A brief overview of the main novelties on the information security solutions market for the week.
IStorage has released the world’s first and only PIN-protected, hardware-encrypted USB flash drive using removable microSD cards. Along with datAshur SD, the company also introduced the patented iStorage datAshur SD KeyWriter application, which allows you to “clone” as many drives as needed with the same encrypted encryption key. In other words, organizations can create copies of secondary drives as backups, and when needed, exchange encrypted iStorage microSD cards with authorized users of cloned datAshur SD without compromising data security.
Tufin has released a new version of its Tufin Orchestration Suite platform, which brings together security policy management across on-premises, cloud and hybrid environments. Tufin Orchestration Suite R21-3 can now integrate with the Zscaler Cloud Firewall (part of the Zscaler Zero Trust Exchange cloud platform) to centralize and simplify Secure Access Service Edge (SASE) policy management.
The new release also includes enhanced functionality to help administrators minimize risk and streamline day-to-day operations. With the new Tufin Security Policy Dashboard, administrators have instant centralized information on key access policy issues for proactive resolution. Tufin Orchestration Suite R21-3 also provides advanced automated workflows to accelerate data center migration and regulatory compliance.
ColorTokens has announced Xshield 2.0, a new version of its Xshield product, which is part of the Xtended ZeroTrust Platform. With new and improved Xshield 2.0 features, large enterprises can further accelerate micro-segmentation, scale with ease, and protect their workloads across a distributed hybrid infrastructure.
Huntsman Security has released SmartCheck for Ransomware, a product that allows organizations to assess their readiness for ransomware attacks. SmartCheck for Ransomware provides a quantitative readiness score measured against each of 12 security measures. As a result, organizations can understand their risk exposure and customize any of the security controls needed to improve their security posture and be more prepared for ransomware attacks.
ThreatQuotient has announced the fifth version of its ThreatQ security threat detection and response platform. The latest ThreatQ v5 features include a unique DataLinq Engine to connect disparate systems and sources to provide advanced security threat detection and response (XDR), intelligent data collection for automation, and advanced ThreatQ communication for bi-directional communication, context and analysis threats.
Hacker hacked "smart" dog feeder and spied on the mistress
The owner of the smart dog feeder had been using this device for many years and had no problem until she heard a man’s voice coming from the feeder.
An unknown man broke into a smart dog feeder equipped with a camera, gained access to the camera and spied on the owner of one of the animals. Reported by Nine.com.au.
Smart pet feeders are popular around the world. They provide feeding of pets remotely, at the command given by a person via the Internet. In addition, many devices are equipped with webcams and speakers. With their help, the owner of the animal can admire his pet from anywhere in the world and even say a few affectionate words to him.
Australian resident Angela Cuniberti has become a victim of her love for modern devices. An unknown intruder managed to connect to the camera of her dog’s smart feeder.
One day a woman was passing by the trough and she heard a man’s voice say “Hello, beauty!” Angela was very frightened, as she thought that a stranger had got into the house. Moreover, her dog began to get very nervous and bark.
“I saw that a red light was on and I thought it was strange,” she said. The woman suspected that she was being spied on.
When Cuniberty decided to take a closer look at the camera, she heard a man’s laugh.
Angela consulted a feeder manufacturer. The company’s specialists checked the product and found out that someone had hacked into the home Wi-Fi network and gained access to the camera. This was very strange, since not long before that the woman had changed the password and was sure of its reliability.
It is unknown how long the attacker watched the girl. Now the police are looking for the hacker, and the woman has replaced the feeder with a webcam with an ordinary dog bowl.
Experts talk about 17 frameworks for attacks on physically isolated systems
For 15 years, 17 frameworks have been discovered that are used by APT groups in attacks on SCADA systems and ICS.
In the first half of 2020 alone, four different malicious frameworks were discovered designed to attack physically isolated networks, and the total number of these tools, paving the way for cyber-espionage and theft of classified information, reached 17 in 15 years.
“All frameworks are designed for some form of espionage, and all frameworks use USB sticks as a physical means of transferring data to and from targeted physically isolated networks.” told ESET researchers Alexis Dorais-Joncas and Facundo Muñoz in a new study.
Since physical isolation is one of the most common ways to protect SCADA systems and process control systems, government-funded APT groups are increasingly looking at critical infrastructure in the hope of injecting malware into physically isolated networks to monitor targets of interest.
According to ESET experts, frameworks are mainly designed to attack computers running Windows. At least 75% of frameworks use malicious LNK or AutoRun files on USB drives, either to initially compromise physically isolated systems or to move laterally on physically isolated networks.
Experts managed to associate some frameworks with well-known APT groupings:
Retro – DarkHotel (aka APT-C-06 or Dubnium);
Ramsay – DarkHotel;
USBStealer – APT28 (aka Fancy Bear, Sednit or Sofacy);
USBFerry – Tropic Trooper (aka APT23 or Pirate Panda);
Fanny – Equation Group;
USBCulprit – Goblin Panda (aka Hellsing or Cycldek);
PlugX – Mustang Panda;
Agent.BTZ – Turla Group.
“Each framework works differently, but they all have one thing in common – they all, without exception, use malicious USB drives. The main difference between connected and offline frameworks is how the flash drive itself has been modified, ”the researchers said.
Connected frameworks work by deploying a malicious component to a connected system that monitors the plugging of new USB drives and automatically places the malicious code needed to compromise a physically isolated system. In the case of offline frameworks like Brutal Kangaroo, EZCheese, and ProjectSauron, attackers must infect their own USB drives with malware to carry out an attack.
As a precautionary measure, organizations with critical information systems are advised to block e-mail access on connected systems, disable USB ports, “disinfect” USB drives, restrict the execution of files on removable drives, and regularly examine isolated systems for signs of suspicious activity.
Simple vulnerability in smart contract software allows hacker to steal $ 31 million worth of digital currency
An accounting error in MonoX Finance’s software allowed an attacker to raise the price of the MONO token.
Blockchain startup MonoX Finance has fallen victim to cyberattacks , during which a hacker stole $ 31 million. The cybercriminal took advantage of a vulnerability in the software that the platform uses to draft smart contracts.
The company uses the MonoX decentralized financial protocol, allowing users to trade digital currency tokens without the specific requirements of traditional exchanges. An accounting error in the company’s software allowed an attacker to raise the price of the MONO token and then use it to cash out all other deposited tokens.
The cyber attack used the same token as in tokenIn and tokenOut, which are methods of exchanging the value of one token for another. MonoX updates prices after each swap, calculating new prices for both tokens. When the swap is complete, the price of tokenIn (the token sent by the user) decreases and the price of tokenOut (the token received by the user) increases.
By using the same token for both tokenIn and tokenOut, the hacker increased the price of the MONO token significantly because the tokenOut update overwritten the tokenIn price update. The hacker then exchanged the token for $ 31 million worth of tokens on the Ethereum and Polygon blockchains. MonoX Finance management attempted to contact the attacker by sending a message via a transaction on the ETH mainnet. Recall that in October of this year, an unknown attacker hacked the Discord server of the Creature Toadz NFT project and tricked community members into sending him money. In total, the hacker managed to lure out more than 88 ETH from the victims (over $ 340 thousand at the exchange rate at the time of the crime). It is noteworthy that the hacker later returned all the money.
FTC Seeks To Block Nvidia’s Purchase Of Arm In Court
The US Federal Trade Commission (FTC) has filed a lawsuit seeking to block the US $ 40 billion acquisition of...
The side wall of the Chieftec Stallion 3 case is made of tempered glass, while the front and top are made of mesh
The Chieftec catalog has expanded its Stallion 3 chassis, which will begin shipping in February 2022. Housing with catalog index...
Xiaomi has completed work on MIUI 13. Xiaomi 12 received the final assembly of the new interface based on Android 12
A developer from Poland and an active user of the XDA-Developers thematic forum, Kacper Skrzypek, shared an interesting observation: judging...
Power 750 HP and a cruising range of 750 km. Foxconn unveils its flagship Foxtron Model E sedan, which can compete with Tesla’s Model S
Foxconn has brought its flagship Model E sedan, created by the Foxtron automotive division in conjunction with the Italian coachbuilder...
News6 days ago
The crypto market has collapsed once again. Bitcoin fell by almost 8% per day, Ethereum – by 9%, Solana – by 6%, and Polkadot – by all 11%
Components7 days ago
Dual processors, dual 4K Sony Micro OLED screens, eight cameras and Mac-like performance. Apple headset is expected in the fourth quarter of 2022
Wearables6 days ago
This is what Huawei’s first smartwatch that measures blood pressure looks like. Huawei Watch D showed on the render
Security2 days ago
Windows Defender scares sysadmins with false Emotet detection