Issue 30 - Week of Sep 14th

1.       Target's legal woes continue to mount over its now-infamous data breach in 2013. Last week, a District Court judge in Minnesota ruled that Target was negligent in its credit card data security and is therefore liable to a class-action suit brought by banks affected by the hack. Following the initial hack and disclosure in 2013, Target came under scrutiny from the Justice Department and had its CEO step down in disgrace. The company has already paid Visa $67 million for the trouble and attempted to give MasterCard another $19 million, though that latter offering fell through.

2.       Former AT&T employees sued for fraudulently unlocking phones. In many markets across the world, service providers offer mobile handsets with a software lock installed which prevents the user from switching to competing networks. A US based company run by Prashant Vira, bribed 3 AT&T employees and installed malware in their computers, through which he could unlock any AT&T phone. AT&T says "hundreds of thousands" of phones were unlocked as a result of this malware. AT&T's charges include computer fraud, breach of loyalty and civil conspiracy.

3.       Raytheon|Websense* has been recognized by research and global advisory firm Forrester Research, Inc. as a leader for the TRITON AP-WEB with Web Cloud Module in the "Forrester Wave™: SaaS Web Content Security, Q2 2015,” report. Forrester's independent, 26-criteria evaluation ranked Websense among the highest scores for threat detection, automated malware analysis, and endpoint support, as well as the top score among all vendors in the reporting category. Websense also received among the highest scores in the Data loss prevention — discovery and analysis category, authentication and administration categories.

4.       AirDrop, Apple’s method for wirelessly transmitting data quickly, has a serious bug according to one security researcher. The problem relates to security certificates, when a business wants to deploy apps outside of the App Store, they ‘sign’ that software with an enterprise certificate. As of now - bad actors can trick the device into accepting a fake certificate, even if you never open an AirDropped file - this will give them root level access to the device. For now, it’s a good idea to restrict AirDrop to contacts only (or turn it off), and update to iOS 9 as soon as possible.

5.       The head of China's Cyberspace Administration, is holding a summit with US technology companies. He's expected to further press US technology companies operating in China to sign off on a pledge that they will comply with Chinese information security policies—potentially giving Chinese authorities direct access to user data. The terms of the pledge, which the New York Times reports requires companies to “promise they would not harm China’s national security and would store Chinese user data within the country." The pledge also goes further, pressing for systems to be “secure and controllable”—suggesting that companies may have to provide direct backdoors to systems for surveillance and provide the Chinese government with source code to their applications.

6.       Unpatched Android Lollipop devices open to lockscreen bypass bug  "There's an easy way to bypass the lockscreen in devices running Android 5.0 Lollipop - at least those which have not yet received the latest security update. Now that Google has released its September patch for Android Lollipop, which contained a fix for a lockscreen bypass, a security researcher at the University of Texas has detailed how to exploit the bug. The hack involves overloading the password field after opening the camera app from the lockscreen."

7.       3 out of 4 organizations admit they aren't 'resilient' to cyberattacks. The survey—conducted by the Ponemon Institute —asked more than 600 IT pros about their organizations’ “cyber resilience (The capacity of an enterprise to maintain its core purpose and integrity in the face of cyberattacks.)”, a mere 25% of respondents  rated their organizations as highly resilient,  two-thirds of respondents rated their organization’s ability to prevent a cyberattack as not high. And an ever greater share—68%—graded their ability to recover from cyberattacks as not high. In the face of cyberattacks on companies such as Sony Pictures, Hacking Team, Ashley Madison and countless others - the self-assuredness of security teams seems to be slipping.

8.       Why is cybercrime spreading rapidly? According to experts, one of main reasons is ease with which hackers can launch an attack - with the availability of Maas (Malware as a Service). Cyberattacks used to be the exclusive domain of seasoned professional cyber-criminals, but now MaaS allows non-professional hackers to buy or subcontract portions of complex and highly evasive multi-stage attacks needed to build and distribute malware. This changes the baseline of security - what was advanced last year is now basics. IT managers need to constantly enhance a company’s security posture to counter the continuously growing and evolving world of threats. Adopting a security posture that protects your data across the kill chain is essential, businesses need to move with the times and effectively protect the assets that keep them running and reputable.

9.       Idiot box no more an idiot for Indian Army - the idiot box could be spying on you. Emergence of smart television and its rapid use in the army have sounded the alarm bells as the army fears that these sets can be a threat to cyber security and can leak data from sensitive locations. The Cyber Security Division has also listed out some measures to mitigate the cyber threat - Disable built-in cameras and microphones, Disable the location setting feature, also web browsing through the smart TV should be avoided.

10.   Darknet is full of criminals. A darknet is an overlay network that can only be accessed with specific software, configurations, or authorization, often using non-standard communications protocols and ports. Two typical darknet types are peer-to-peer connection and anonymity networks such as TOR, which works via an anonymized series of connections. The Darknet is also a platform for new and innovative ways to commit crime. Empowered by the Darknet’s global reach and emboldened by the anonymity it offers, gamification and crowdfunding of crimes like murder and human trafficking represent an increasingly grim aspect of the Darknet.