other out, and neither is totally wrong.

Decrypted: Miller finds his groove in The Expanse

In the latest episode of The Expanse we see the fallout from the attack on Thoth Station.

50% off Fallout 4 – Deal Alert

Bethesda Game Studios, the award-winning creators of Fallout 3 and The Elder Scrolls V: Skyrim, welcome you to the world of Fallout 4 – their most ambitious game ever, and the next generation of open-world gaming.  As the sole survivor of Vault 111, you enter a world destroyed by nuclear war.

Every second is a fight for survival, and every choice is yours. Only you can rebuild and determine the fate of the Wasteland.  Currently Amazon has the PC and XBOX ONE versions discounted by 50% and the PS4 is 43% off.  Check out these deals on Amazon.To read this article in full or to leave a comment, please click here

Trump’s TPP trade move a setback for cloud computing

On the heels of the news that President Trump has removed the United States from the Trans-Pacific Partnership (TPP), a massive trade deal that he blasted as a candidate, experts warned of the fallout for cloud-computing companies that have been adv...

Trump’s trade TPP move a setback for cloud computing

On the heels of the news that President Trump has removed the United States from the Trans-Pacific Partnership (TPP), a massive trade deal that he blasted as a candidate, experts warned of the fallout for cloud-computing companies that have been adv...

Symantec carpeted over dodgy certificates, again

You had one job ... and it wasn't letting test certs escape into the wild and then revoking them Symantec has confirmed that it's revoked another bunch of wrongly-issued certificates. Andrew Ayer of certificate vendor and wrangler SSLMate went public with his discovery last week.

The mis-issued certs were issued for example.com, and a bunch of variations of test.com (test1.com, test2.com and so on). On Saturday, Symantec's Steve Medin replied: “The listed Symantec certificates were issued by one of our WebTrust audited partners. We have reduced this partner's privileges to restrict further issuance while we review this matter. We revoked all reported certificates which were still valid that had not previously been revoked within the 24 hour CA/B Forum guideline - these certificates each had "O=test". Our investigation is continuing.” Medin said the mistake happened at partner WebTrust, and that the company is still investigating what went wrong, adding that Symantec “will report our resolution, cause analysis, and corrective actions once complete”. Security bods will be watching to see whether there's any other fallout from the latest blunder. In 2015, Google blockaded certificates from a Symantec root, because it was not complying with the CA/Browser Forum's requirements. At that time, Symantec hit back saying the certs were mostly used for internal testing, or were issued to a small handful of legacy customers. Last year, Google brought the long-running question of certificate trust into sharp relief when it launched its Certificate Transparency site, letting the world see the whole list of certs it doesn't trust. Chinese CA WoSign found itself in an unwelcome spotlight when it issued a cert for GitHub to university sysadmin Stephen Schrauger. WoSign found itself sent to the naughty corner by Mozilla, Apple, and Google.

That company had to promise a reorganisation to get itself back in the world's good graces. ® Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub

5 data breach predictions for 2017

In 2017, most companies have data breach preparedness on their radar.

But the threat landscape is ever-evolving.
Staying ahead of emerging threats and the increasing sophistication of cybercriminals requires "constant vigilance," as Mad-Eye Moody from J.K. Rowling's Harry Potter series was fond of saying. "Preparing for a data breach has become much more complex over the last few years," says Michael Buemmer, vice president at Experian Data Breach Resolution. "Organizations must keep an eye on the many new and constantly evolving threats and address these threats in their incident response plans." To aid in that effort, Experian Data Breach Resolution recently released its fourth annual Data Breach Industry Forecast, a report rooted in Experian's history helping more than 17,000 companies deal with data breaches in the last decade (4,000 in 2016 alone). Experian says five data breach trends will dominate 2017: Aftershock password breaches will expedite the death of the password. Nation-state cyber-attacks will move from espionage to war. Healthcare organizations will be the most targeted sector with new, sophisticated attacks emerging. Criminals will focus on payment-based attacks despite the EMV shift that took place more than a year ago. International data breaches will cause big headaches for multinational companies. 1.

Aftershock password breaches will expedite the death of the password Experian says that "aftershock" breaches, which it considered an emerging trend in 2016, will become more common and varied in 2017. Earthquakes are often followed by a series of aftershocks, smaller magnitude earthquakes that can occur for years after the initial quake as the earth's crust around the displaced fault plane adjusts. Password breaches are similar, according to Experian: Attackers continue to sell old username and password information on the dark web.
Since users often reuse passwords, this can lead to companies that didn't experience a first-hand data breach becoming the target of repeat unauthorized log-ins, which in turn forces those companies to notify their users that their information is being misused. By way of example, Experian points to the breach of 500 million Yahoo! Accounts in 2014. "It has been reported those stolen credentials were subsequently resold and used by other criminals to compromise accounts across a wide variety of services where consumers use the same username and password," Experian notes in the report. "This exposure of the largest-ever breach of usernames and passwords is likely to reverberate for years to come as the exposed credentials make their way through the underground economy.

Companies that have never experienced a direct breach will be forced to deal with the aftershock of Yahoo!'s loss of user credentials." Experian predicts 2017 will see criminals expanding on the aftershock breach concept.

