{"id":7756,"date":"2017-05-24T11:10:07","date_gmt":"2017-05-24T19:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/05\/24\/news-1541\/"},"modified":"2017-05-24T11:10:07","modified_gmt":"2017-05-24T19:10:07","slug":"news-1541","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/05\/24\/news-1541\/","title":{"rendered":"5 Unsettling cyberthreats"},"content":{"rendered":"

Credit to Author: William Tsing| Date: Wed, 24 May 2017 18:39:46 +0000<\/strong><\/p>\n

Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. A SQL injection is a SQL injection, no matter who\u2019s trying it.\u00a0 But what about the outliers? What about threats that impact you, but you can\u2019t remediate, or establish a policy to cover?<\/p>\n

Here are 5 cyberthreats that if you\u2019re not frightened by, you should be.<\/p>\n

    \n
  1. VNC roulette. This was a website that scanned for computers that allowed for remote sessions, but were unsecured by passwords or encryption. A fair amount of screenshots the site collected were from average users who simply failed to set up proper security settings. But there were also machines for which that failure was much more serious<\/a>, like SCADA systems, CCTVs, and water treatment plants<\/a>.<\/li>\n<\/ol>\n

     <\/p>\n

      \n
    1. A public drone feed? Last week<\/a> a security blogger discovered what appeared to be a publically accessible Predator drone feed. As it turned out, the video was actually an unclassified demo page created by a defense contractor using a misconfigured web server. While not exactly the OPSEC blunder viewers thought, the amount of critical infrastructure exposed to the internet and managed via unaccountable third parties is food for thought.<\/li>\n<\/ol>\n

       <\/p>\n

        \n
      1. Mirai botnet. Used in some of the largest DDoS attacks ever, including one to silence Brian Krebs<\/a>, Mirai scans the internet for Internet of Things devices using factory default credentials and infects them. What\u2019s the scope of a Mirai attack?\u00a0Ars technica<\/a> reported a Mirai DDoS on French web host OVH of 1.7 terabytes<\/em>.\u00a0 That\u2019s not the scary part. The scary part is that the IoT market is booming, they have one of the most abysmal records of security engineering and poor judgment<\/a> ever seen. And as of 2016, the most conservative estimation for IoT devices on the market was 6.4 billion<\/a>.<\/li>\n<\/ol>\n

         <\/p>\n

          \n
        1. RATs. Some of us are familiar with remote access tools used to spy on the unwitting and sometimes take compromising pictures. But what happens when a RAT is embedded in a SaaS tool? Tech Support scammers have been hit<\/a> by third-party business services who sold their service with an extra addition of DarkComet. Given how tough it can be to vet a SaaS offering, the potential to impact legitimate businesses is very large.<\/li>\n<\/ol>\n

           <\/p>\n

            \n
          1. The Computer Fraud and Abuse Act. Nobody likes fraud and abuse, so what\u2019s the big deal an act designed to keep them off of computers? Well, the act was written in 1986, prompted by a White House screening of the movie WarGames<\/em> (no, really<\/a>) and criminalized those who<\/li>\n<\/ol>\n

            \u201chaving knowingly accessed a computer without authorization or exceeding authorized access\u201d<\/strong><\/p>\n

            That bold part has proved problematic in recent years, as the automated scraping of content, saving public data that the owner didn\u2019t intend to make public, and landing on unexpected pages due to a web sites misconfiguration have all been interpreted as violations of the law at one point or another. This is absolutely scary, as the act and its capricious enforcement have led to a chilling effect over vulnerability disclosure and introduced a risk to researchers who might otherwise work with law enforcement.<\/p>\n

            These are all scary cyberthreats not because of their technical sophistication, but more because they are failures of organizations and institutions that manage technology. Your security team can patch a zero-day vulnerability, but not the executive that insists his password be set to \u20181234\u2019 for \u2018convenience.\u2019 When you have strong organizations, the cyberthreats you face suddenly get much less scary.<\/p>\n

            The post 5 Unsettling cyberthreats<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

            https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

            Credit to Author: William Tsing| Date: Wed, 24 May 2017 18:39:46 +0000<\/strong><\/p>\n\n\n\n
            <\/a><\/td>\n<\/tr>\n
            Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. Here are 5 cyberthreats that if you\u2019re not frightened by, you should be.<\/p>\n

            Categories: <\/p>\n