Just one day after its release, iOS 11.1 hacked by security researchers

By: sikur

Capturar.JPG

By Zack Whittaker | 

A day after iOS 11.1 was released, security researchers have already broken the software.

News of the exploits came from Trend Micro’s Mobile Pwn2Own contest in Tokyo, where security researchers found two vulnerabilities in Safari, the mobile operating system’s browser.

It took researchers at Tencent Keen Security Lab a few seconds to exploit two bugs — one in the browser and one in a system service that let a malicious app persist through a reboot.

Another bug in Safari let researchers break the browser’s sandbox and execute malicious code.

The bugs earned the researchers $70,000 in awards.

But specific details of the exploits won’t be made public until Apple fixes the bugs, or a three-month period of responsible disclosure expires — whichever is first.

MORE: https://www-zdnet-com.cdn.ampproject.org/c/www.zdnet.com/google-amp/article/ios-11-hacked-by-security-researchers-day-after-release/

 

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Highly Critical Flaw (CVSS Score 10) Lets Hackers Hijack Oracle Identity Manager

By: sikur

Capturar

by Swati Khandelwal

October 30, 2017

A highly critical vulnerability has been discovered in Oracle’s enterprise identity management system that can be easily exploited by remote, unauthenticated attackers to take full control over the affected systems.

The critical vulnerability tracked as CVE-2017-10151, has been assigned the highest CVSS score of 10 and is easy to exploit without any user interaction, Oracle said in its advisory published Monday without revealing many details about the issue.

The vulnerability affects Oracle Identity Manager (OIM) component of Oracle Fusion Middleware—an enterprise identity management system that automatically manages users’ access privileges within enterprises.

The security loophole is due to a “default account” that an unauthenticated attacker over the same network can access via HTTP to compromise Oracle Identity Manager.

Oracle has not released complete details of the vulnerability in an effort to prevent exploitation in the wild, but here the “default account” could be a secret account with hard-coded or no password.

MORE: https://thehackernews.com/2017/10/oracle-identity-manager.html

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

EU to Declare Cyber-Attacks “Act of War”

By: sikur

Sensitive-Greater-Manchester

Phil Muncaster

31 OCT 2017

European Union member states have drafted a diplomatic document which states serious cyber-attacks by a foreign nation could be construed as an act of war.

The document, said to have been developed as a deterrent to provocations by the likes of Russia and North Korea, will state that member states may respond to online attacks with conventional weapons “in the gravest circumstances.”

The framework on a joint EU diplomatic response to malicious cyber activities would seem to raise the stakes significantly on state-sponsored attacks, especially those focused on critical infrastructure.

Security minister Ben Wallace claimed last week that the UK government is “as sure as possible” that North Korea was behind the WannaCry ransomware attacks in May that crippled over a third of NHS England, forcing the cancellation of thousands of operations and appointments.

The suspected state-sponsored group known as Dragonfly has also been active of late probing US energy facilities.

That said, definitive attribution in cyberspace is very difficult, making the framework appear largely symbolic.

It brings the EU in line with Nato moves in the past establishing cyber as a legitimate military domain, meaning an online attack could theoretically trigger Article 5, the part of its treaty related to collective defense.

That states that an attack on one member is an attack on all 29 allies.

MORE: https://www.infosecurity-magazine.com/news/eu-to-declare-cyber-attacks-act-of/

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Investigation Underway at Heathrow Airport After USB Drive Containing Sensitive Security Documents Found on Sidewalk

By: sikur

Sensitive-Greater-Manchester

By Pierluigi Paganini

October 30, 2017

An unnamed man, on his way to the library, spotted a thumb drive on the sidewalk in Queen’s Park, West London. He pocketed the USB drive and continued on his way. He remembered the USB drive a few days later and returned to the library to view its contents. Recognizing the sensitive nature of the information, he then turned the USB drive over to The Sunday Mirror tabloid.

