Tag Archives: power

Returning the power to your security teams with threat hunting

As more advanced attack techniques and tools become more accessible in the cyber criminal community, companies are increasingly turning to a more proactive approach to security. An important part of this approach is looking for evidence of potential threats which may already be in their systems.

Implementing an incident response (IR) plan is a great place to start, but is too reactive – by the time you are notified of a breach, it could be too late. Likewise, organisation have now realised that waiting for antivirus and other security solutions to alert them of unusual activity is not a good enough approach for detecting sophisticated and stealthy adversary. 

Instead, organisations can combine an IR plan and traditional AV defences with more proactive techniques such as threat hunting to give organisations the best chance to avoid cyber criminals gaining access to their IT environment. Threat hunting enables security teams to confidently answer the

Read more at: https://www.itproportal.com/features/returning-the-power-to-your-security-teams-with-threat-hunting/

California law targets abuse of power and sexual exploitation


Over the past several months, a loud national conversation has been taking place about sexual harassment and assault — in Hollywood, in business, the judiciary, and in the halls of Congress and state legislatures. The conduct revealed is not new and all stems from the same root cause — abuse of power.

For as long as we’ve documented history, people in power have chosen to abuse it. These abuses are perpetrated in many forms, but abusing power for sexual gratification is an age-old variety. The current national conversation, the #MeToo movement, and all of the women (and men) coming forward will change nothing without meaningful channels to report and respond to these abuses of power and sexual exploitation.

In October, Gov. Jerry Brown signed

Read more at: https://www.sfchronicle.com/opinion/openforum/article/California-law-targets-abuse-of-power-and-sexual-12472042.php

California law targets abuse of power and sexual exploitation – San …

For as long as we’ve documented history, people in power have chosen to abuse it. These abuses are perpetrated in many forms, but abusing power for sexual gratification is an age-old variety. The current national conversation, the #MeToo movement, and all of the women (and men) coming forward will change nothing without meaningful channels to report and respond to these abuses of power and sexual exploitation.


In October, Gov. Jerry Brown signed SB500 into law. By adding just a few words to California’s extortion statute, this law will protect Californians from “sextortion” by providing a clear path to report this abuse to law enforcement and a tool for prosecutors to seek accountability from offenders. Sextortion is where the currency demanded is not money but sex or sexual images. It is, at its

Read more at: https://www.sfchronicle.com/opinion/openforum/article/California-law-targets-abuse-of-power-and-sexual-12472042.php

Chernobyl nuclear power plant hit by ransomware cyber attack

WPP, the world’s biggest advertising business, said a number of its companies had been affected and it was currently “assessing the situation”.

In a statement, the FTSE 100 firm said: “IT systems in several WPP companies have been affected by a suspected cyber attack.

“We are assessing the situation, taking appropriate measures and will update as soon as possible.”

The National Cyber Security Centre, which is part of intelligence agency GCHQ, said there was a “global ransomware incident”.

A spokesman said: “We are aware of a global ransomware incident and are monitoring the situation closely.

“The NCSC website provides advice to the public and business on how to protect your digital systems.”

Read more at: http://www.express.co.uk/news/world/821971/Chernobyl-nuclear-power-plant-hit-ransomware-cyber-attack

For $500, this site promises the power to track a phone and intercept its texts

For years, experts have warned of vulnerabilities in the network that routes phone calls and cellular service — but those attacks may be more widespread than anyone realized. For more than a year, a Tor Hidden Service has been offering ongoing access to telecom’s private SS7 network for as little as $500 a month. Combined with known vulnerabilities, that access could be used to intercept texts, track the location of an individual phone, or cut off cellular service entirely.

Accessible on Tor at zkkc7e5rwvs4bpxm.onion, the “Interconnector” service offers a variety of services charged as monthly fees, including $250 to intercept calls or texts, $500 for full access, or $150 for cellphone reports (including location data and IMSI numbers). Well-heeled users can even pay $5,500 for direct access to the SS7 port, billed as “everything you need to start your own service.”

One customer wrote to The Verge with

Read more at: https://www.theverge.com/2017/6/13/15794292/ss7-hack-dark-web-tap-phone-texts-cyber-crime

For $500, this site gives you the power to track a phone and intercept its texts

For years, experts have warned of vulnerabilities in the network that routes phone calls and cellular service — but those attacks may be more widespread than anyone realized. For more than a year, a Tor Hidden Service has been offering ongoing access to telecom’s private SS7 network for as little as $500 a month. Combined with known vulnerabilities, that access could be used to intercept texts, track the location of an individual phone, or cut off cellular service entirely.

