December 19, 2018

Snack-happy parrot shows insider threats come in all shapes and sizes

By Lisa Vaas

A new form of insider threat has been discovered, with evidence of a threat actor attempting to burgle a homeowner via illicit snack delivery orders placed on her Amazon Alexa smart speaker.

According to the UK’s National Animal Welfare Trust, the culprit goes by the handle of “Rocco,” a fugitive African Grey Parrot that had already displayed antisocial tendencies – namely, foul language and tossing his water bowl around – while in the care of the trust.

Staff member Marion Wischnewski, who lives in Oxfordshire, had rehomed Rocco, in spite of his propensity to fling and his swearing, which had led the trust to fear that visitors would flee from his verbal floggings.

Once ensconced in his new workplace, Rocco set about endearing himself to his human overlords. Wischnewski told news outlets that he’s got a “sweet personality” and loves to dance to romantic music… music that, apparently, he’s learned how to request from Alexa. He has, after all, been exposed to the overlords’ conversations with Alexa, and, as members of his species are wont to do, has learned how to ask for what he wants.

What he wants, besides sappy songs to bounce to, are tasty snacks, various inanimate objects, and homeware. He has reportedly attempted to place orders for lightbulbs, a kite, watermelon, ice cream, raisins, strawberries, broccoli, and a tea kettle.

Read more at https://nakedsecurity.sophos.com/2018/12/19/snack-happy-parrot-shows-insider-threats-come-in-all-shapes-and-sizes/

Instagram became the preferred tool in Russia’s propaganda war

By Lisa Vaas

Facebook, Twitter or Google’s YouTube: those are the social media platforms that garnered most of the focus of lawmakers, researchers and journalists when the Russian disinformation campaign around the 2016 US presidential election first came into focus.

But according to two new, comprehensive reports prepared for the Senate Intelligence Committee, one of which was released on Monday and the other leaked over the weekend, Instagram was where the real action was.

Disinformation and meddling may have reached more people on Facebook, YouTube or Twitter, but the posts got far more play on Instagram. In a years-long propaganda campaign that preceded the election and which didn’t stop after, Facebook’s photo-sharing subsidiary generated responses that dwarfed those of other platforms: researchers counted 187 million Instagram comments, likes and other user reactions, which was more than Twitter and Facebook combined.

The Washington Post [paywall] quoted Philip N. Howard, head of the Oxford research group that participated in one of the reports:

Instagram’s appeal is that’s where the kids are, and that seems to be where the Russians went.

A massive, multi-year campaign to manipulate Americans

One of the reports was commissioned by the Senate Intelligence Committee and written by the social media research firm New Knowledge, Columbia University and Canfield Research. According to that report, Russia’s propaganda war was broadened to reach the US starting in 2014 and would eventually spread to reach a “massive” scale.

Read more at https://nakedsecurity.sophos.com/2018/12/19/instagram-became-the-preferred-tool-in-russias-propaganda-war/

SQLite creator fires back at Tencent’s bug hunters

By Danny Bradbury

The creator of SQLite, an open source database management system used in thousands of applications, has downplayed reports of a bug that could lead to remote code execution.

The Tencent Blade security research team reported the bug, called Magellan, in both SQLite and the open-source Chromium browser, which uses a version of the database. They said:

This vulnerability can be triggered remotely, such as accessing a particular web page in a browser, or any scenario that can execute SQL statements.

Developed in 2000, SQLite has become one of the most commonly-used open source programs and is a part of many other applications, including the Chrome, Safari and Firefox browsers and back-end web application frameworks. Skype uses it, and so do the Python and PHP programming environments. You’ll find it on all Android and iOS devices, and every Mac and Windows 10 machine. It also powers many Internet of Things devices, which SQLite’s developers call out specifically as an application. Those devices can be especially difficult to update in the field.

Read more at https://nakedsecurity.sophos.com/2018/12/19/sqlite-creator-fires-back-at-tencents-bug-hunters/

How not to secure US missile defenses

By John E Dunn

What sort of organization might suffer the following list of security failures?

Three out of five physical locations visited for an audit failed to implement multi-factor authentication (MFA) on networks used to secure sensitive technical data.

Two weren’t securing their equipment racks.

Three weren’t routinely encrypting highly-sensitive data held on USB sticks.

At all five locations, admins could access and maintain systems without having to justify that level of privilege.

Most extraordinary of all, as of 2018, one site’s patching was so deficient that it failed to address a critical vulnerability that first came to light nearly three decades earlier, in 1990.

This might have been an extreme one-off except that another site had sat on another serious flaw dating from 2013 despite being reminded of that fact in early 2018.

The organization in question is the US Department of Defense’s Ballistic Missile Defense System (BMDS), five of whose 104 sites were chosen at random in early 2016 for a security audit by the DOD’s Inspector General.

It’s hard to know what to make of the number of weaknesses uncovered in computer security across so few sites, but if these findings (published in redacted form in April but only recently noticed) are typical of the other 99, the BMDS has a problem on its hands.

Read more at https://nakedsecurity.sophos.com/2018/12/19/how-not-to-secure-us-missile-defences/

After SamSam, Ryuk shows targeted ransomware is still evolving

By Mark Stockley

Last month the world learned that the FBI thinks it has identified the two people behind the notorious SamSam ransomware attacks.

SamSam, you may recall, gained notoriety for plundering ransoms from vulnerable targets like hospitals, and for devastating attacks like the one that embattled the City of Atlanta in early 2018.

As with other targeted attacks, SamSam was deployed manually after its operators had broken into a vulnerable network via a poorly-protected RDP port. The SamSam gang’s methodical and patient attacks put them in a position to extort enormous ransoms, and helped them accrue almost $7 million since December 2015.

As you might expect, things have been a bit quiet from SamSam since the FBI’s indictment. The Iranian suspects are beyond the agency’s reach, but they have been identified, their operation has been compromised and, for the time being at least, activities have ceased.

The unmasking followed a period of apparently diminishing returns for SamSam attacks. After the publication of extensive research by Sophos in August, SamSam’s monthly earnings began to decline, even while the frequency of attacks seemed to increase.

Now SamSam seems to have left the stage, but the brand of destructive, stealthy attacks it exemplified didn’t start with SamSam and they didn’t end with it either. In fact, while SamSam may have gained infamy, other kinds of targeted ransomware, like Dharma and BitPaymer, have been deployed more widely, and demanded higher ransoms.

Read more at https://nakedsecurity.sophos.com/2018/12/18/after-samsam-ryuk-shows-targeted-ransomware-is-still-evolving/

ACS

Advanced Computer Services of Central Florida

Centrally located in Winter Haven, we serve residential and business clients in and around Polk County.

9 Camellia Drive
Winter Haven, FL 33880
863-229-4244

Our Promise to You

Plain language, no tech-talk

We will never try to over-sell you a product you don't need.


Advanced Computer Services of Central Florida is your local, hometown computer service and repair company that can do more than just fix your PC.  We offer highly skilled professionals who can be counted on to give you sound advice on upgrades, software and hardware, commercial & residential networks, hardwire or secure wireless.

No trip charges within Polk County

No after-hours or weekend fees

$45.00/hr Residential

$65.00/hr Commercial - free system evaluation