CyberSecurity Pulse 2016-03-31

CyberSecurity Pulse 2016-03-31

"It is not bigotry to be certain we are right; but it is bigotry to be unable to imagine how we might possibly have gone wrong"
G.K. Chesterton (1874 – 1936) – English writer

Analyst Insight

Is Crawling Enough to Know What Is Happening in Tor?

Researchers at King's College London have carried out an investigation about the content on Tor anonymous network and confirm that "one noteworthy finding was the near-absence of Islamic extremism on Tor hidden services". They ensure that the jihadist propaganda is limited as opposed to which can be found on social networks like Facebook and Twitter. Actually, it makes sense because these organizations have put a great effort to ensure the dissemination of their message to a general audience, so they make an intensive use of the tools used by this audience, which is in fact the surface web (social networks, blogs, pastebin like platforms, etc.).

CyberSecurity Pulse 2016-03-Instead, it seems risky to ensure that Tor network is not being used for internal communication of terrorist groups, mainly because, as in the surface, there are platforms that implement additional security measures to hinder access by automated monitoring programs. As in conventional surface web monitoring, in this case, it would not be enough to adopt crawling capacities to extract this conclusions. It would be interesting to supplement it with a Human Intelligence Unit whose methods would help to access the contents hosted in private and inaccesible areas of the network that cannot be monitored otherwise.

» Más información en Taylor & Francis

Top Stories

Apple Doesn't Know How FBI Hacked IPhone

CyberSecurity Pulse 2016-03-31The FBI has unlocked the iPhone used by one of the San Bernardino terror attackers, officials said Monday, ending a heated legal standoff with Apple that had pitted US authorities against Silicon Valley. Apple, backed by a broad coalition of technology giants like Google and Facebook, was fiercely opposed to assisting the US government in unlocking the iPhone arguing that this action would have serious implications on security and privacy.

» More information at Sky News

Water Treatment Plant Hacked, According to Verizon

"Hackers infiltrated a water utility’s control system and changed the levels of chemicals being used to treat tap water", Verizon Security Solutions told on their last data breach report. Although they have not wanted to reveal the name and location of the utility affected, it's known that the hacktivist group had ties with Syria and that it exploited unpatched web vulnerabilities in its customer payment portal. Another incident that has highlighted the cybersecurity gaps involving critical infrastructure facilities.

» More information at Verizon

Rest of the Week´s News

Possible Verizon Data Breach

Verizon Enterprise Solutions is shocked by its own data breach involving the theft and resale of customer data. Earlier this week, a prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information of about 1.5 million customers, which include the 99% of the companies in the Fortune 500.

» More information at Krebs on Security

NASA Has a Cybersecurity Problem

Citing multiple inside sources and internal documents, Jason Miller, executive editor for Federal News Radio, stated this week that there are hundreds of thousands, if not millions, of patches that have not been applied to NASA IT systems, exposing them to potential attacks.

» More information at Softpedia

Millions of Android Phones Vulnerable

Millions of Android phones are vulnerable to attacks that can execute malicious code and take control of core functions almost permanently by getting root access. Google is in the process of releasing a fix, but at the moment any phone that has not received a security patch level since March 18 or later is vulnerable.

» More information at ArsTechnica UK

Further Reading

Three US Hospitals Hit by Ransomware

» More information at BBC News

Hacking Lottery Terminals to Produce More Winning Tickets

» More information at The Hacker News

Seven Iranians in Connection with Attacks on Banks

» More information at The Washington Post