Lifeboat Foundation

Your phone number is increasingly tied to your online identity. You need to do everything possible to protect it.

Security experts from the SAN Institute speaking at the 2018 RSA Conference warn that enterprises should not assume that their data assets stored off site in cloud computing platforms are safe from cyber-attackers.

Fraudsters are now gingerly testing the waters in central and Western Europe with attacks that drain cash machines of their funds, according to a trade group that studies criminal activity around ATMs.

See Also: How to Combat Targeted Business Email Compromise Attacks

The European Association for Secure Transactions, or EAST, says the attacks, sometimes referred to as “jackpotting,” rose 231 percent in 2017 compared to 2016. Last year, 193 incidents were reported compared to 58 in 2016.

Continue reading “No Card Required: ‘Black Box’ ATM Attacks Move Into Europe” »

Officials have dragged their feet on updating machines and securing data – and a climate of fear could undermine voter confidence.

THE FIN7 HACKING group has leeched, by at least one estimate, well over a billion dollars from companies around the world. In the United States alone, Fin7 has stolen more than 15 million credit card numbers from over 3,600 business locations. On Wednesday, the Justice Department revealed that it had arrested three alleged members of the group—and even more important, detailed how it operates.

The Justice Department announced the arrest of three members of notorious cybercrime group Fin7—and detailed some of their methods in the process.

According to Marc Ph. Stoecklin, principal research scientist at IBM Research, DeepLocker is a “new breed of highly targeted and evasive attack tools powered by AI.”

DeepLocker was designed in an attempt to improve understanding of how AI models can be combined with malware techniques to create a “new breed of malware,” Stoecklin explained in a post. This new type of malware can disguise its intent until it reaches an intended victim, which could be determined by taking advantage of facial recognition, geolocation, and voice recognition.

“The DeepLocker class of malware stands in stark contrast to existing evasion techniques used by malware seen in the wild. While many malware variants try to hide their presence and malicious intent, none are as effective at doing so as DeepLocker,” Stoecklin wrote.

Continue reading “DeepLocker demonstrates how AI can create a new breed of malware” »

Not long ago, getting a virus was about the worst thing computer users could expect in terms of system vulnerability. But in our current age of hyper-connectedness and the emerging Internet of Things, that’s no longer the case. With connectivity, a new principle has emerged, one of universal concern to those who work in the area of systems control, like João Hespanha, a professor in the departments of Electrical and Computer Engineering, and Mechanical Engineering at UC Santa Barbara. That law says, essentially, that the more complex and connected a system is, the more susceptible it is to disruptive cyber-attacks.

“It is about something much different than your regular computer virus,” Hespanha said. “It is more about cyber physical systems—systems in which computers are connected to physical elements. That could be robots, drones, smart appliances, or infrastructure systems such as those used to distribute energy and water.”

In a paper titled “Distributed Estimation of Power System Oscillation Modes under Attacks on GPS Clocks,” published this month in the journal IEEE Transactions on Instrumentation and Measurement, Hespanha and co-author Yongqiang Wang (a former UCSB postdoctoral research and now a faculty member at Clemson University) suggest a new method for protecting the increasingly complex and connected power grid from attack.

Continue reading “Team suggests a way to protect autonomous grids from potentially crippling GPS spoofing attacks” »

Though more router manufacturers are making routers easier to set up and configure—even via handy little apps instead of annoying web-based interfaces—most people probably don’t tweak many options after purchasing a new router. They log in, change the name and passwords for their wifi networks, and call it a day.

While that gets you up and running with (hopefully) speedy wireless connectivity, and the odds are decent that your neighbor or some random evil Internet person isn’t trying to hack into your router, there’s still a lot more you can do to boost the security of your router (and home network).

To keep an organization safe, you must think about the entire IT ecosystem.

The ever-expanding range and diversity of cyber threats make it difficult for organizations to prioritize their offensive and defensive strategies against attackers. From malware, ransomware, and other attacks coming from the outside, to insider threats and system vulnerabilities from within, today’s expanded attack surfaces cut across the whole enterprise landscape — and that means an enterprise’s threat intelligence strategy must address the entire IT ecosystem.

To be effective, threat intelligence must be proactive, comprehensive, and done in a way that doesn’t inadvertently create more risk. Unfortunately, as a recent Ponemon survey illustrates, most organizations fall short of this goal — tripped up by a range of challenges, including a lack of expertise and overwhelming volumes of data. Improved threat intelligence comes from improving the strategy, techniques, and tools employed by enterprises to probe their networks for weakness and shore up defenses and resiliency.

Continue reading “How to Structure an Enterprise-Wide Threat Intelligence Strategy” »