They won't just involve usernames and passwords; attackers will take the same approach with even more personal information, like social security numbers and medical information. To combat this trend, Experian recommends implementing two-factor authentication to identify users.
It also recommends companies account for aftershock breaches in their incident response plans. 2. Nation-state cyber-attacks will move from espionage to war Experian predicts that cyber conflicts between nation-states will escalate from espionage to cyber-warfare in 2017. "While the [U.S. Office of Personnel Management] breach of 2015 was clearly motivated by gaining specific intelligence, in 2017 we will see new operations made public that use cyber-attacks as an outright offensive weapon," the report said. Experian notes that when the issue of state-sponsored cyber-attacks came up during the recent U.S. presidential campaign, both candidates said they would favor using cyber weapons to retaliate, leading Experian to predict an escalation in cyber-attack conflict in 2017.

These conflicts will tend to leave consumers and businesses as collateral damage. "The progression of cyber-attacks driven by nation-states will undoubtedly place critical infrastructure in the crosshairs, potentially leading to widespread outages or exposed personal information that could impact millions of innocent consumers," the report said. Experian recommends companies address this threat by participating in their respective Information Sharing and Analysis Center (ISAC) to share cyber threat information with peers and national defense organizations.

Additionally, businesses &8212; especially businesses involved in critical infrastructure — should prepare for full-on disruption. Proactive steps could involve purchasing insurance protection and shoring up security measures against large-scale disruptions. 3. Healthcare organizations will be the most targeted sector with new, sophisticated attacks emerging For years, personal medical information, particularly electronic health records (EHRs), have been some of the most valuable data criminals can target.
In 2015, many attackers focused on health insurers.

But Experian believes 2017 will see criminals expanding into other aspects of healthcare, including hospital networks.

The report notes that hospital networks tend to be more distributed, making it harder to maintain security measures compared with more centralized organizations. "The consequences of a medical data breach are wide-ranging, with devastating effects across the board -- from the breached entity to consumers who may experience medical ID fraud to the healthcare industry as a whole," says Ann Patterson, senior vice president, Medical Identity Fraud Alliance (MIFA). Experian predicts ransomware will be a top concern. "Ransomware presents an easier and safer way for hackers to cash out.

Given the potential disruption to a company, most organizations will opt to simply pay the ransom," the report says. "This has unintended consequences of funding more research and development by attackers who will in turn develop more sophisticated and targeted attacks.

These new variants will likely be able to evade many of the security detection systems that were developed and are now widely deployed to stop the previous generation of attacks." Experian recommends healthcare organizations of all sizes and types review their security measures and ensure they have contingency planning for responding to ransomware attacks as well as adequate employee security training. 4.

Criminals will focus on payment-based attacks despite the EMV shift taking place over a year ago All payment cards in the U.S. started incorporate EMV chips last year.

But according to a report last September by the Strawhecker Group (TSG), only 44 percent of U.S. card-accepting merchants have EMV terminals, and only 29 percent can actually accept chip-based transactions. Experian predicts that uneven adoption of the technology, combined with attackers targeting new industries and adapting their tactics, means payment attacks will plague companies in 2017. "Instead of targeting big name retailers as we've seen in the past, attackers may turn their attention to smaller franchised stores and others with distributed infrastructure," the report says. "Along with needing to manage more distributed infrastructure, these businesses are experiencing other barriers, such as the need for software updates to accept payments that are not available and the impact it can have on the checkout process." For years, cybercriminals have made use of skimmers, devices capable of stealing magnetic stripe data from point-of-sale (POS) systems.
In the past, such devices have largely been used with ATMs.

But the increasing popularity of self-checkout terminals in retail outlets opens new opportunities for criminals to use the devices.

EMV chips help defend against skimmers if the technology is used, but current adoption levels lead Experian to predict that at least one major national retailer will be hit with a significant skimming outbreak in 2017. To combat this, Experian says that while there are legitimate barriers to merchants adopting EMV Chip and PIN technology, the risk of not doing so has become too high to ignore. "It is essential that companies behind the curve speed up their plans for EMV Chip and PIN adoption," the report said. "Both retail companies and consumers need to maintain security best practices during this time of ongoing transition and recognize that cyber criminals may shift their focus but won't be completely deterred. Paying close attention to potential weak spots, including catching POS simmers quickly, can help mitigate potential fallout." 5.
International data breaches will cause big headaches for multinational companies Experian believes that breaches involving the loss of international consumers' data will cause the most significant damage in 2017, especially once the new GDPR (General Data Protection Regulation) in the E.U. goes into effect.

Experian notes that new regulations will also soon take effect in Canada, and Australia is also considering a data breach bill. A recent Ponemon Institute study found that 42 percent of companies have not included processes to manage an international data breach in their incident response plans. "The 72 hour notice requirement to E.U. authorities under the GDPR is going to put U.S.-based organizations in a difficult situation," says Dominic Paluzzi, co-chair of the Data Privacy & Cybersecurity Practice at McDonald Hopkins. "The upcoming E.U. law may just have the effect of expediting breach notification globally, although 72 hour notice from discovery will be extremely difficult to comply with in many breaches. Organizations' incident response plans should certainly be updated to account for these new laws set to go in effect in 2017." "Clearly, the biggest challenge for businesses in 2017 will be preparing for the entry into force of the GDPR, a massive regulatory framework with implications for budget and staff, carrying stiff fines and penalties in an unprecedented amount," adds Omer Tene, vice president of Research and Education for International Association of Privacy Professionals. "Against a backdrop of escalating cyber events, such as the recent attack on Internet backbone orchestrated through IoT devices, companies will need to train, educate and certify their staff to mitigate personal data risks." Experian predicts the lack of preparedness, and the high stakes involved, mean at least one U.S. multinational will take a significant hit to its valuation in 2017 due to an international data breach. Experian recommends companies confront this threat by working to comply with the new rules, including "dry runs" to ensure they are properly prepared. This story, "5 data breach predictions for 2017" was originally published by CIO.