Category: Blog

Self-Encrypting Drives Have Multiple Vulnerabilities

storage sed

Vulnerability Note VU#395981

There are multiple vulnerabilities in implementations of ATA Security or TCG Opal Standards in Self-Encrypting Disks (SEDs), which can allow an attacker to decrypt contents of an encrypted drive.

There is no cryptographic relation between the password provided by the end user and the key used for the encryption of user data. This can allow an attacker to access the key without knowing the password provided by the end user, allowing the attacker to decrypt information encrypted with that key.

According to National Cyber Security Centre – The Netherlands (NCSC-NL), the following products are affected by CVE-2018-12037:

 

  • Crucial (Micron) MX100, MX200 and MX300 drives
  • Samsung T3 and T5 portable drives
  • Samsung 840 EVO and 850 EVO drives (In “ATA high” mode these devices are vulnerable, In “TCG” or “ATA max” mode these devices are NOT vulnerable.)

Read more…

 

 

SamSam Ransomware – Alert (AA18-337A)

uscert

The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, this report provides recommendations for prevention and mitigation.

The SamSam actors targeted multiple industries, including some within critical infrastructure. Victims were located predominately in the United States, but also internationally. Network-wide infections against organizations are far more likely to garner large ransom payments than infections of individual systems. Organizations that provide essential functions have a critical need to resume operations quickly and are more likely to pay larger ransoms. Read more…

Marriott faces massive data breach expenses even with cybersecurity insurance

marriott

Marriott’s total tab for a data breach affecting as many as 500 million consumers is going to cost billions of dollars over the next few years, based on the average cost of megabreaches.
Marriott’s disclosure of a data breach impacting as many as 500 million consumers is going to result in technology, security, and legal expenses for years to come — and the tab is likely to be in the billions of dollars.
The hotel company said that information on about 500 million guests may have been breached on its Starwood network since 2014. For about 327 million of those guests, personal information such as date of birth, gender, email, passport numbers, and phone numbers may have been exposed. In some cases, payment card information may have been exposed, but that data was encrypted. Read more…

Hackers are opening SMB ports on routers so they can infect PCs with NSA malware

router

Akamai says that over 45,000 routers have been compromised already.
Akamai has detected an ingenious malware campaign that alters configurations on home and small office routers to open connections toward internal networks so crooks can infect previously isolated computers.
The way hackers achieve this, Akamai said, is via a technique known as UPnProxy, which the company first detailed in April this year.
The technique relies on exploiting vulnerabilities in the UPnP services installed on some routers to alter the device’s NAT (Network Address Translation) tables. Read more…

3 ways for your business to spot a spear phishing email during the holidays

Cyberattacks on organizations are predicted to skyrocket during the online holiday shopping season. Here is how to identify possible threats.

Beginning with Black Friday and Cyber Monday, cyberattacks are predicted to spike throughout the entire holiday shopping season, according to the recent Carbon Black Holiday Threat Report. These attacks are on track to increase by nearly 60% this season alone, the report found.

Last year, global organizations faced a 57.5% increase in attempted cyberattacks during the holiday season, according to the report. The 2016 holiday season also saw an increase in cyberattacks 20.5% above normal levels. History has repeated itself year after year, so companies and consumers should remain cautious when online shopping in the next month. Read More…

IBM to acquire Red Hat in deal valued at $34 billion

  • IBM announced plans to acquire Red Hat in a deal valued at about $34 billion.
  • Prior to the acquisition, Red Hat’s market capitalization stood at approximately $20.5 billion.
  • The acquisition is by far IBM’s largest deal ever, and the third-biggest in the history of U.S. tech.

IBM is acquiring Red Hat, a major distributor of open-source software and technology, in a deal valued around $34 billion, the companies announced on Sunday. 
According to a joint statement, IBM will pay cash to buy all shares in Red Hat at $190 each. Shares in Red Hat closed at $116.68 on Friday before the deal was announced. 
The open source, enterprise software maker will become a unit of IBM’s Hybrid Cloud division, with Red Hat CEO Jim Whitehurst joining IBM’s senior management team and reporting to CEO Ginni Rometty. Read more…

Cisco pays cool $2.3 billion for hot security company Duo

Cisco today laid out $2.35 billion in cash and stock for network- identity, authentication and security company Duo.

According to Cisco, Duo helps protect organizations against cyber breaches through the company’s cloud-based software that verifies the identity of users and the health of their devices before granting access to applications with the idea of preventing breaches and account takeover. Read more…

World Cup a haven for cyber criminals, Israeli cyber security firm warns

The 2018 FIFA World Cup isn’t just a haven for soccer fans – according to Israeli cyber security firm CyberInt, it’s a haven for cyber criminals too.

According to CyberInt, what the company calls the World Cup’s “cyber environment” – which includes nearly 800 domains using FIFA-related terms – includes 76 unofficial streaming video sites, 32 unofficial merchandise sites, 12 suspended hosting accounts, 11 gambling sites, and nine “suspicious” sites. Read more…

BMO, CIBC victims of cyber breach, attackers demand $1 million from each in cryptocurrency

FEATURE-Bank-of-Montreal-sign-620x250

Canadian banks rarely acknowledge they’ve been involved in a cyber security incident. On Monday two of the country’s biggest retail banks reportedly suffered a data breach and are notifying customers.
The Bank of Montreal and CIBC’s Simplii Financial online bank said they are investigating apparent breaches of customer information, each apparently involving tens of thousands of customers.

Late Monday the CBC said several news services had received an email apparently from the hackers, who said they were demanding $1 million in cryptocurrency or customer names and information would be publicly released. Read more…

How enterprise IT investment is being driven by C-level strategy

Board-of-Directors-Short

In the evolving global networked economy, every type of company essentially becomes a technology-oriented firm – in one form or another. That’s fueling the strategic investment in IT infrastructure and services. Currency market changes are another key factor.

As a result, worldwide IT spending is projected to total $3.7 trillion in 2018 — that’s an increase of 6.2 percent from 2017, according to the latest market study by Gartner. Senior executives and line of business leaders continue to drive many of the strategic IT procurement decisions. Read more…