Tag Archives: IoT

10Fold- Security Never Sleeps- 174

Microsoft claims Fireball malware enterprise security threat ‘overblown’

“Actions taken to quell threat perception”

Microsoft has public doubts about the Fireball, which has been touted as a serious concern for consumers and enterprises. Windows Defense researcher Hamish O’Dea has stated in recent reports that the cybercriminal campaign is “overblown.”

Japanese Honda factory hit with WannaCry ransomware

“Honda plant forced to halt production”

After the Sayama, Japan Honda plant was hit with WannaCry it was forced to halt vehicle production systems on Monday. After the discovery of the attack Sunday the Sayama plant stopped while other plants continued to maintain scheduled construction.

Improving The Customer Journey With IoT

“IoT is strongest tool for coherence with omni-tool CX strategies”

IoT has the power to track customer preferences, and 24/7 customer engagement. The present has never been more powerful and consistent for IoT systems, providing a bright future for the future of the technology.

Two Britons arrested over Microsoft hack

“Alleged plans to access Microsoft”

Two men, aged 22 and 25, were detained by police on Thursday in regards to their plan to infiltrate Microsoft networks. There is evidence that the two men had attempted repeatedly to access the systems between January and March this year.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 165

WannaCry ‘Highly Likely’ Work of North Korean-linked Hackers, Symantec Says

“Lazarus hacking group suspected”

One of the most debilitating ransomware attaks in recent memory was almost certainly the work of North-Korean linked hacking organization ‘Lazarus,’ security group Symantec claims. The suggestion was based on information that the tools and infrasturcture of the program are similar to that of previous Lazarus projects.

Russian Hackers Infected 1 Million Phones With Banking Trojan

“Over 20 suspects involved”

Russian Interior Ministry authorities announced that a major cybercriminal gang has been disbanded on Monday. This paricular group had been responsible for almost $900,000 from banking instituions after the infection of over one million Android devices. The group leader is believed to be a 30-year-old in Ivanovo, however members are spread through at least five regions of Russia.

Hackers easily trick scanner to unlock Samsung Galaxy S8

“Concerns of featured security measure”

Samsung has been touting their new iris recognition technology as ‘virtually impossible’ to replicate, advertising it as the new flagship S8 security feature. However the hacking group Chaos Computer Club (CCC) has had a differnet story to tell about the new phone’s technology. The organization has claimed that it has easily defeated the feature with just a camera, printer, and a contact lens.

Emerging Threats to Add to Your Security Radar Screen

“New tech promises even more complex defense in the future”

The technology of the future, such IoT and machine learning devices, promise to increase productivity to points never before imagined. However, they also promise to make security threats even more broad than they currently are. As more and more businesses across all fields employ the technology, the vulnerabilities continue to spread with them.

10Fold- Security Never Sleeps- 158

Mysterious Hajime Botnet Grows to 300,000 IoT Devices: Kaspersky

“About 300,000 devices already captured”

Kaspersky Labs security researchers has revealed that a new botnet malware emerging in October of last year, Hajime, has been busy ensnaring thousands of IoT devices. This new strain came on the scene around the same time we saw the Mirai attacks and targets devices in the same way without using them for DDoS processes.

Chipotle Investigating Payment Card Breach

“Unauthorized activity recently detected on network”

Popular restaraunt chain Chipotle Mexican Grill informed its recent customers on Tuesday that the company’s payment archives from its over 2,000 locations may have been breached. With an investigation ongoing, the information being made to the public is still limited.

Game guide malware ‘targeted more than 500,000 users’

“Popular mobile games affected”

App based game guides that include some of the most popular programs have been used to attack over half a million Android users. Google Play harbors the applications responsible for the malware, with researchers at Checkpoint reporting that the apps project unwanted ads and other issues to users.

Web Attacks Decline, Ransomware Attacks Surge

“More efficient and lucrative attacks developed”

New ransomware attacks on end users have been detailed by Symantec’s annual Internet Security Threat Report. The report shows the effects of cyberattacks on intended victims as well as the growing trend in ransomware attacks, up 36% last year.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 156

CradleCore Ransomware Sold as Source Code

“Malicious software making the rounds on underground forums”

Forcepoint security researchers have found a new ransomware, CradleCore, circulating in cybercriminal markets online. CradleCore has a customizable source code, breaking from the usual RaaS ‘business model’ that is common to similar programs.

Sneaky Exploit Allows Phishing Attacks From Sites That Look Secure

“Constantly evolving malware causes increasing concern”

Phishing attacks have long been a tool of cybercriminals online, and they’re getting worse than ever before. A recent example of this is a new exploit allows what would otherwise be recognized as untrustworthy sites to a safe URL, bypassing many security systems that would otherwise block malicious actor.

IoT malware clashes in a botnet territory battle

“Rival malware emerges to notorious Mirai”

Security researchers have identified a competitor to the Mirai botnet malware responsible for the crippling of several high profile websites. The up-and-comer is capable of commandeering low security IoT devices with greater effectiveness than its counterpart, a worrying fact to researchers as well as users.