In their article on October 28th, the Mirror confirmed that the thumb drive contained at least 174 documents. These documents describe various security controls and protocols in place at Heathrow including:
  • timetables of roving security patrols
  • locations of CCTV cameras
  • types of security badges required to access restricted areas
  • maps of tunnels, access points and restricted areas
  • routes taken by the Queen and other VIPs to the Royal Suite private area at Heathrow, and
  • security protocols for VIPs travelling through the airport

It is obvious how this information would benefit someone intent on disrupting the airport or causing harm to dignitaries or VIPs. Many documents were labeled as “confidential” or “restricted” highlighting their sensitive nature. In an interesting twist, these labels follow an older labeling scheme so there is a question of how up-to-date this information isEven if the information is outdated, knowing former protocols and designs help a bad actor to anticipate the current solutions.

MORE: http://securityaffairs.co/wordpress/64987/security/heathrow-airport-usb-drive.html

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Merck’s cyber-attack shaved $135 million off sales

By: sikur

shark

By AUSTENHUFFORD

27/10/2017

Merck & Co. said a cyberattack over the summer hurt sales by more than $135 million in the quarter, highlighting the very-real impacts virtual attacks can have on company results.

Merck has said that the June attack disrupted its world-wide operations, including manufacturing, research and sales.

The cyberattack on major companies around the globe in late June, dubbed Petya by computer-security experts, locked digital files and demanded payment for them to be returned at more than 100 companies and institutions.

On Friday Merck said the attack cut revenue by $135 million through lost sales.

Sales were also cut by an additional $240 million as there was borrowing from the U.S. Centers for Disease Control and Prevention vaccine stockpile of its HPV drug Gardasil, driven by both the attack and higher demand than expected.

Sales in all fell 2% to $10.33 billion. Still, the company saw big results from its keytruda cancer drug, which got an important FDA approval in May. Sales of the drug increased to $1.05 billion from $356 million.

The company posted a loss of $56 million, or 2 cents a share, compared to a profit of $2.18 billion, or 78 cents a share, in the same quarter last year. On an adjusted basis, earnings per share rose to $1.11 from $1.07.

MORE:https://www.marketwatch.com/story/mercks-cyber-attack-shaved-135-million-off-sales-2017-10-27

 

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

What are file-less cyber attacks and how do you protect against them

By: sikur

shark

by PETER BUTTLER

28/10/2017

Businesses and internet users are finally becoming more aware of the danger of cyber attacks. They’ve started to boost their defending techniques, leaving hackers with fewer options to carry out their malicious deeds.

However, exploiting a vulnerability is just a matter of techniques and available resources; so a good detection is all that decides the time span a hacker could stay inside a network. This is extremely important because there’s a new hacking technique on the rise, called “file-less cyber attacks”.

This new attacking technique could bypass antivirus software and corporate firewalls without being detected. The new breed of attacks can be especially damaging because it accesses the corporate networks without any malware inside its programming.   

A malicious hacker could therefore gain access to your system with relative ease, by invading weak software and infiltrating the source code. Once the hacker enters your system, he/she can embed code which could destruct, acquire, or demolish important data without leaving a trace. The hacker could, for example, control operating system tools such as WindowsManagement Instrumental or PowerShell.

MORE: https://thenextweb-com.cdn.ampproject.org/c/s/thenextweb.com/contributors/2017/10/28/file-less-cyber-attacks-protect/?amp=1

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

How to engage with the C-Suite on cyber risk management: Part One

By: sikur

shark

By: Christopher J Hodson MSc, M.Inst.ISP, CISSP

27/10/2017

CISOs need to meet board members where they “live” – meaning they need to be talking about the same objectives if the metrics are to make sense.

Enron changed the world of finance and the energy industry forever, and the early days of the Equifax hack look as though this breach could change the face of the credit industry and cybersecurity forever. That a single company could amass so much financial information on an individual and be as poorly defended as it was just emphasizes the importance of communicating security and risk effectively to your Board of Directors.

As an infosec director, I’m often asked about the biggest challenges faced by CISOs. Again, and again, one key issue surfaces: the need for CISOs to deliver meaningful metrics to their Board of Directors. Boards that are not comprised of security professionals are increasingly funding new cybersecurity programs and initiatives without understanding what information they want or need. They call for metrics, and the CISO is left wondering which metrics to present that will mean something to the board.

To understand which metrics CISOs should deliver, CISOs need repeatable processes and an understanding of risk management. CISOs need to meet board members where they “live” — meaning they need to be talking about the same objectives if the metrics are to make sense.

