A Review of the Best News of the Week on Cyber Threats & Defense

Can IPv4 Networks Be Compromised via IPv6? (Internet Society, Jan 29 2018)
The attack vector relies on the default IPv6 configuration in the Windows operating system to spoof DNS replies by acting as a malicious DNS server to redirect traffic to an attacker-specified endpoint. The Windows Proxy Auto Discovery (WPAD) feature can also be exploited in order to relay credentials and authenticate to various services within the network, using a tool called called mitm6 created by Fox-IT.

First ‘Jackpotting’ Attacks Hit U.S. ATMs (Krebs on Security, Jan 27 2018)
“ATM “jackpotting” — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators. But all that changed this week after the U.S. Secret Service quietly began warning financial institutions that jackpotting attacks have now been spotted targeting cash machines here in the United States.”

FCC Head and Wireless Lobby Oppose U.S. Bid to Build a 5G Network (Yahoo Finance, Jan 29 2018)
U.S. regulators and the wireless industry are pushing back against a plan under discussion by the Trump administration to build a secure 5G network — possibly with government control — amid concerns about China and cybersecurity.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Intel does its best to tamp down impact of Spectre and Meltdown in earnings call (TechCrunch, Jan 29 2018)
“We’re working to incorporate silicon-based changed to future products that will directly address the Spectre and Meltdown threats in hardware. And those products will begin appearing later this year.”

Researchers warn of invisible attacks on electrical sensors (Naked Security – Sophos, Jan 29 2018)
To simplify, transducers are electronic components that turn analogue signals such as radio, sound or light waves, or the physical movement of something like a gyroscope, into an electrical signal that can be digitised by a computer. Under our noses, these are becoming ubiquitous, with more appearing every day in voice-activated devices, drones, motor cars, and other IoT systems.

New Targets, $2 Million in Prizes Announced for Pwn2Own 2018 (SecurityWeek, Jan 25 2018)
Trend Micro’s Zero Day Initiative (ZDI) announced on Thursday that this year’s Pwn2Own hacking competition offers $2 million in cash and prizes, with several new pieces of software added to the list of targets.

2018 Thales Data Threat Report: 94% of organizations using cloud, IoT and other transformative technologies, data breaches at all-time high (Thales e-Security, Jan 29 2018)
The data in this study is based on web and phone interviews of 1,200 senior executives in Germany; Japan; India; the Netherlands; Sweden; South Korea; the UK; and the U.S.

It’s time to get serious about email security (Help Net Security, Jan 29 2018)
Still today, PGP and the majority of email encryption solutions, have been criticized for being cumbersome and nearly impossible to scale across the enterprise. The last thing an organization needs to hamstring themselves with new technology they are trying to implement.

Cyberattacks Doubled in 2017 (Infosecurity Magazine, Jan 26 2018)
OTA’s Cyber Incident & Breach Trends Report found that skyrocketing ransomware usage resulted in 160,000 cyberattacks. That’s nearly doubled from 82,000 in 2016. And since the majority of cyber-incidents are never reported, the actual number in 2017 could easily exceed 350,000, the firm estimated.

Dridex Authors Build New Ransomware (SecurityWeek, Jan 29 2018)
The authors of the infamous Dridex banking Trojan have created a sophisticated ransomware family, ESET warns.

Malware Epidemic: Monero Mining Campaigns Are Becoming a Real Problem (BleepingComputer, Jan 29 2018)
Malware that secretly mines Monero is becoming a real problem in the real world, with the number of different incidents growing with each week. For example, only this past week, three new attacks came to light.