STE WILLIAMS

Black Hat Europe returns to London next month, bringing with it a smorgasbord of opportunities for infosec experts to hone their skills and master new ones.

Security researchers continue to unearth important vulnerabilities in modern devices and operating systems, and Black Hat Europe’s lineup of Arsenal tools, Briefings, and in-depth Trainings will equip you with the sought-after skills necessary to deal with those threats.

In Coalfire’s Adaptive Penetration Testing Training, you’ll gain practical experience and a solid framework for conducting in-depth security assessments. The bulk of this course is spent in a fully operational lab environment, overcoming real-world obstacles faced in today’s enterprise networks. Trainers cover the tactics, techniques and procedures (TTPs) successful penetration testers use to provide comprehensive and efficient security assessments in a variety of enterprise environments. Methods presented are based on TTPs refined by penetration testers’ operational experience.

Supercharge your hacking skills with Advanced Infrastructure Hacking – 2019 Edition (2 Day), a fast-paced version of the original four-day class, cut down to two days. To fit the entire training material into two days, some of the exercises have been replaced by demos, and students receive a free month lab access to practice each exercise. Whether you are penetration testing, red teaming or trying to get a better understanding of managing vulnerabilities in your environment, it is critical that you understand these  advanced hacking techniques. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern operating systems and networking devices!

Dive deep into the ins and outs of malware traffic in Advanced Malware Traffic Analysis: Adversarial Thinking. This intensive hands-on training will give the experience and knowledge of understanding malware behaviors on the network. You’ll get the experience and methodology to recognize malicious connections, how to distinguish normal from malicious behaviors, how to recognize anomalous patterns, and how to deal with large amounts of traffic.

Black Hat Europe’s many Briefings will equip you with cutting-edge techniques and know-how that can help you perform better. For example, in a Briefing on Eternal War in XNU Kernel Objects Alibaba experts will perform a systematic assessment of recently proposed jailbreak mitigation strategies by Apple that demonstrates how  most of these defenses can be bypassed through corrupting unsafe kernel objects.

Under the SEA – A Look at the Syrian Electronic Army’s Mobile Tooling will highlight the most recent expansion of the tools of the Syrian Electronic Army (SEA), which are now known to include an entire mobile surveillanceware family (SilverHawk). This is the first time a family of mobile surveillanceware has been directly attributed to the SEA with high certainty, highlighting a new stage in the group’s technical evolution. To date, SilverHawk has been identified in over 30 trojanized versions of many well-known apps, including Telegram, WhatsApp, Microsoft Word, YouTube, and the Guardian Project’s Chat Secure app.

Of course, mobile applications are critical when it comes to vulnerabilities in a production environment. The Black Hat Europe Arsenal demo of Mafia: Mobile Security Automation Framework for Intelligent Auditing will show how you can automate manual security testing and leverage developers with a tool that helps them identify bugs well in advance. The goal of MAFIA is to perform end-to-end security testing for a given mobile app, and create a self-serve tool for developers and security engineers.

If you’re interested in Android malware, Uitkyk: Identifying Malware via Runtime Memory Analysis purports to be the first Android framework that allows for its implementers to identify Android malware according to the instantiated objects on the heap for a particular process. Uitkyk does not require the APK of the application to be scanned to be present to identify malicious behavior, but instead makes use of runtime memory analysis to detect behavior which normally cannot be identified by static analysis of Android applications.

Plus, the Arsenal demo of APKiD: “PEiD” for Android Applications will reveal how APKiD can (like PEiD) give information on how an APK was built by fingerprinting compilers, packers, obfuscators, and protectors. The main idea behind the tool is to help provide context on how the APK was potentially built or changed after it was built. This is useful context for attributing authorship and finding patterns!

Black Hat Europe returns to The Excel in London December 3-6, 2018. For more information on what’s happening at the event and how to register, check out the Black Hat website.

Article source: https://www.darkreading.com/black-hat-europe-london-learn-how-to-unearth-critical-vulnerabilities/d/d-id/1333200?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Another day, another hack. Whether it’s a baby monitor used to spy on mother and child, or an FBI warning to reset home wireless routers due to Russian intrusion, the question continues to be: What’s next?  

Internet of Things (IoT) devices are part of both our work and personal lives. Unfortunately, building security into these devices was largely an afterthought — the ramifications of which we are now seeing on a near-daily basis. However, let’s look beyond the headlines at the hidden costs of IoT security vulnerabilities. These fall into five categories: device security, intellectual property (IP) protection, brand protection, operational cost containment, and user experience.

Device Security
Once hacked, some devices can do a disproportionate amount of physical damage. It all depends on the degree of criticality to the nation-state, community, or individual.  

The agriculture industry, for example, is as valuable to a country as any other strategic asset, such as utilities, finance, or communications. Many big farms today are automated via field sensors and autonomous vehicles. Let’s imagine that someone hacks the sensors to erroneously indicate that the corn is ready to be cut, even though it’s three months too early. Or that a hack signals an autonomous tractor to spread too much fertilizer, burning and causing the loss of an entire crop. This potentially catastrophic hack, as well as the corresponding financial losses or risk to the nation-state and its citizens, seem endless.