MORE: https://www.peerlyst.com/posts/how-to-engage-with-the-c-suite-on-cyber-risk-management-part-one-christopher-j-hodson-m-inst-isp-cissp

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Brecha no iOS permite que qualquer app filme o usuário sem que ele saiba

By: sikur

macacu

Por LEONARDO PEREIRA

26/10/2017

Existe uma brecha com sérias implicações de privacidade dentro do iOS pela qual desenvolvedores poderiam espionar os donos de iPhones e iPads sem que eles percebam.

O problema foi descoberto por Felix Krause, um desenvolvedor que trabalha no Google. Ele explicou, por meio de um post publicado ontem, que qualquer aplicativo que tenha obtido permissão para acessar as câmeras do dispositivo pode fazê-lo sempre que estiver em primeiro plano.

Suponha que você esteja no banheiro usando um app como Facebook ou Instagram, por exemplo. Enquanto rola pelos feeds, esses apps poderiam estar fotografando, filmando ou até transmitindo em tempo real seu rosto pela câmera frontal ou o ambiente pela câmera traseira.

Tudo isso ocorre sem que o usuário seja avisado, já que os dispositivos móveis da Apple não emitem alertas quando suas câmeras estão em uso — ao contrário do que ocorre nos Macs, por exemplo, em que há um LED que se acende sempre que a câmera está ligada.

MORE: https://olhardigital.com.br/noticia/brecha-no-ios-permite-que-qualquer-app-filme-o-usuario-sem-que-ele-saiba/71944

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Anonymous launches ‘Free Catalonia’ cyber attacks on Spanish government

By: sikur

spanish

By ROSS LOGAN

Oct 26, 2017

The online activist network announced it was launching “Operation Catalonia” after taking down a number of state-owned websites in recent weeks.

The latest cyber attack took place on Tuesday night, when the Royal House website was taken down by hacktivists.

That follows the website of the Constitutional Court – which ruled Catalonia’s October 1 referendum illegal – crashing due to an Anonymous-led DoS attack.

The website for the Ministry of Public Works and Transport was also hacked to display a “Free Catalonia” banner.

A number of Twitter accounts claiming to be part of the Anonymous network have warned of future attacks on Spanish government websites, which has been criticised for its violent response to the ballot.

According to another Anonymous account, the Spanish police, who were filmed brutally attacking Catalans with batons and pepper spray, will be attacked shortly.

Anonymous had previously stated its support fro the Catalonian referendum in a video posted on YouTube shortly before the vote took place.

MORE: https://www.express.co.uk/news/world/871574/catalonia-Carles-Puigdemont-independence-anonymous-hacks-royal-family-government-police

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Panama Papers-style leak may follow breach of offshore law firm Appleby

By: sikur

databreach-580x358.jpg

by Bradley Barth

October 25, 2017

An offshore law firm representing wealthy clientele suffered a data breach earlier this year that reportedly is preparing for its sensitive financial information to be publicly leaked, in an incident similar to the 2015 Panama Papers case.

According to a report in the The Telegraph, the exposed information could place a high amount of scrutiny on various tax havens used by the rich.

In an online statement, the Bermuda-based firm said that it was recently approached by members of the International Consortium of Investigative Journalists (ICIJ), who made unspecified allegations against the company after viewing the exposed documents.

The ICIJ, which operates an Offshore Leaks Database that reveals corporate tax haven secrets, is known for publishing the Panama Papers, a trove of 11.5 million leaked documents — detailing private offshore business dealings — that were stolen following a breach of the law firm Mossack Fonseca.

In its statement, Appleby acknowledged the breach, but denied any illegal activity on the part of the law firm or its clients.

MORE: https://www.scmagazine.com/panama-papers-style-leak-may-follow-breach-of-offshore-law-firm-appleby/article/702630/?DCMP=EMC-SCUS_Newswire_20171026&&email_hash=D9FF62BDFA62CCFC5AA58A7AE5C772B7&&spMailingID=18359005&&spUserID=MTg0NjY4Njc4NTkxS0&&spJobID=1121897626&&spReportId=MTEyMTg5NzYyNgS2

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist