PoS Trojan Bypasses Account Control Posing as Microsoft App
A newly discovered PoS (Point-of-Sale) malware can bypass
computer defenses such as User Account Control (UAC) by posing as a legitimate
Microsoft application, Doctor Web researchers have discovered.
… Upon infection,
the Trojan performs a series of checks to determine whether on the targeted
system runs any program that could hinder its activity. It looks for any copies of itself, as well as
for virtual machines, emulators, and debuggers, and terminates itself if any of
these is found.
Otherwise, the malware runs itself and attempts to gain
administrator privileges by tricking the default system defenses. In the User Account Control (UAC) warning
triggered by the malware, however, the user is informed that the running
application is called WMI Commandline Utility (wmic.exe) and is developed by
Microsoft.
My Computer Security students should find this
confusing.
Insurers working to fill cyberinsurance data gaps
Insurance companies typically have decades of data, if not
more, on which to base their risk estimates.
That's not the case with cyber risk, however. There's very little historical data available,
the data is not complete, and the threat landscape doesn't just change year by
year, but day by day. There isn't even a
standard set of definitions that everyone can agree on.
… One of the first
problems when it comes to buying cyberinsurance is that nobody knows exactly
what it means. Corporate financial
officers, security managers, and insurance brokers have different understanding
of risk, for example.
According to a recent cyberinsurance survey by the SANS Institute, only 30
percent of underwriters and 38 percent of information security professionals
believe that they speak the same language.
… For example, one
policy might refer to a "privacy breach," another to a "data
breach", and a third to "network security wrongful acts."
"Is a privacy breach the same thing as a privacy
wrongful act?" he asked. "Is a
data breach the same as a network security wrongful act?"
"And a lot of the language hasn't been tested in
court yet," he added.
… In a recent survey the company conducted, only 10 percent of IT
experts said they believed that their cyber coverage was completely up to date,
and of those who had cyber insurance, and only 43 percent were confident that
it covered business email compromise fraud. There was a similar lack of confidence about
new social engineering attacks.
"Almost half -- 45 percent -- of firms are clueless
as to whether their cyberinsurance policy is up to date for covering these
types of threats," Malone said.
“We use that code to identify our VIP passengers, not for
security.”
Hacker uses fake boarding pass to get into every airline
lounge for free
… The security
flaw was discovered by Przemek Jaroszewski, the head of Poland’s Computer
Emergency Response Team. He discovered
that lounge access is coded into the QR code of an electronic boarding pass,
but not verified by any central database.
… The hack hasn’t
been tested in North America, so it’s possible that it would be defeated by
more stringent checks. The TSA told
Wired that lounge security is the responsibility of the airlines, and is
nothing to do with the more general security apparatus.
Another form of intimidation? Actions short of war?
Cyber Espionage Targets Interests in South China Sea
A cyber espionage campaign has been discovered apparently
targeting participants in the recent Permanent Court of Arbitration case
brought by the Philippines against China over Chinese claims of sovereignty in
the South China Sea.
… The cyber espionage campaign was discovered by F-Secure. It named it NanHaiShu, and has today published an analysis of the methodology and malware involved.
… One thing is certain -- Chinese feelings in
the South China Sea run deep. Soon after
after the ruling it commenced a major wargames exercise with, according to
ZeroHedge, "some 300 ships, dozens of fighter planes, and involved troops
that are responsible for coastal defense radars, communications, and electronic
warfare defense."
Are we about to retaliate?
Obama prepares to boost U.S. military's cyber role: sources
… Under the plan
being considered at the White House, the officials said, U.S. Cyber Command
would become what the military calls a "unified command" equal to
combat branches of the military such as the Central and Pacific Commands.
Cyber Command would be
separated from the National Security Agency, a spy agency responsible for
electronic eavesdropping, the officials said. That would give Cyber Command leaders a larger
voice in arguing for the use of both offensive
and defensive cyber tools in future conflicts.
Perspective. If Pokémon
is eating batteries, what Apps are neglected?
Pokémon Go drives a surge in smartphone backup battery sales
Early on in the Pokémon Go hype cycle, there were signs
that players were driving a significant uptick in sales of backup batteries,
like the Mophie units you may be familiar with that offer USB connections for
topping up mobile devices while you’re away from an outlet. Now, research from analytics firm NPD Group goes beyond early anecdotal evidence to show that
in fact, unit sales across the portable power pack segment saw a 101 percent
spike in the two weeks spanning July 10 and July 23, as compared to the same
period last year.
Another week older but no wiser.
Hack Education Weekly News
… Denver
District Judge Michael Martinez has ordered
a halt to a Douglas County program that allowed parents to use vouchers
to send their children to private schools.
… “Atlanta
Public Schools debut new police force,” WSB-TV
reports. Every school will have a
dedicated police force, which as Tressie
McMillan Cottom quips, is more than have AP classes.
… Also
via Inside Higher Ed: “A prominent technology think tank
wants the federal government to encourage the use of standardized
assessments to measure postsecondary knowledge and skills, with an
approach that would separate learning from credentialing and
challenge the dominance of traditional college degrees.”
No comments:
Post a Comment