Tag Archive for: control

FBI Takes Control of Hacker Group Suspected of Targeting NPS

/in


(TNS) — The FBI has assumed control of operations run by a group of hackers that took credit for the ransomware attack of Norman Public Schools.

The group, known as Hive, has extorted more than $100 million from hospitals schools and other organizations, according to multiple reports.

Ransomware is a type of malicious software that threatens to publish or blocks access to data or a computer system, usually by encrypting it, until the victim pays a ransom fee to the attacker.


In November, a representative of the malware organization contacted several media outlets by email and wrote: “Our organisation [sic] has breached and downloaded from Norman Public Schools network most important information with a total size over 311 GB.”

Files downloaded, according to the email obtained by The Transcript, included contracts, nondisclosure agreements and other agreements; documents; private company information, including budgets, plans, evaluations, and school building floor and wire blueprints; employee information, including social security numbers, emails, addresses, phone numbers, photos, insurances information, payments; and student information, including social security numbers, emails, addresses, phone numbers, photos, insurance information, and payments.

Reached Friday, The FBI would not confirm Hive is the organization behind the NPS breach.

A school district spokesperson, however, said the district has been working in cooperation with the FBI to hold those involved accountable.

“We cooperated fully with the FBI during the investigation following the November 2022 malicious ransomware attack against Norman Public Schools,” Chelsey Kraft said in a statement. “From the beginning, we assumed we were part of a much larger ransomware scheme targeting many others because that is the way cyber criminals operate.”

NPS did not confirm whether Hive was behind the attack.

“The FBI has made no contact with us regarding this development and as a result, we have no updates,” Kraft said. “We applaud the FBI’s efforts to pursue these criminals and think groups like these should be prosecuted to the full extent of the law.”

The FBI…

Source…

Firmware Vulnerability in Chips Helps Hackers Take Control of Systems

/in


A security company has found hardware vulnerabilities that, if cracked, can give hackers control over systems.

The vulnerability, disclosed by Binarly Research, allows an attacker to gain control of the system by modifying a variable in non-volatile memory, which stores data permanently, even when a system is turned off.

The modified variable will compromise the secure boot phase of a system, and an attacker can gain persistent access to compromised systems once the exploit is in place, said Alex Matrosov, the founder and CEO of Binarly, which offers open source tools to detect firmware vulnerabilities.

“Basically, the attacker can manipulate variables from the operating system level,” Matrosov said.

Firmware Vulnerability Opens the Door

Secure boot is a system deployed in most PCs and servers to ensure that devices start properly. Hackers can take control of the system if the boot process is either bypassed or under their control.

But in order to manipulate the variables, a user would need privileged access to the system. Users may need to have administrator access to Linux or Windows systems. The malicious code executes before the operating system is loaded.

“The firmware piece is important because the attacker can gain very, very interesting persistence capabilities, so they can play for the long term on the device,” Matrosov said.

The vulnerability is like leaving a door open — a hacker can gain access to system resources as and when they please when the system is switched on, Matrosov said.

The vulnerability is notable because it affects processors based on the ARM architecture, which are used in PCs, servers, and mobile devices. A number of security problems have been discovered on x86 chips from Intel and AMD, but Matrosov noted that this disclosure is an early indicator of security flaws existing in ARM chip designs.

Qualcomm Warns About Snapdragon

The problem springs from a vulnerability affecting Qualcomm’s Snapdragon chipsets, which the chip company disclosed on Jan. 5.

Qualcomm’s Snapdragon chips are used in laptops and mobile devices. The vulnerabilities could affect a wide range of those devices using Unified Extensible Firmware Interface (UEFI) firmware with Snapdragon…

Source…

Reach for control to enhance security in the cloud

/in


Cloud-based infrastructure and services have changed the way IT practitioners design enterprise systems.

These changes offer enterprises significant security benefits and pose serious security threats.

Enterprises must take a proactive approach to reap the rewards and reduce the risk. Today, on National Computer Security Day, I’m sharing what you can do (and what you need to consider) to improve your security posture in the cloud.

Beginning with the benefits

For starters, most cloud-based SaaS offerings include an outsourced platform infrastructure. A third party often manages the service, handling operations and system maintenance. Outsourcing allows enterprises to delegate risk and take advantage of shared responsibility models. There’s some loss of configuration flexibility, but much to gain in security.

Large cloud providers have a dizzying array of security and compliance documentation, audit results, and certificates. These cover everything from the physical infrastructure facilities to their processes and technical implementations.

Software-defined networks allow enterprises to segment infrastructure without paying for physical switches and firewalls. Enterprises enjoy in-depth protection around critical resources at a fraction of the cost.

Virtualized computing and pre-packaged virtual machines allow for easy integration of security solutions and tooling for functions such as intrusion detection, application proxies, network management, and name resolution.

Platform-provided storage supports encryption at rest. It also allows fine-grained configuration of keys and permissions as appropriate for each dataset.

Adapting to a cloud-based IT world

Deploying cloud-based services challenges organizations to unlearn established security orthodoxy. Before the cloud, corporate security infrastructure protected every service by default. Enterprises assumed that each resource had its proper place in the logical network architecture. Public access to critical resources was strictly controlled. Unspooling these predispositions is hard, but it’s necessary and there are guidelines that can help.

The Centre for Internet Security lists 18 critical security controls (formerly…

Source…

Researchers hack adaptive cruise control, then show how to make it safer – The Reporter

/in


rep hoque self driving illustration 550pxAdaptive cruise control comes standard on most new vehicles but it can be tricked into causing accidents, according to research from the UAB Department of Computer Science. The researchers also demonstrated a way to alert humans in time for them to take control.Most of us think we’re pretty good behind the wheel. But even the worst driver’s-ed dropout can distinguish a speeding car from one barely inching forward. A new study from computer scientists at UAB shows that advanced driving assistance systems such as adaptive cruise control, now standard equipment on many cars, can be tricked into this exact mistake, however. The work, which will be presented at a global Internet of Things conference this fall, also demonstrates a way to keep the cars grounded in reality to avert disaster.

The study merges two strands of research on the vulnerabilities of modern cars with advanced driving assistance systems.

One focuses on the nerve center of electronic communication in most cars, a hub called the Controller Area Network (CAN) bus. The CAN bus is reliable and cheap and great at prioritizing messages while rolling down the interstate at 70 mph. That is why it is the go-to piece of hardware for passing data between the dozens of electronic control units, or ECUs, in modern cars. These controllers are in charge of everything from airbag deployment to antilock brakes and engine timing. But one thing the CAN bus is not is secure, from physical or wireless attacks, as researchers have demonstrated time and again.

rep hoque self driving adaptive cc 550px“As with most of our systems, cars were designed for performance and security is often an afterthought,” said Ragib Hasan, Ph.D., director of UAB’s SECRET Lab. “This has led to such glaring security issues in cars we use every day. That is why [Aminul] Hoque’s dissertation research in my lab is so important and timely — it has the potential to save countless lives.”Another hot topic for security researchers: how to protect self-driving cars from attacks on their sensors. (Researchers have been able to fool self-driving cars with strategically placed stickers on stop signs, lasers and hacked billboards.) But what if the attack were deeper — getting at the heart of how…

Source…