Tag Archive for: Shine

Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk

/in


The agricultural equipment industry has long considered itself immune from cyber attacks. After all: farm equipment wasn’t Internet-connected and the software and protocols that it used were obscure. Besides: farms- and farm equipment held little in the way of sensitive personal or financial data that cybercriminals could easily monetize. 

But a lot has changed in the agriculture sector in the last decade. And farm country’s cybersecurity bill has come due…in a big way. A presentation at the annual DEF CON hacking conference in Las Vegas, scheduled for Sunday, will describe a host of serious, remotely exploitable holes in software and services by U.S. agricultural equipment giants John Deere and Case-IH. Together, the security flaws and misconfigurations could have given nation-state hackers access to- and control over Deere’s global product infrastructure, access to sensitive customer and third party data and, potentially, the ability to remotely access critical farm equipment like planters and harvesters that are the lynchpin of the U.S. food chain. 

Opinion: my Grandfather’s John Deere would support our Right to Repair

A video of the presentation, “The Agricultural Data Arms Race Exploiting a Tractor Load of Vulns,” was posted on YouTube by conference organizers on Thursday. It is the most detailed presentation, to date, of a range of flaws in Deere software and services that were first identified and disclosed to the company in April. The disclosure of two of those flaws in the company’s public-facing web applications set off a scramble by Deere and other agricultural equipment makers to patch the flaws, unveil a bug bounty program and to hire cyber security and embedded device security talent. 

Sick Codes (@SickCodes), an independent security researcher who declines to use his real name in public statements, worked with researchers from the group Sakura Samurai including wabaf3t; D0rkerDevil; ChiefCoolArrow; John Jackson; Robert Willis; and Higinio “w0rmer” Ochoa. Together, the group uncovered 11 other flaws in Deere software and applications and  that the group shared with the company as well as CISA, the Cybersecurity…

Source…

New Website Aims To Shine A Light On Where Ransomware Payments Go

/in


It’s estimated that total global ransomware payments approached $350 million last year, up more than 300% from 2019. To stem the rising tide of ransomware attacks, a new site wants to shed some much-needed light on where payments from victims are going.

Cleverly called Ransomwhere, the site is the creation of security researcher Jack Cable. Cable worked with the Cybersecurity and Infrastructure Security Agency (CISA) as security advisor for the 2020 elections. He’s also spent years hunting bug bounties and working as a red team hacker — acting as an adversary to help organizations discover and mitigate weaknesses in their cyber defenses.

In an interview with TechCrunch, Cable states that he was inspired to create Ransomwhere after reading a tweet from Red Canary Director of Intel Katie Nickels. Responding to a question about whether the infosec community could estimate total losses tied to the notorious TrickBot malware, Nickels noted that “No one knows the real impact.” She added that it’s therefor difficult to know whether specific victim actions — like paying or refusing to pay ransoms — makes a difference.

Cable chimed in, adding that it “would be awesome to have raw data or a dashboard tracking payments by strain.” Since no such thing existed he set about creating one… and Ransomwhere was born.

To date, Ransomwhere has tracked over $56 million in ransomwhere payments. So far, Netwalker dominates the leaderboard with more than 520 payments made. That includes several payments of hundreds of Bitcoin — the two biggest converting to $7.4 and $8.6 million at today’s exchange rate.

The largest single payment: 413 Bitcoin — or just shy of $14 million — sent to the operators of the RagnarLocker ransomware in July of 2020.

The data that powers Ransomwhere is crowdsourced, and all reports must include a screenshot of the ransom demand for verification purposes. Currently, Cable is verifying submissions personally.

All of the information that is entered into the Ransomwhere database is made freely available for other security professionals to download and analyze. No data about the victims is ever shared.

Not all…

Source…

Tokyo Olympics Postponed, But 5G Security Lessons Shine

/in

Threatpost Senior Editor Tara Seals is joined by Russ Mohr, engineer and Apple evangelist at MobileIron along with Jerry Ray, COO at SecureAge, for a discussion about the now postponed Tokyo Games and its use of 5G and the myriad of security concerns Japan is preparing for.
Mobile Security – Threatpost

The likes of China and Russia fight wars in the shadows. Time for Britain to shine the light – Telegraph.co.uk

/in

The likes of China and Russia fight wars in the shadows. Time for Britain to shine the light  Telegraph.co.uk
“cyber warfare news” – read more