 

10Fold- Security Never Sleeps- 152

Malware Allows Remote Administration of ATMs

“Software allows for ejection of cash”

Kaspersky Labs has recently revealed malware code that is capable of remotely gaining administration functions of ATM’s. This was discovered after a Russian bank was targeted by cybercriminals, who used the malware to access several ATM’s. The code was not deleted after the theft, however, leaving pieces for researchers to analyze and ascertain how the code was developed.

New RAT Uses Sites for Command and Control

“Well trafficked sites largely affected”

Talos researchers are now saying that popular and legitimate websites are now being used by ‘ROKRAT’ for data exfiltration. Distributed via email, ROKRAT uses a HWP document to target victims in Korea. The phishing attacks feign legitimacy by faking a reputable senders email, such as the contact email of the Korea Global Forum in several instances.

How an IoT DDoS warning system helps predict cyberattacks

“Current defensive measures limited”

DDoS attacks are devestating for victims by preventing any traffic for their website, however require comparatively little resources for malicious actors. Preventive measures are currently in use by many sites, but are not always sufficient in protecting small or medium level firms and other organizations.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 147

“Huge security hole in many products”
The second largest world producer of IoT devices, Dahua, has released a software update that has gaping security deficiencies in several of popular products including DVR’s and cameras. These internet connected gadgets are vulnerable to login bypasses and remote access to various systems. Additionally, code is available online that would allow exploitation of massive numbers of these types of ‘smart’ devices online by one user, creating DDoS attack concerns among security researchers.
“General technology concerns ease”
The stockpiling of zero-day vulnerabilities by various intelligence agencies to use in offensive capabilities for cyber battle is not quite as dangerous as once predicted, says a new RAND study. Tactical benefits accrued from the collection of the data result in greater outcomes from public disclosure.
 
“Malicious software not part of official ROM”
Check Point Software Technologies posted a blog last Friday detailing the installation of malware of several android devices sold to two firms. The malware was added somewhere along the supply chain, but was not included by the official ROM made by the manufacturer. Many of the phones affected with a ROM using system privileges, meaning that a complete re-installation of all software programs to remedy the problem.
Enjoy your read? Check out our other content here.

Trends 2017: Big Data Adds Big Intelligence and Bigger Learning

While it’s too early to say that Big Data is all grown up, it is mature enough to have spawned a number of new and very interesting offspring. As Gartner analyst Betsy Burton explained in late 2015 when she removed Big Data from the firm’s Hype Cycle, “Big Data has quickly moved over the peak of inflated expectations and has become prevalent in our lives across many hype cycles.”

Big Data is now a fundamental basis of several emerging technologies including the IoT, self-driving vehicles, artificial intelligence (AI), machine learning, deep learning, and augmented (AR) and virtual reality (VR). It has moved beyond elemental data into more sophisticated areas such as image recognition and correlation, and natural language querying systems such as AI-based personal assistants.

The Big Data category is evolving so rapidly it’s difficult to say where it will be at year’s end but strong trends are evident. 10Fold has a dedicated Big Data team that has been driving and closely tracking its evolution, and below is a short list of some of the important trends we see for 2017.

Data Democratization

Delivering ease of use and understandable analytics to people who are not data engineers or scientists is evidence of the industry’s maturity, a key to its growth, and increases ROI via simplification. Improvements in data processing and cloud apps and services, including BDaaS and STaaS, have delivered simple and sometimes free tools that make Big Data results easier to access. The cloud is now the main means of implementing most Big Data initiatives, allowing users to specify the needed storage and compute by spinning up databases for apps and data warehouses in mere minutes, at minimal cost, and without the all the previous physical hassles of configuration. This year and the coming decade will see more from the next level of data democratization, and one that is born of Big Data itself, with VR- and AR-based data interaction capabilities providing an immersive and further simplified experience.

IoT, Big Data – and Blockchain?

IoT perfectly exemplifies Big Data, delivering constant generation of unstructured data from a variety of sources. IoT is hot, but it also expands the attack surface among a variety of new vectors. Interestingly, media and analysts alike see blockchain technology growing beyond its financial origins to impact Big Data and as a potential remedy for IoT’s security issues. Blockchain’s relevance comes from its distributed ledger capabilities that hasten communications, its encryption, and from its unalterable nature. If these capabilities can be successfully applied to IoT and across other distributed Big Data systems, then not only will they speed and improve performance, but will greatly reduce risks.

AI Continues Learning

According to IDC’s 2017 predictions, “by 2019, 40 percent of digital transformation initiatives and 100 percent of IoT initiatives will be supported by AI capabilities.” AI provides timely analytics from Big Data and is especially useful with unstructured data by rapidly sifting through and identifying which data are most relevant for specific use cases. AI has morphed into a variety of new applications including machine learning, deep learning, neural networks, cognitive computing, image recognition, speech recognition and natural language processing just to name a few.

