News – June 2017


  • Civil rights warriors get green light to challenge UK mass surveillance

    June 30, 2017

    The High Court in London, England, has given Liberty permission to challenge parts of the UK’s Investigatory Powers Act. The act, which was passed into law last year, offers the state unprecedented powers to monitor the population en masse, and to collect and retain bulk personal and communications data. It has been roundly condemned by privacy and ...

  • Wikileaks Reveals CIA Malware that Hacks & Spy On Linux Computers

    June 30, 2017

    WikiLeaks has just published a new batch of the ongoing Vault 7 leak, this time detailing an alleged CIA project that allowed the agency to hack and remotely spy on computers running the Linux operating systems. Dubbed OutlawCountry, the project allows the CIA hackers to redirect all outbound network traffic on the targeted computer to CIA ...

  • Great need to ‘improve’ the cyber security in industrial control systems

    June 30, 2017

    There is a pressing need to improve cyber security in industrial control system (ICS) environments to avoid future breaches that could impact critical national infrastructure concludes CREST, the not-for-profit accreditation body representing the technical information security industry. This is based on a report, which highlighted a number of challenges and suggests that more technical security testing has ...

  • IAI investing in European cybersecurity companies

    June 29, 2017

    Israel Aerospace Industries’ Cyber Division is investing in companies in Holland and Hungary to expand its research and development activities in the field. These investments join IAI’s cyber-operations in Israel, Switzerland and Singapore, where it operates R&D and innovation centers, the company said when making the announcement on Thursday. “Our investments in local software companies form the ...

  • Security researcher creates ‘vaccine’ against ransomware attack

    June 28, 2017

    A vaccination for the global cyber attack that infected thousands of machines in dozens of countries has been discovered by an American security researcher. The simple antidote to the Petya ransomware, which stops computers from being able to launch and demands a $300 (£234) payment, uses an empty folder to block the virus from working. It could prevent further ...

  • Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response

    June 28, 2017

    A critical vulnerability has been discovered in Systemd, the popular init system and service manager for Linux operating systems, that could allow remote attackers to potentially trigger a buffer overflow to execute malicious code on the targeted machines via a DNS response. The vulnerability, designated as CVE-2017-9445, actually resides in the ‘dns_packet_new‘ function of ‘systemd-resolved,’ a ...

  • Cybersecurity stocks rally as ransomware attack targets thousands of computers

    June 28, 2017

    Cybersecurity stocks are soaring as a vicious new form of malware has left thousands of computers grounded. Many cybersecurity companies saw their stocks rally Wednesday as the “Petya” ransomware program immobilized more than 12,000 computers from companies around the world in order to extort money from their owners, according to numbers from Microsoft. After halting its shares ...

  • Britain prepared to use air strikes or send in troops as retaliation against future cyber attack

    June 28, 2017

    Britain could launch military retaliation such as air strikes against a future cyber attack, the Defence Secretary has suggested. Sir Michael Fallon warned potential attackers that a strike on UK systems “could invite a response from any domain – air, land, sea or cyberspace”. The Defence Secretary said the UK’s ability to carry out its own cyber ...

  • Petya cyber attack: Ransomware spreads across Europe with firms in Ukraine, Britain and Spain shut down

    June 27, 2017

    Major firms, airports and government departments in Ukraine have been struck by a massive cyber attack which began to spread across Europe on Tuesday afternoon. In Ukraine, government departments, the central bank, a state-run aircraft manufacturer,  the airport in Kiev and  the metro network have all been paralysed by the hack. In the UK, the advertising firm WPP said ...

  • HMS Queen Elizabeth is ‘running outdated Windows XP’, raising cyber attack fears

    June 27, 2017

    Fears have been raised that Britain’s largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. As HMS Queen Elizabeth left its dockyard for the first time to begin sea trials, it was revealed the £3.5billion aircraft carrier is apparently using the same software that left the NHS exposed. Screens ...

  • Oil & Gas Industry Faces More Frequent & Sophisticated Cyber Attacks: Deloitte

    June 27, 2017

    Three out of four oil and natural gas companies fell victim to at least one cyber attack last year as hacking efforts against the industry become more frequent and sophisticated. That’s the finding from a report released Monday by industry consultant Deloitte LLP. Technology advances, such as Royal Dutch Shell Plc’s recent control of operations in Argentina ...

  • MPs lose email access as Parliament targeted in ‘sustained’ cyberattack

    June 25, 2017

    A cyberattack on MPs and Peers’ emails has prompted Parliament’s security team to shut down external access to its systems. An email sent to parliamentarians on Friday and shown to Sky News said: “Earlier this morning we discovered unusual activity and evidence of an attempted cyberattack on our computer network.” It claimed that “hackers were carrying out ...

  • Siemens Patches Vulnerabilities in SIMATIC CP, XHQ

    June 23, 2017

    Siemens patched two vulnerabilities in products commonly found in industrial control system setups this week. If exploited the flaws could allow an attacker to perform administrative actions or gain read access to sensitive data on affected systems. Siemens patched one issue (.PDF) on Tuesday and the other on Thursday (.PDF) this week. ICS-CERT, the Department of ...

  • AES-256 keys sniffed in seconds using €200 of kit a few inches away

    June 23, 2017

    Side-channel attacks that monitor a computer’s electromagnetic output to snaffle passwords are nothing new. They usually require direct access to the target system and a lot of expensive machinery – but no longer. Researchers at Fox‑IT have managed to wirelessly extract secret AES-256 encryption keys from a distance of one metre (3.3 feet) – using €200 ...

  • Virgin Media tells 800,000 users to change passwords over hub hacking risk

    June 23, 2017

    Virgin Media is advising more than 800,000 customers with a specific router to change their password immediately after an investigation found hackers could gain access to it. Virgin Media said the risk to customers with a Super Hub 2 router was small, but advised them to change both their network and router passwords if they were ...

  • Cisco tackling human element of security with cyber training course

    June 23, 2017

    With one of the most commonly cited threats to an enterprise being the human element, the Australian arm of Cisco is investing in cyber-focused courses to bring people up to date with the role they can play in preventing an attack. Speaking with ZDNet, Anthony Stitt, GM of Security for Cisco in Australia and New Zealand, ...

  • Cyber security ‘as important as physical security’

    June 23, 2017

    A key figure in American business has urged all companies to take the cyber security threat more seriously after chastising his own accountant for paying a ransomware demand. Jorge Fernandez, VP global commerce for the Metro Atlanta Chamber, said it is time that firms took the same care in cyberspace as they do when installing physical ...

  • Inspector gadget: how smart devices are outsmarting criminals

    June 23, 2017

    Richard Dabate told police a masked intruder assaulted him and killed his wife in their Connecticut home. His wife’s Fitbit told another story and Dabate was charged with the murder. James Bates said an acquaintance accidentally drowned in his hot tub in Arkansas. Detectives suspected foul play and obtained data from Bates’s Amazon Echo device. Bates ...

  • NSA Advocates Data Sharing Framework

    June 23, 2017

    The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...

  • Microsoft’s Private Windows 10 Internal Builds and Partial Source Code Leaked Online

    June 23, 2017

    A massive archive of Microsoft’s top-secret Windows 10 builds, and the source codes for private software has been reportedly leaked online, which could lead to a nasty wave of Windows 10 exploits, journalist at the Reg claims. The Leaked files – uploaded on BetaArchive website – contains more than 32 terabytes of data, which includes many ...