Accessible on Tor at zkkc7e5rwvs4bpxm.onion, the “Interconnector” service offers a variety of services charged as monthly fees, including $250 to intercept calls or texts, $500 for full access, or $150 for cellphone reports (including location data and IMSI numbers). Well-heeled users can even pay $5,500 for direct access to the SS7 port, billed as “everything you need to start your own service.”

One customer wrote to The Verge with

Read more at: https://www.theverge.com/2017/6/13/15794292/ss7-hack-dark-web-tap-phone-texts-cyber-crime

It’s time to take the power away from cyber criminals

Most cyber crime victims don’t even know they’re cyber crime victims, says Marina Perry in her shortlisted entry to the BARBRI International Cyber Crime Blogging Prize Competition

“It bothers me that my webcam stares at me all day long,” said my colleague regarding a new addition to our work life, “you never know who might be watching you”.

I agreed with her and said that is the reason why my webcam is not attached to the monitor and always faces away from me. In my naivety I said: “I have seen enough movies to know anything can be hacked and I don’t want a stalker looking at me. I hoped that our company’s security system has strong firewalls to prevent against such attacks.”

But in reality, do people know when they are hacked or have been a victim of

Read more at: https://www.legalcheek.com/lc-journal-posts/its-time-to-take-the-power-away-from-cyber-criminals/

How the new ‘Power Rangers’ tackle cyber bullying

PHOTO:HOLLYWOOD REPORTERPHOTO:HOLLYWOOD REPORTER

PHOTO:HOLLYWOOD REPORTER

The Mighty Morphin Power Rangers may feel a tad out-dated to us today but back in the 1990s, the children’s series was, in its own way, quite progressive. It featured a racially diverse cast which included two female superhero leads and also preached ideas like peace over violence.

Now, Lionsgate’s rebooted version features superheroes that are not only diverse but also have their own issues to deal with, such as autism and sexual orientations. Director Dean Israelite said he wanted to make a film about teenagers and their struggles growing up. “We talked about how different the world is today. And if you are going to make a movie about teenagers today, you’ve got to deal with the issues and challenges they are facing in their world,” The Hollywood Reporter quoted him as saying. “And that’s

Read more at: https://tribune.com.pk/story/1366845/new-power-rangers-tackle-cyber-bullying/

Russian malware is found in ransomware used against power companies

A malware variant previously linked to a hacking group with alleged ties to Russian intelligence has been transformed into a ransomware virus that is now infecting industrial control systems like those found in power plants and water treatment facilities, reports a U.S. cybersecurity firm.

This mutated version of KillDisk — malware that is capable of quickly destroying large troves of data — was first discovered in the wild by CyberX, which is based in Framingham, Massachusetts.

In its original form, KillDisk was first found in the aftermath of a historic data breach against three separate Ukrainian power companies — causing systems to malfunction and cut power to thousands of homes. In that case, KillDisk was deployed to specifically wipe computers that were used by Ukrainian operators in each facility’s command and control center.

CyberX found evidence that KillDisk ransomware was able to

Read more at: https://www.cyberscoop.com/russian-malware-found-ransomware-used-power-companies/

Linux 2017: With great power comes great responsibility | ZDNet

In 2016, Linux turned 25. When it began, it was a student project. Today, Linux runs everything. From smartphones to supercomputers to web servers to clouds to the car, it’s all Linux, all the time.

Linux must be secured.

Locking Linux down from attackers is becoming an ever more important job.

Even the one exception, the end-user, is moving to Linux. Android is now the most popular end-user opearating system. In addition, Chromebooks are becoming more popular. Indeed, even traditional Linux desktops such as Fedora, openSUSE, Mint, and Ubuntu are finally gaining traction. Heck, my TechRepublic Linux buddy Jack Wallen even predicts that “Linux [desktop] market share will finally breach the 5-percent mark”.

Of course, end-users have always used Linux. They just didn’t realize that almost all

Read more at: http://www.zdnet.com/article/linux-2017-with-great-power-comes-great-responsibility/