Updates from December, 2017 Toggle Comment Threads | Keyboard Shortcuts

  • jkabtech 12:17 pm on December 15, 2017 Permalink | Reply
    Tags: , exploited, , rushes   

    Adobe rushes out fix for exploited Flash bug 

    After Kaspersky discovers hackers using flaw to deploy FinFisher. Adobe has issued an emergency patch for its Flash software after discovering hackers are actively exploiting the newly-discovered bug in the wild.The patch came after Kaspersky Lab said a group it was tracking, BlackOasis, used the previously unknown weakness on October 10 to plant Fin…

    Hi! You’ve reached one of our premium articles. This is available exclusively to subscribers.

    It’s free to register, and only takes a few minutes.

    Once you sign up you’ll have unlimited access to the full catalogue of Australia’s best business IT content, as well as a daily news bulletin delivered straight to your inbox.

    Register now Already have an account? Log in to read this article.

    View the Original article

  • jkabtech 4:17 am on December 15, 2017 Permalink | Reply
    Tags: , , , spree   

    ANZ Bank in cyber security hiring spree 

    As rival CBA downscales.

    ANZ Bank is seeking to grow its team of cyber security professionals as it builds out its digital delivery capabilities and implements the scaled agile methodology across the entire bank.

    The company in May announced it would expand its use of agile to the whole organisation to allow it to respond faster to customer demands.

    The restructure will see multi-disciplinary teams of about 10 employees created across the workforce in pursuit of a leaner, more efficient organisation.

    At the same time the bank is working to boost its abilities in digital delivery, having recently created an executive role dedicated to digital transformation filled by former eBay Europe chief operating officer Jennifer Scott.

    Scott’s responsibility is to “accelerate an innovative culture” across the bank through the use of strategic digital partnerships, and deliver ANZ’s new digital banking strategy.

    The new directions in agile and digital have necessitated growth in the bank’s information and cyber security team, according to job ads posted by ANZ

    It is recruiting for a number of positions, including for a new red team.

    A red team is a group of professionals tasked with finding holes in an organisation’s IT security posture. The bank said the new team was an expansion of existing red team capability.

    Roles available include a team leader, manager, and consultant positions.

    “The focus of these roles is on evaluating and testing our environment for any issues regarding our security posture. You will be driving effective penetration testing and process efficiencies, in line with best practice,” ANZ said.

    Three security and technology risk management roles are also on offer across the digital, data, and payments domains.

    “We want to build an innovative, secure and simplified environment using the latest tools, techniques and industry best practice,” the bank wrote.

    “There has never been a more exciting time to work in cyber security. Our team plays an important role at ANZ, collaborating to achieve the best security outcomes across the bank, broader industry and government as well as fostering unique opportunities to contribute to the community.”

    It comes as rival CBA downsizes its own security operations following the appointment of a new chief information security officer.

    CBA had significantly grown the size and budget of its security operations over the past six years, but after joining in February new CISO Yuval Illuz has sought to rein in spending and slim down the division.

    The bank’s restructure has resulted in job losses as well as the potential outsourcing of some security functions.

    View the Original article

  • jkabtech 8:17 pm on December 14, 2017 Permalink | Reply
    Tags: , confuses, , ,   

    Wi-fi flaw confuses Aussie internet users 

    D-Link reiterates KRACK researchers’ assertion that APs aren’t targeted. Do home routers really need urgent patching?

    Confusion is sweeping Australian internet users after the disclosure of a flaw in the WPA2 protocol used to secure wi-fi, with many unsure of what they need to patch.

    The flaw, which was made public late on Monday night local time, puts almost all personal and enterprise wireless-enabled devices and networks at risk of attack.

    The researchers who uncovered the so-called KRACK attack assert that it “does not exploit access points, but instead targets clients” – and that “for ordinary home users, your priority should be updating clients such as laptops and smartphones”.

    Despite this, there remains considerable confusion on whether home routers need to be updated or not.

    A D-Link A/NZ representative told Whirlpool that the vulnerability “is targeting … clients and not the routers/access points” (APs).

    “If the router/AP is running in normal wi-fi mode (as an access point) – it is not vulnerable (but the client still is, unless it is patched),” the representative said.

    “A router/AP will only be affected if running in ‘AP client mode’ – this mode is not enabled in our routers and very rarely used in APs.”

    The D-Link representative indicated the router maker would patch its firmware using code from the manufacturers of wi-fi chipsets incorporated into its products.

    “But again – the important part is to patch the clients (computers, phones, tablets),” the representative said.

    “Modifying the wi-fi code on

    View the Original article

  • jkabtech 12:17 pm on December 14, 2017 Permalink | Reply
    Tags: , , , stronger, ,   

    Google offers stronger security for targeted users 

    Shutters third-party access to messages and Drive.