It is highly recommended that you closely examine the security of your IoT devices via the lens of worst-case scenarios. Ensuring the integrity of the data coming from your remote sensors is especially important because this data drives automated decisions with long-term implications.  

IP Protection
It’s astounding how many organizations will spend millions of dollars on RD and then put that valuable intellectual property on an insecure IoT device. In this case, a hack could mean the end of your business.

Now, let’s presume that you are investing heavily in building sophisticated algorithms to enable machine learning, artificial intelligence, or facial recognition. As you look to deploy these proprietary algorithms for use in an IoT device, you are ultimately left with two choices: 1) Protect the algorithm in the cloud, forcing the IoT device to run back-and-forth to run the process and adversely affecting the customer experience, or 2) install the algorithm into the OS stack on the IoT device and risk a hack that steals your algorithm — essentially making you toss your entire RD investment into the wastebasket.  

Brand Protection
Apathy and inertia are creating a sense of “hack numbness,” though the consequence of turning a blind eye depends on where you sit.  

Let’s say you make devices that help protect or enhance the life of children, with cameras or microphones that are always on and always watching. Consider a hack on these devices, and the misuse of the information they have access to, now being consumed by unsavory characters.  

This is a brand killer. No matter how noble your IoT device and its application, if you cannot protect children, the market will make sure your future is cut short.  

Consequently, security can’t be ignored because you became numb to attacks. This is especially true if you’re in a business that requires your IoT devices to gather sensitive information. Couple this with an emotionally invested customer base, such as users of child-monitoring devices, and a hack will mean the end of your business.

Operational Cost Containment
Satellite time is expensive. Within the broadest construct of the many new IoT devices, some will have a component that relies on satellites for data communication. It does not need to be said (but I’ll say it anyway) that satellite time is a very expensive path for data backhaul.   

Imagine a hack where a botnet starts a distributed denial-of-service attack on a music-streaming server, which then causes the IoT device to start rapidly and overwhelmingly pinging the music streaming service. As the IoT device is battery powered and using satellite for its backhaul, every ping now statistically shorts the life of the IoT device.  

This scenario serves as a double whammy of cost containment. If you’re leveraging satellites in your IoT strategy, you must examine where potential vulnerabilities are because they could affect your overall costs of operation and maintenance.

User Experience
As the saying goes, everyone has been hacked, but there are some who don’t know it yet. While there may be no disruption of service at the time of a hack, what happens when there is some type of glitch?  

Let’s imagine that you get up one morning and ask Alexa to open the blinds, but they don’t open. Now you have to check if there’s Internet service into the house, and then confirm that the Wi-Fi network is broadcasting and that Alexa is enabled properly, and, finally, you have to ensure that the app for “my blinds” is connected and working. Considering how much time this could take, it would be quicker to get out of bed and just open the blinds manually.  

Consequently, adding a path to ensure that the original code base is not corrupted through attestation, we can minimize the impact on the user with a highly secure device update, but the hidden cost is the impact on their time.  

Conclusion
The world is catching on to the idea that IoT device security is of paramount importance. Frankly, if end users were affected in a meaningful way (say, something involving their TVs) through one significant hack, the demand for security would become “top of mind.” The question is how many of these hidden costs will affect organizations while we work toward a more secure ecosystem.

In my opinion, embedding security in the IoT ecosystem can’t come soon enough.

Related Content:

• 7 Serious IoT Vulnerabilities
• IoT Bot Landscape Expands, Attacks Vary by Country
• New Report: IoT Now Top Internet Attack Target
• A Cybersecurity Weak Link: Linux and IoT

Black Hat Europe returns to London Dec. 3-6, 2018, with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

Carl Nerup’s experience is a powerful mix of proven marketing and sales leadership and strategic execution. He provides advisory services to numerous companies in the high-technology and telecommunications industries as well as nonprofit organizations and graduate … View Full Bio

Article source: https://www.darkreading.com/attacks-breaches/hidden-costs-of-iot-vulnerabilities/a/d-id/1333175?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

When it comes to spam election email, President Trump is winning by a landslide: His last name appears in the most phony email messages using the midterm elections as a lure.

Proofpoint, which has been searching and studying spam subject lines for political names and topics since Sept. 27, found that the term “Trump” was, by far, the most used name in spam subject lines. When searching for political party-related terms, “Trump” was nearly five times more prevelant than the second-most used term, “Democrat,” and 10% more often than all search terms combined.

While Trump trumped all terms, “Cruz” and “Pelosi” were the most-used subject line terms for congressional names in spam. 

