The Friday Tech Takeaway - 18.08.17
US Government changes it’s tune about Malewaretech (Marcus Hutchins): There appears to have been a dramatic change in the US government’s attitude regarding Marcus Hutchins. At his Las Vegas hearing his appearance at a tourist-focused gun range was used in an attempt to deny him bail, but now the government appears to be lifting many of the restrictions on his release conditions. Hutchins will be able to live in Los Angeles, where his other attorney, Brian Klein, is. He will be able to continue working. He can travel throughout the US, though he cannot leave the country (though his defense tried to get him released to the UK).
NIST password guidelines discredited by their creator: Back in 2003, as a midlevel manager at the National Institute of Standards and Technology (NIST), Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly. Bill Burr, who is 72 years old and retired said that “Much of what I did I now regret.” https://pages.nist.gov/800-63-3/sp800-63b.html
Ransomware Hits LG Self-Service Kiosks Across South Korea, Possibly WannaCry: Representatives of LG South Korea said on Wednesday that a mysterious ransomware strain has infected self-servicing kiosks at various service centres across the country. Staff installed updates on kiosks where the ransomware had not managed to encrypt data. This suggests that self-servicing kiosks were left without updates. MS17-010 is the security bulletin system administrators had to install.
Facebook Doles Out $100K Prize for Internet Defense Prize: A team of researchers has been awarded $100,000 from Facebook for their work in detecting spear-phishing attacks. The researchers came up with a method of detecting spear-phishing in corporate networks that doesn't trigger a large number of false positive alerts, according to Facebook.
Two Critical Zero-day flaws in Foxit PDF reader: Security researchers have discovered two critical zero-day security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in the Safe Reading Mode. The first vulnerability (CVE-2017-10951) is a command injection bug discovered by researcher Ariele Caltabiano working with Trend Micro's Zero Day Initiative (ZDI), while the second bug (CVE-2017-10952) is a file write issue found by Offensive Security researcher Steven Seeley. http://thehackernews.com/2017/08/two-critical-zero-day-flaws-disclosed.html
Unpatchable flaw in modern cars allows hackers to gain control: Car hacking is a hot topic, though it is not new for security researchers who hack cars. A few of them have already demonstrated how to hijack a car remotely, how to disable car's crucial functions like airbags, and even how to remotely steal cars.
'Pulse Wave' DDoS Attacks Emerge As New Threat: Instead of using a DDoS botnet to direct a sustained stream of denial of service traffic at a single target, some attackers are now using their attack infrastructure to direct short bursts of traffic at multiple targets - an assault dubbed pulse wave attacks.
UK.gov is hiring IT bods with skills in ... Windows Vista?! Strictly speaking the role is with an agency rather than the Almighty Government itself, but the Technical Architect vacancy specifies competency in “Windows 2003 Server (R2), 2008, 2012, 2016, XP, Vista Windows 10 build, configuration and implementation”.
Computers and smartphones used as sonar-like tracking system: New research published this week by researchers from the University of Washington shows how an attacker could track a user's movements using speakers and microphones that come with computers, laptops, tablets, smartphones, and other devices. The attack — nicknamed CovertBand — relies on embedding a high-frequency audio signal in mundane audio recordings like music tracks, movies, or others. http://musicattacks.cs.washington.edu/activity-information-leakage.pdf
North Korean Cyberspies Target US Defence Contractors Following Nuclear Threats: While Trump threatened North Korea with nuclear retaliation on Twitter, Lazarus Group — believed to be a division of North Korea's state intelligence — has been busy sending specially crafted spear-phishing emails to employees at US defence contractors. The emails come with attached Word documents that pose as job role descriptions and internal policies. https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/
Four Suspects Arrested in India for Leaking Game of Thrones Episode: The Game of Thrones leak happened on August 4, when the suspects allegedly uploaded episode 4 on Vidme, Google Drive, and The Pirate Bay, two days before the episode's scheduled release on HBO, on August 6. Only two of the four suspects were named. Police say all worked for Prime Focus Technologies, one of Star India's digital broadcasting partners. On its website, Prime Focus Technologies describes itself as a "Netflix Preferred Vendor."