Security Research – Page 11

How two researchers used an app store to demonstrate hacks on a factory

Posted on May 12, 2020 by Sean Lyngaas

When malicious code spread through the networks of Rheinmetall Automotive last year, it disrupted the German manufacturing firm’s plants on two continents, temporarily costing up to $4 million each week. The attacks were the latest reminder to factory owners that computer viruses can hobble production. While awareness of the threats has grown, there’s still a risk that too many organizations view such attacks as isolated incidents, rather than the work of a determined attacker that could be visited upon them. Federico Maggi, a senior researcher at cybersecurity company Trend Micro, set out to dispel that mindset. So he used a laboratory housed at Politecnico di Milano School of Management, Italy’s largest technical university, to show how attackers could disrupt production on the factory floor. His goal was to use the hypothetical hacks to help organizations address weaknesses in their defenses before actual attackers strike. “We wanted to look for something different, something that future attackers […]

The post How two researchers used an app store to demonstrate hacks on a factory appeared first on CyberScoop.

Continue reading How two researchers used an app store to demonstrate hacks on a factory→

Automating to Prevent Security Misconfigurations During and After a Crisis

Posted on April 29, 2020 by FireMon

Security Misconfigurations in the Pandemic – and What to Do About Them Change has never been a friend of network security. Neither has complication. Right now, we have too much of both. The Covid-19 pandemic has resulted in an unprecedented shift… Continue reading Automating to Prevent Security Misconfigurations During and After a Crisis→

How one security researcher used radio signals to hop an air gap

Posted on April 22, 2020 by Sean Lyngaas

For years, researchers and spies have devised ways of getting malware to computers that are “air-gapped,” or physically isolated from external network connections. Attacks like Stuxnet, the computer worm deployed against an Iranian nuclear facility a decade ago, shattered the myth that air-gapped systems are impenetrable fortresses. In that case, suspected U.S. and Israeli intelligence operatives crossed an air gap with malware that ultimately sabotaged centrifuges at a uranium enrichment plant. They also planted an idea in the head of Mikhail Davidov, an ethical hacker: Getting malicious code into an air-gapped computer is one thing, but how do you retrieve data from the network? One possibility, it turns out, is in the radio spectrum. With a radio, antenna, and his own computer script, Davidov figured out how to use a signal emitted by an air-gapped computer’s graphics processing unit (GPU) to exfiltrate data. Davidov, the lead security researcher at Duo […]

The post How one security researcher used radio signals to hop an air gap appeared first on CyberScoop.

Continue reading How one security researcher used radio signals to hop an air gap→

What fools these mortals be: ‘Shakespearean’ hackers hit Azerbaijani government and energy sectors

Posted on April 16, 2020 by Sean Lyngaas

A mysterious set of hackers has in recent months launched data-stealing attacks against Azerbaijan government officials and companies in the country’s wind industry, researchers from Cisco Talos said Thursday. The attackers are using a new hacking tool, whose code is littered with references to English playwright William Shakespeare, to try to gain remote access to target computers and exfiltrate data automatically. The allusion to Shakespeare is an enigma, as is the culprit. What is clear is that Azerbaijan faced a concerted effort to steal data from sensitive assets in and out of government. The hackers mimicked the Azerbaijani government’s email infrastructure in a likely attempt to pluck login credentials from officials. “The actor monitored specific directories, signaling they wanted to exfiltrate certain information on the victims,” Talos researchers said in a blog post. The hackers have also shown an “interest” in the control systems, known as Supervisory Control and Data Acquisition (SCADA) systems, used in […]

The post What fools these mortals be: ‘Shakespearean’ hackers hit Azerbaijani government and energy sectors appeared first on CyberScoop.

Continue reading What fools these mortals be: ‘Shakespearean’ hackers hit Azerbaijani government and energy sectors→

Grandoreiro Malware Now Targeting Banks in Spain

Posted on April 13, 2020 by Dani Abramov

A familiar malware threat called Grandoreiro, a remote-overlay banking Trojan that typically affects bank customers in Brazil, has spread to attack banks in Spain.

The post Grandoreiro Malware Now Targeting Banks in Spain appeared first on Security Intelligence.

Continue reading Grandoreiro Malware Now Targeting Banks in Spain→

Researchers use 3D-printed fingerprints to unlock an iPhone8, laptops

Posted on April 8, 2020 by Sean Lyngaas

At a given moment, countless people around the world are using their fingerprint to unlock their smartphones. For some, it grants instant access to family photos or grocery lists. For others, like diplomats or corporate executives, more sensitive information is at stake. Now, findings released Wednesday provide the latest reminder that, even as mobile security tightens, outsiders are finding new ways to access user devices. Researchers at Talos, Cisco’s threat intelligence arm, demonstrated how to use 3D printing and other methods to forge fingerprints and unlock eight models of devices ranging from the iPhone 8 and Samsung S10 smartphones to laptops and padlocks. The research project was inspired by real-world breaches of fingerprint data. The results proved that, while biometric authentication is an effective way for most technology users to secure their data, determined attackers are capable of using the same security mechanism as an entry point, if they have the time, access and resources. (Talos did not point to any […]

The post Researchers use 3D-printed fingerprints to unlock an iPhone8, laptops appeared first on CyberScoop.

Continue reading Researchers use 3D-printed fingerprints to unlock an iPhone8, laptops→

A researcher found zero-days in one city’s software. Then he realized the problem could be bigger.

Posted on April 3, 2020 by Sean Lyngaas

For Quentin Rhoads-Herrera, this was not a typical security test. A big municipal government in the U.S. had just handed him the source code for software the city uses to manage contracts and track infrastructure projects. He unpacked the code, sifted through it, and found more than a dozen previously undisclosed vulnerabilities, or zero-days, that a hacker could exploit to manipulate data or dump user passwords. But it was more than just a catalog of bugs: Poring over the code, Rhoads-Herrera found the names of two other city governments that have used the software. The product, known as CIPAce, has been used by public and private sector organizations to collect invoices and manage contracts and budgets, according to CIPPlanner Corp., the company that makes it. “If one attacker happens to exploit this city, then they can look and see, easily, every other city that’s using this … and attack them using the same methods,” said […]

The post A researcher found zero-days in one city’s software. Then he realized the problem could be bigger. appeared first on CyberScoop.

Continue reading A researcher found zero-days in one city’s software. Then he realized the problem could be bigger.→

Without automation, security gets harder during a business disruption

Posted on April 2, 2020 by FireMon

FireMon’s 2020 State of Hybrid Cloud Security Survey found that 69.5 percent of respondents have a security team of just 10 people or fewer. And most manage both on-premise network security and cloud… Continue reading Without automation, security gets harder during a business disruption →

EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

Posted on March 18, 2020 by Melissa Frydrych

In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force IRIS discovered a backdoor malware strain we named “EnigmaSpark.”

The post EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan appeared first on Security Intelligence.

Continue reading EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan→

9 Strategies for Retaining Women in Cybersecurity and STEM in 2020

Posted on March 6, 2020 by Josephine Wolff

We still have a long way to go to improve gender diversity in the security workforce. Here are nine tips for recruiting and retaining women in cybersecurity and STEM.

The post 9 Strategies for Retaining Women in Cybersecurity and STEM in 2020 appeared first on Security Intelligence.

Continue reading 9 Strategies for Retaining Women in Cybersecurity and STEM in 2020→