Read the full report here. 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/vulnerabilities---threats/trump-tops-election-spam-subject-lines/d/d-id/1333205?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

The idea and concept of Smart Cities is certainly gaining traction. Cities around the world are already investing in trials, testbeds and in many cases operational system deployments such as smart energy, smart lighting, smart parking; the list goes on…

The motivation in driving Smart Cities forwards lies with the promise of increased operational efficiency and the ability to use vast amounts of data captured by sensors and systems to improve the quality and provision of services and welfare to citizens. However, much of the marketing around Smart Cities is expectedly optimistic and often has little to no reference to security. As Smart City subsystem rollouts continue around the world with complicated interconnections to a myriad of other networks and orchestration systems that seek to govern and control the underlying city, this begs the question: “How do we test or assure the security of an entire city?”

At NCC Group we are answering this exact question through a dedicated research programme on Smart City security testing. Leveraging the expertise of our global hardware practice in the work that they do on IoT and embedded systems, we are researching the various protocols and systems that will underpin Smart Cities; developing tools and testing techniques and fleshing out methodologies for repeat and consistent testing and validation of Smart City security. For example, we have recently completed an in-depth study of LoRaWAN, a low-power, long-range protocol ideal for sensors that will be deployed around Smart Cities and will need to be operational with little to no maintenance for long periods of time. Using Pycom LoPy4 devices we have developed a full LoRaWAN testing capability which includes scanning, interception and interrogation capabilities. We are now building on this capability to include support for other Smart City protocols such as NB-IoT.

With our tooling and methodology we are able to drive around Smart Cities and enumerate sensors and devices. This is a key initial step in Smart City security testing as it allows us to map out the technology landscape and enumerate the technical function and capability of devices found. Each device in a Smart City, no matter how small or seemingly insignificant, poses a potential attack vector into the Smart City network, or at least provides a method to potentially corrupt and manipulate sensing data in ways that might cause onwards disruption to services. The ability to geo-locate sensing equipment is likely to be a goal for attackers –  given physical access to these devices it may be possible to perform all manner of tampering and hardware-based attacks.

In addition to looking at the security of edge and end-node devices we are also surveying Smart City orchestration and general unified IoT connection software. The ability to take full control of these applications could allow attackers unfettered control of an entire Smart City – suddenly “root shell” becomes “root city” – a sobering thought.

Want to get involved in researching and testing IoT and Smart City technologies? Please do get in touch – https://www.nccgroup.trust/uk/about-us/careers/current-vacancies/

Article source: https://www.darkreading.com/black-hat/smart-city-security-testing-research----tooling----methodology----go!/d/d-id/1333197?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

It’s two-for-Monday, with Symantec announced the acquisitions of a pair of privately held companies: Appthority and Javelin Networks.

Appthority’s mobile application security analysis technology will be incorporated into Symantec Endpoint Protection Mobile (SEP Mobile), which Symantec acquired in 2017 when it purchased Skycure. Appthority’s capabilities will boost Symantec customers’ ability to analyze mobile apps for anything that could be considered malicious or unwanted.

Appthority, founded in 2011, was a Symantec Ventures portfolio company. According to Symantec, the acquisition is effective today.

In addition, Javelin Networks today joins Symantec’s endpoint security business. Its software defends against Active Directory attacks by detecting misconfigurations and backdoors and helping to prevent reconnaissance and credentials misuse by authorized devices and applications.

Read here and here for more.

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/vulnerabilities---threats/symantec-acquires-appthority-and-javelin-networks/d/d-id/1333199?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Pixabay

You might look at an old fax machine or dusty printer and just see out-of-date technology that you can’t even use to send email. You might look at the company mailroom as just a place to collect unsolicited junk mail you’ll soon throw in the trash. Attackers may see something different: vulnerabilities, often ignored by your security department. Cyberrattacks on non-computer vectors are more common than you think. 

For example, Check Point Software Technologies research on all-in-one machines this August found vulnerabilities in the popular HP Officejet Pro All-in-One fax printers. According to the Check Point research, the same protocols are also used by many other vendors’ faxes and multi-function printers, and in popular online fax services such as fax2email, so it’s highly possible that these are also vulnerable to attack by the same method. While not the most modern technology, 62 percent of respondents to a Spiceworks survey in 2017 said that they are still supporting physical fax machines, and 82 percent of respondents to an IDC survey reported that their use of faxing actually increased in 2017. Faxes especially are still widely used in the healthcare, legal, banking, and real estate sectors, where organizations store and process vast amounts of highly sensitive personal data. 

That’s just one example of the often overlooked attack vectors on systems and environments not used for traditional computing. Read on for more.

In developing this feature, we talked to security researchers at InGuardians and IOActive, two companies that specialize in penetration testing, to help businesses uncover network vulnerabilities. We talked with Tyler Robinson, senior managing security analyst and head of offensive services at InGuardians; and John H. Sawyer, director of red team services at IOActive.

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Article source: https://www.darkreading.com/vulnerabilities---threats/7-non-computer-hacks-that-should-never-happen/d/d-id/1333194?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple