Tag Archive for: break

How disinformation monitoring helps agencies break down attacks — GCN

/in


online disinformation (SkyPics Studio/Shutterstock.com)

INDUSTRY INSIGHT

How disinformation monitoring helps agencies break down attacks

  • By Dan Brahmy
  • Jul 16, 2021

As hacks, ransomware attacks and data breaches continue to make their way into the spotlight, it can be easy to forget about another more subtle, yet perhaps more sinister, aspect of cyberwarfare: disinformation and influence campaigns.

As we’ve seen in recent years, instances of disinformation campaigns and cyberattacks targeting government agencies have increased, making monitoring tools vital in the fight against interference within elections, government initiatives, public health crises and more. Nefarious campaigns within these spaces can easily reach mainstream consumers, drawing more attention to false and even harmful narratives.

These efforts are believed to primarily target the U.S., based on data pulled from Facebook. The Justice Department recently seized 36 websites, linked to Iranian news website domains that were believed to be launching disinformation campaigns against the U.S. With tensions already on the rise, now is the perfect time for agencies to consider platforms and tools that can help them monitor and counter disinformation.

Disinformation detection platforms offer specific tools that help in identifying these attacks and breaking them down. An attack against a government agency will certainly affect the agency itself, but the impact on social media users and constituents could be even more damaging. As many across the U.S. saw last fall, false narratives about the election amplified by influential authors can take social media by storm. While Facebook, Twitter and YouTube all vowed to “clamp down on election misinformation,” false statements made by former President Donald Trump circled Twitter and were shared and engaged with widely, despite being flagged as “misleading.”

Through semi-supervised machine-learning algorithms, monitoring platforms can detect disinformation by defining suspicious behavior parameters and flagging unusual activity. Over time, the algorithm…

Source…

So nice of China to put all of its network zero-day vulns in one giant database no one will think to break into • The Register

/in


Chinese makers of network software and hardware must alert Beijing within two days of learning of a security vulnerability in their products under rules coming into force in China this year.

Details of holes cannot be publicized until the bugs are fixed. Malicious exploit code cannot be released. There are restrictions on disclosing details of flaws to foreign organizations. And vendors will be under pressure to address these vulnerabilities as soon as they can and set up bounty programs to reward researchers.

The regulations are intended to tighten up the nation’s cyber-security defenses, crack down on the handling and dissemination of bugs, and keep China’s elite up to speed on exploitable flaws present in Chinese-made communications systems, wherever in the world that technology may be deployed.

It appears these rules ensure Beijing will be among the first to know of security weaknesses in equipment and software potentially present in foreign infrastructure and networks as well as domestic deployments. The rules were issued on Tuesday, come into effect on September 1, and apply to people and organizations operating within China. The following articles stuck out to us:

Though the rules are a little ambiguous in places, judging from the spirit of them, they throw a spanner in the works for Chinese researchers who work with, or hope to work with, zero-day vulnerability brokers. These sorts of regulations matter a lot: infosec experts in the Middle Kingdom earlier pulled out of exploit contests like Pwn2Own due to changes to the law within China.

“Chinese teams stopped participating in Pwn2Own after 2017 when there were regulatory changes that no longer allowed for participation in global exploit contests,” Brian Gorenc, head of ZDI and Pwn2Own at Trend Micro, told The Register on Wednesday.

It will also complicate matters for those hoping to engage with foreign bug bounty programs, which may or may not follow…

Source…

To Build Joint Command and Control, First Break Joint Command and Control

/in


The crowd favorite in the Korean War section of the National Museum of the U.S. Air Force is a B-29 Superfortress known as Command Decision. Named after a 1948 movie that recounted the Army Air Forces’ decision-making during World War II, the plane shot down five MiG-15 fighters, dropped over one million pounds of bombs, and has iconic nose art featuring two of the seven dwarfs — Dopey and Doc — waiting apprehensively for a flipped coin to land.

Behind the Command Decision is a smaller, less popular exhibit about command and control during the Korean War. The exhibit includes a diagram illustrating how command and control was organized at the time — it offers a visual of how messages were relayed and who assigned resources to specific tasks. That picture is notable because, with minor changes, it could feature in any of the museum’s sections. It depicts a hierarchical, industrial-age structure, and could describe command and control in World War II, during the wars in Iraq and Afghanistan, or at any point in the intervening period.

While still not exactly a crowd favorite, command and control is currently experiencing something of a renaissance as U.S. military leaders seek more interoperability between the different military services, less hierarchy in military networks, and systems that enable faster decision-making. The military has requested $3 billion to remake the system. The problem, though, is that the effort is focused almost entirely on the technology of command and control. The Defense Department is currently buying modular communications equipment that can connect people regardless of military service, building universal networks and data repositories, and developing decision-support tools that rely more on machine learning. While this technological disruption is necessary, it is insufficient.

The organizational structure of command and control should also be changed. The U.S. military should break up its current command and control system and replace it with small, modular teams that are not strictly aligned with a particular military service. This would help the system to deliver operational outputs faster and from multiple services at a given time. This…

Source…

It’s 2021 and a printf format string in a wireless network’s name can break iPhone Wi-Fi • The Register

/in


Joining a Wi-Fi network with a specific sequence of characters in its SSID name will break wireless connectivity for iOS devices. Thankfully the bug looks to be little more than an embarrassment and inconvenience.

On Friday, Carl Schou, a security researcher in Denmark, reported that his iPhone lost its Wi-Fi capability after attempting to connect to a Wi-Fi network named “%p%s%s%s%s%n”.

The offending name is made up of good old C language printf()-style string format specifiers. On iOS, they are handled by Apple’s open source CFString framework, available to those writing Objective-C or Swift applications. CF stands for Core Foundation; CFString is a C API in macOS and iOS.

Security researcher Alex Skalozub told The Register that the disruptive series of characters can be shorter still. The string “%s%s%s” is sufficient to trigger the bug, he said, noting that it appears to be the third “%s” that takes down the Wi-Fi connection.

The “%s” tells the software to use a referenced string, which likely doesn’t actually exist, causing the code to crash. Indeed, it appears to cause a strlen() function call to trigger a memory access fault. Apple’s software should not be directly obeying these user-provided format strings as it’s a classic security vulnerability.

“Yesterday I showed how [an Access Point] named “%Free %Coffee at %Starbucks” does the same thing,” he said.

Fortunately, the damage appears not to be permanent. Apple iOS devices that lose Wi-Fi capability after being bitten by this bug can be restored via the General -> Reset -> Reset Network Settings menu option, which reverts network settings to their factory default.

Security flaw? Technically possible but…

Amichai Shulman, co-founder and CTO of enterprise network security firm AirEye, contends the bug could lead to remote code execution.

“While it is easy to use the…

Source…