CyberSecurity Pulse 2017-03-6
|“Big goals get big results. No goals get no results or somebody else’s results.”|
|Mark Victor Hansen|
Turning Towards Cybersecurity Elections in United States
The federal government through the Help America Vote Act (HAVA) and the Election Assistance Commission has supported the updating of state voting systems, but each state has taken its own path to modernize and upgrade their own elections processes. NASS has stressed that the current system of decentralized elections actually brings with it significant security benefits. The group argues that decentralization means that the voting process is difficult to disrupt. In addition, election systems are, for the most part, disconnected from the Internet, removing an important attack vector.
The group stressed that each state should approach security in its own way. "The US Department of Homeland Security has no authority to interfere with elections, even in the name of national security", the group stated in its resolution.
SHA-1 Collision Can Break SVN Code Repositories
A recently announced SHA-1 collision attack has the potential to break code repositories that use the Subversion (SVN) revision control system. The first victim was the repository for the WebKit browser engine that was corrupted after someone committed two different PDF files with the same SHA-1 hash to it. The incident happened hours after researchers from Google and Centrum Wiskunde & Informatica (CWI) in the Netherlands announced the first practical collision attack against the SHA-1 hash function on Thursday. The Subversion developers have released a script that SVN administrators can use to prevent SHA-1 colliding files from being committed to their repositories. Meanwhile, several experts are still working on a more permanent fix for this issue.
Serious Cloudflare Bug Exposed Customer Data
Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers that a recently fixed software bug exposed a range of sensitive information that could have included passwords and cookies and tokens used to authenticate users. A combination of factors made the bug particularly severe. On the one hand, the leakage may have been active since September 22, nearly five months before it was discovered, although the greatest period of impact was from February 13 and February 18. On the other hand, some of the highly sensitive data that was leaked was cached by Google and other search engines. Because of the seriousness of such a bug, a cross-functional team from software engineering, infosec and operations formed in San Francisco and London to fully understand the underlying cause, to understand the effect of such a relevant memory leakage, and to work with Google and other search engines to remove any cached HTTP responses.
Rest of the Week´s News
How A Simple Command Typo Took Down Amazon S3 and Big Chunk of the Internet
The major internet outage across the United States earlier this week was not due to any cyberattack, rather it was the result of a simple human mistake. On Thursday, Amazon admitted that an incorrectly typed command during a routine debugging of the company's billing system caused the 5-hour-long outage of some Amazon Web Services (AWS) servers on Tuesday. The issue caused tens of thousands of websites and services to become completely unavailable.
Search Engines Demote Pirate Sites in UK Web Searches
Google and Microsoft's Bing have signed up to a voluntary code of practice and will ensure offending websites are demoted in their search results. The entertainment industry reached the agreement with the tech giants after talks brokered by the government. The initiative will run in parallel with existing anti-piracy measures. The code is expected to be in operation by the summer.
Internet-Connected Teddy Bear Leaks Millions Of Voice Messages and Password
In the latest security failing of the internet-connected smart toys, more than two million voice recordings of children and their parents have been exposed, along with email addresses and passwords for up to 820,000 user accounts. In fact, in early January, when cybercriminals were actively scanning the Internet for exposed or badly-configured MongoDB databases to delete their data and ultimately hold it for ransom, CloudPets' database was overwritten twice.