Feeding Big Data’s analytic output back into the system so the database learns from itself creates an iterative process that is the main tenet of machine learning, with AI hastening that process. Cognitive solutions that leverage AI are particularly useful by providing explanations, recommendations, and informing future actions or outcomes via their predictive nature.

While the predictive nature of these solutions positively impacts a variety of industries, it is especially useful in the most critical area to us all—healthcare. Using AI and other learning technologies to harness Big Data sources such as genomic sequencing, imaging analytics, medical devices (IoT), and data from medical records can deliver decision support capabilities enabling: health risk predictions; prevention of hospital readmissions; and faster decisions for improved patient outcomes. As proof of its importance, industry giants including Microsoft, SAP, Dell Services, IBM, Google and others have invested heavily in healthcare with the goal of applying machine learning strategies to complex problems such as cancer research.

Better Than Humans and Accelerating

Recently published results from experiments at Google’s Brain and DeepMind artificial intelligence research groups, OpenAI, MIT and UC Berkeley indicate AI software can design machine-learning systems with better results than those designed by humans. This has powerful implications such as: reducing market demand/stress for AI engineers that are in low supply; accelerating the pace at which machine-learning software is deployed; and reducing the amount of required data consumed for a system to perform (learn) a task well—with the last two further accelerating the pace of machine-learning’s evolution.

The pace of innovation enabled by Big Data and its various intelligent and self-learning spawn is so rapid and widespread that its outcomes may be impossible for mere humans to predict, though perhaps AI and the learning systems themselves will have an answer soon. One thing is for sure, at this pace we won’t have to wait long for the results.

Event Summary
BDH 2017 - 10Fold - WIKIBON - INVITE - FINAL
Event Details
This is an intimate luncheon with a select group of data scientists and big data industry executives to discuss trends such as AI and machine learning. Join this small group of forward thinkers in discussing how these new technologies will fundamentally change how we interact with data and change entire industries. Held during Strata + Hadoop World SV in San Jose, this event provides an opportunity to look ahead beyond the hype. Wikibon’s Lead Big Data & Machine Learning Analyst George Gilbert will help lead discussion at the roundtable.


Event Registration
Register Now

10Fold- Security Never Sleeps- 133

Trojan Malware Blamed for Health Cyberattack 

“Targeted hospital computer systems forced offline”

Barts Health NHS Trust computer systems were taken offline by cybercriminls with a Trojan malware program on Friday. Nearly all department systems, even those unaffected, were set offline as a precaution. How the infiltration entered into the network is still undisclosed.

Yahoo hack compromised accounts of over 3,000 Australian government officials

“Largest known data breach of its kind”

The victim count of a massive cyberattack on Yahoo has risen to over 3,000 Australian government officials. High profile positions such as MP’s, judges, and federal police were among those compromised, exposing a large amount of high risk information to cybercriminals. Security firm InfoArmor has released information that an Eastern European hacker collective “Group E” stole data from Yahoo in 2013, and the Department of Defence was apparently notified of this fact in October of last year. The breach has prompted Malcolm Turnbull, the Australian Prime Minister, to begin to probe the incident.

Fighting cybercrime using IoT and AI-based automation

“Murder case gains ground with new tech”

Detectives investigating a murder in Arkansas were able to pull valuable data off a smart meter, measuring 140 gallons of water in the early hours of the morning. This was far more than the home had ever been used before, possibly providing the time of death and attempts to conceal evidence.

Firefox Update Will Kill This Sneaky Tracking Technique

“Captures information in ‘browser fingerprinting'”

A new Firefox patch will probe for various softwares that use pieces of information that are indicative of whether or not the actual owner of the computer is using it. Some surprising factors, such as screen resolution, interface language and plug-ins, are actually quite accurate in recognizing the correct user.

10Fold- Security Never Sleeps- 129

Russian Hackers Run Record-Breaking Online Ad-Fraud Operation

“Over 5 million stolen per day”

Russian cybercriminals have been found to be responsible for a fraud operation that is conducted by posing as over 6,000 different big name websites and generating fake ad impressions. Among those affected are The Huffington Post, Fortune, Fox News, and ESPN.

Cyberattack suspected in Ukraine power outage

“Automation control systems, more affected at Northern Substation”

A complete power loss in a power station near Novi Petrivsi resulted in a massive lack of delivery to the Northern Kiev area. The attack was consistent with a cyber breach, with the culprit unknown as of yet and security concerns rising.

What Obama Said to Putin on the Red Phone About the Election Hack

“U.S. president speaks with Russian leadership over influence in domestic politics”

President Obama is reported to have taken official deterrence steps with Vladimir Putin over the course of the 2016 presidential elections, officials reported to NBC News. Obama apparently decided to leave the option out of election meddling as an act of war after urging from advisers, but spoke with Putin at the G-20 summit in China in September.

IoT could be our downfall

“Average data breach value is roughly $4 million”

Serious security exposure from various risks in data systems is an ever-increasing threat for firms. Reputational and financial damage can level a company, particularly with the failure to comply with new regulations and procedures that are involved with personal data.

Enjoy your read? Check out our other content here.