Information Security & Occasional Forays Into Adjacent Realms
via the Massachusetts Institute of Technology's MIT Technology Review, comes this superlative piece of artificial intelligence (PDF) reportage. In this case, a particularly dystopian view of AI algorthmical underpinnings - illustrating the profound lack of foresight (inclusive of comprehension) in the utlility of those algorithms. Today's Must Read, Enjoy.
The inimitable Pete Herzog's 'Favorite Blames' post (via LinkedIn) is today's MustRead. Really terrific.
Malware on mobiles, And crim'nals on networks, Password as passwords, bruteforcing for guess-work, Fake compressed files in pirated games, These are a few of my favorite blames. - via Pete Herzog
Outstanding interview ov Jintai Ding, Ph.D. (Author of Post-Quantum Safe Crypto Algorithm and PAKE Protocol) by Chris Daly Security Architect (and Founder) of ActiveCyber. Enjoy.
via Phys.org, comes a brief news item targeting the trojan exploit dubbed 'Adylkuzz', and it's mining feature. Additionally, read the highly detailed Proofpoint post, of which, contains the true gist of this trojan, as it were..
'Instead of completely disabling an infected computer by encrypting data and seeking a ransom payment, Adylkuzz uses the machines it infects to "mine" in a background task a virtual currency, Monero, and transfer the money created to the authors of the virus.' - via Phys.org
In an outstanding thought piece over at SecurityCurrent, Cybersecurity Attorney Mark Rasch answers questions revolving around the latest Microsoft Corporation (NasdaqGS: MSFT) related code exploit WannaCry (and it's minor variant dubbed WannaCry 2.0); more specifically - are lawsuits a reasonable method to mitigate or transfer the risk of Ransomware Attacks like WannaCry.. Hat Tip to Gadi Evron, Founder and CEO at Cymmetria. Today's MustRead.
"update: A minor variant of the virus has been found, it looks to have had the killswitch hexedited out. Not done by recompile so probably not done by the original malware author. On the other hand that is the only change: the encryption keys are the same, the bitcoin addresses are the same. On the other hand it is corrupt so the ransomware aspect of it doesn't work - it only propagates." - via Rain-1 on GitHub
The National Institute of Standards and Technology (NIST) National Center for Cybersecurity Excellence (NCCOE) has released it's latest draft medical device related security document, entitled 'NIST Special Publication 1800-8 Cybersecurity Special Publication 1800-8 Securing Wireless Infusion Pumps - In Healthcare Delivery Organizations'. Authored by Gavin O'Brien, Sallie Edwards, Kevin Littlefield, Neil McNab, Sue Wang and Kangmin Zheng - the document is available as either a PDF or web-based artifact. Enjoy.
"Medical devices, such as infusion pumps, were once standalone instruments that interacted only with the patient or medical provider. With technological improvements designed to enhance patient care, these devices now connect wirelessly to a variety of systems, networks, and other tools within a healthcare delivery organization (HDO) – ultimately contributing to the Internet of Medical Things (IoMT)." - via the National Center for Cybersecurity Excellence (NCCOE)
John Leyden, writing at El Reg, tells the tale of the latest ATM SNAFU. All based on CVE-2017-6968... Astonishing, indeed.
"To exploit the vulnerability, a criminal would need to pose as the control server, which is possible via ARP spoofing, or by simply connecting the ATM to a criminal-controlled network connection," said Georgy Zaytsev, a researcher with Positive Technologies. "During the process of generating the public key for traffic encryption, the rogue server can cause a buffer overflow on the ATM due to failure on the client side to limit the length of response parameters and send a command for remote code execution." - via John Leyden, at El Reg
Infosecurity.US wishes to extend our hearty best wishes to the State of Israel on the occasion of their sixty-ninth Independence Day!
via Charlie Demerjian, writing at SemiAccurate, tells the tale of probably the single most egregious flaw in Intel Corporation (Nasdaq: INTC) products discovered to date. Reportedly, all Intel Corporation products, from 2008 till the present (Nehalem to Kabylake) possess the remote and local exploitable flaw. Hat Tip Update: Now Fixed.
News - via El Reg writer Simon Sharwood, of new capabilities within Kali Linux distro (version 2017.1). The standout addition: The leveraging of cloud-based GPU infrastructure to crack pasword objects. Outstanding.