    Google is offering stronger protection to exposed groups of internet users such as business leaders, political campaign workers, and journalists for the company’s online services.

    Its advanced protection program aims to protect personal Google accounts against targeted attacks such as phishing, while tightening access controls to the Gmail and Drive services.

    After enrolling in the program, third-party apps will no longer have access to Gmail messages and data stored on Drive.

    This includes Apple’s iOS devices – under the program, only Google’s own Gmail, Inbox and Calendar apps can access user data.

    Likewise, program users will only be able to use the company’s own Chrome browser to access Google services over the web.

    Google has also added safeguards against fraudulent account password resets to further protect against unauthorised access to sensitive data.

    The advanced protection program uses hardware security keys on sale from Amazon: one uses Bluetooth, NFC, and cable to authenticate a user’s phone, tablet, and computer; and the second is a USB device for backups.

    However, the main key made by Feitian – which is required to enrol in the program – is only available for purchase through Amazon in certain European countries and Japan.

    Google did not say whether the Feitian key can be bought directly in Australia, the United States, Canada, and other markets.

    When the security keys are tied to a user account, two-step verification methods such as SMS text message and Google Authenticator one-time passphrases will no longer work.

    If users lose the two security keys, account resets are still possible but could take several days, Google said.

    View the Original article

  • jkabtech 4:17 am on December 14, 2017 Permalink | Reply
    Tags: , , , patching, pwned, scolds   

    Oracle scolds customers for not patching and getting pwned 

    While releasing another massive monthly critical patch update.

    Oracle has chided customers for failing to apply patches to its products in a timely manner and therefore falling victim to attackers.

    The enterprise IT vendor today said it continued to “periodically receive reports” of attempts by attackers to exploit vulnerabilities that it had already released fixes for.

    It said the attackers were occasionally successful because the targeted Oracle customers had failed to apply available patches.

    “Oracle therefore strongly recommends that customers remain on actively-supported versions and apply critical patch update fixes without delay,” the company said.

    It made its comments as part of an advisory about its critical patch update for October 2017.

    This quarter’s collection of security patches includes 252 fixes. The figure is down from the 308 patches Oracle released in July and the 300 that were provided in April, but is higher than January’s count of 209.

    However the October collection contains a high number of remote code execution flaws that don’t require user credentials to exploit.

    The RCEs were found in the likes of Oracle Siebel CRM, PeopleSoft, Fusion Middleware, E-Business Suite, JD Edwards and MySQL.

    This month’s patch update also fixes two critical flaws in Oracle’s Java application development framework and code runtime, within the Hotspot and Remote Method Invocation components.

    Both can be exploited remotely to run arbitrary code without user authentication on vulnerable systems.

    Security vendor ERPscan analysed the October 2017 bundle and singled out three critical vulnerabilites that had earned the full 10 out of 10 common vulnerability scoring system (CVSS) rating.

    The three flaws were found in Oracle’s Hospitality Reporting and Analytics software and have been labelled priority fixes.

    Oracle’s Siebel Apps – Field Service also has a 10 CVSS-rated flaw that can be exploited to completely take over the software.

    ERPscan founder and chief technical officer Alex Polyakov said the October patch update also contains “an alarming number of PeopleSoft fixes”. 

    Of the 23 PeopleSoft vulnerabilities in the bundle, 13 can be exploited remotely over networks without entering user credentials, Polyakov said.

    “Over 1000 PeopleSoft systems are discoverable on the internet simply by Google or Shodan.io scanning, therefore putting organisations at risk because of the recent vulnerabilities,” he said.

    View the Original article

  • jkabtech 8:17 pm on December 13, 2017 Permalink | Reply
    Tags: , , , espionage, ,   

    ASIO warns cyber espionage against Australia will increase 

    Rewards are lucrative and risks are low.

    Cyber espionage attacks by nation states against Australia are expected to increase in both number and sophistication over the coming years, the country’s domestic spy agency has warned.

    The “relatively low cost” and “plausible deniability” on offer from such attacks will lure more malicious actors to conduct cyber espionage campaigns, ASIO said in its annual report released today

    View the Original article

  • jkabtech 12:17 pm on December 13, 2017 Permalink | Reply
    Tags: expands, Lockheed, ,   

    Lockheed expands AI research at Melbourne lab 

    Raydon Gates, CEO Lockheed Martin A/NZ and Dr. Keoki Jackson, Lockheed Martin’s CTO announce STELaRLab in 2016. (Credit: Lockheed Martin) Results could improve ‘Australia’s defence and national security’.

    Lockheed Martin is set to expand the number of researchers looking at machine learning and cognitive architectures at its nascent STELaRLab in Melbourne.

    STELaRLAB – which stands for science technology engineering leadership and research laboratory – was announced in August 2016 and launched a year later.

    It is a collaboration between Lockheed and the University of Melbourne. The defence contractor has put up an initial $13 million in seed funding.

    STELaRLAB is the first R&D centre that Lockheed Martin has opened outside of the United States.

    Its current research focuses include autonomous systems; robotics; command control communications, computer, intelligence, surveillance and reconnaissance (C4ISR); artificial intelligence; and hypersonic vehicles.

    The projects it undertakes must have a “business interest to Lockheed Martin, which in turn are problems directly applicable to our national security needs”, the company said.

    A few short months after officially opening the lab, the contractor said it has now identified “an immediate need to expand our groups with skills in analytics, machine reasoning and AI applications and infrastructure development”.

    Machine reasoning is an evolution of machine learning that allows a system to not only learn from what it sees but to reason – much like a human would – when determining an appropriate course of action.

    Lockheed intends to bring onboard two new researchers to design and implement “cognitive architecture and supporting analytics and AI algorithms for multiple programs at Lockheed Martin for both internal and collaborative projects with academia and other government research institutions”.

    It said the results of the research “potentially have far reaching international impact for Australia’s defence and national security”, without elaborating.

    STELaRLAB is expected to house about 20 employees within its first three years.

    View the Original article

  • jkabtech 4:17 am on December 13, 2017 Permalink | Reply
    Tags: concerns, , revive, , ,   

    Cyber security concerns won’t revive tape storage 

    Does it make you want to turn to tape? One month renaissance already cut short.

    Tape storage experts have raised significant doubt over an apparent resurgence in tape led by enterprises worried that cloud-based alternatives can be too easily hacked.

    The tape renaissance was raised by the Wall Street Journal last month, which quoted unnamed “security experts” arguing that tape could be the answer to cyber security concerns around storage.

    Recovery Point Systems founder Marc Langer told WSJ that tape could be a “safe choice” for some storage because it was “inconvenient” to access. “Good security is almost always inconvenient,” he said.

    But Guy Holmes, founder and CEO of Perth-based Tape Ark, branded the “concept that writing your data to tape is more secure

    View the Original article

  • jkabtech 8:17 pm on December 12, 2017 Permalink | Reply
    Tags: , , , ,   

    Google offers Play app store bounty program 

    Limited to specific apps and vulnerabilities.

    Google has opened a bug bounty program for its Play store to help it discover vulnerabilities and improve security.

    The program does not cover every app in the app repository, however.

    All Android apps developed by Google are in scope for the bounty program, which is run by HackerOne.

    Apps from Alibaba, Dropbox, Duolingo, Headspace, Line, Mail.ru, Snapchat and Tinder also qualify for bounties, but vulnerabilities have to be submitted to the companies in question first.

    Google has also limited the vulnerabilities that qualify for bounties to remote code execution (RCE) on user devices running Android 4.4 or higher. 

    Specifically, Google asks for proofs of concept for RCE vulnerabilities that allow attackers to gain full control of devices.

    Other types of vulnerabilities that qualify for rewards include those that cause banking apps to make money transfers without user consent, and open webviews that could lead to phishing attacks.

    Researchers up to US$31,337 with an additional discretionary bonus of US$1000 under the Play security rewards program. 

    Reports of malware infecting Google’s Play Store have become more common in recent years.

    In August Google pulled more than 500 apps from the store after they were found to contain a software development kit (SDK) that could download malicious plug-ins at will. That same month researchers discovered banking malware hiding in the app store as well as a botnet controller.

    View the Original article

  • jkabtech 12:17 pm on December 12, 2017 Permalink | Reply
    Tags: , , , , ,   

    Online rating system likely behind Domino’s data leak 

    As customers deal with influx of phishing emails.

    Pizza giant Domino’s Australia has indicated an unnamed online ratings system was likely the source of a data leak that has seen its customers bombarded with spam emails over the past few weeks.

    The leaked customer data has been used to give an appearance of legitimacy to the phishing emails, which include the customer’s first name and the suburb in which they have ordered pizza in an attempt to provoke a response.

    Domino’s has attributed the data breach to a supplier but has declined to name the company involved.

    However, in an update late yesterday CEO Don Meij said the company had matched the data accessed by the spammers to an unnamed online ratings system.

    “This is the type of information that is contained in an online rating system managed by a former supplier, which suggests this may have been the source of the information. We are continuing to investigate this,” Meij said in a statement.

    “We understand that receiving an unknown email from a third party asking these details in this manner can be confronting and we share your concern about this.”

    Domino’s earlier said it had ended its agreement with this supplier in July.

    The pizza giant had an arrangement with credit agency Equifax for marketing services, and Equifax’s recent large-scale breach led to speculation the company was behind the Domino’s leak. However, Equifax told iTnews it had no involvement in the incident.

    Domino’s maintains no “unauthorised access” to its systems has taken place and that no customer financial information was compromised.

    It has declined to state how many customers were impacted by the breach.

    View the Original article

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc
%d bloggers like this: