Tele Columbus Confirms Hacker Attack On Customers

Tele Columbus Confirms Hacker Attack On Customers

http://ift.tt/2AlD4Tc

Security News

via .:[ packet storm ]:. – http://ift.tt/pG2dUI http://ift.tt/1Fpvz7L

November 6, 2017 at 09:21AM

Australia’s War On Encryption Potentially ‘Reckless’

Australia’s War On Encryption Potentially ‘Reckless’

http://ift.tt/2j8e8uw

malcolm-turnbull-prime-minister-austrlia-george-brandis-small.png
Image: Asha McLean/ZDNet

Australia’s Prime Minister Malcolm Turnbull and America’s Deputy Attorney-General Rod Rosenstein both think that tech companies should “do something” about end-to-end encryption. Both have said so publicly, rejecting claims that it’d be difficult, if not impossible.

“The laws of Australia prevail in Australia, I can assure you of that,” Turnbull famously said to ZDNet on July 14. “The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia.”

For his part, Rosenstein has called for something he calls “responsible encryption”.

“Responsible encryption can involve effective, secure encryption that allows access only with judicial authorization. Such encryption already exists. Examples include the central management of security keys and operating system updates; the scanning of content, like your emails, for advertising purposes; the simulcast of messages to multiple destinations at once; and key recovery when a user forgets the password to decrypt a laptop,” Rosenstein told the US Naval Academy on October 10.

“I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so,” he said in a similar speech to the North American International Cyber Summit on October 30.

Politicians continue to believe, in the face of continued cogent arguments, that magic technology can reliably protect messages from eavesdroppers, yet still give easy access to law enforcement agencies whenever they demand it.

Why?

Are these otherwise intelligent people simply failing to understand the arguments against their proposals? Are they failing to understand that the laws of mathematics are immutable?

“At best it’s that. At worst it’s reckless policy,” Ben Flatgard told ZDNet. Turnbull’s comment on the laws of mathematics was “a pretty amazing suggestion”, he said.

Flatgard was the director for Cybersecurity Policy on the US National Security Council during the Obama administration. He’s currently the 2017 Alliance 21 Fellow at the United States Studies Centre at the University of Sydney.

“We’ve been discussing this as long as encryption’s been used in commercial applications,” Flatgard said, and he’s right.

The core problem was, is, and always will be how to ensure that messages can only be decrypted when lawfully approved. That’s not a technology problem, that’s a policy and process problem.

An encryption algorithm will decrypt a message when it’s presented with the appropriate key. It can’t know whether the key was obtained legitimately or not. Any process that tries to attach an authentication code to the key suffers the same problem. Was that code attached legitimately? And so on, out to infinity.

That’s why I think Turnbull’s public comments are not a war on maths, but a battle against the organisational structures and processes that keep communications secure — and that’s nothing new.

In 1993, the US attempted to solve the problem with the Clipper Chip in every device, splitting the government-held per-device keys in two, with each half held by different agencies. It was abandoned in 1996.

“This was eventually done away with because it was too difficult to manage some of these concerns,” Flatgard said.

There is actually a problem to be solved here, of course.

“The threat of a loss of intelligence is significant,” Flatgard said, but “the ‘going dark’ problem is one that’s admired more than it’s actually acted upon, and you hear a lot of chest-beating”.

You don’t solve that problem by demanding free access to everything.

In the wake of the 2015 terrorism incident in San Bernardino, for example, then FBI director James Comey spent more than $1.3 million to get into an iPhone belonging to one of the shooters, for information of questionable intelligence value. That’s on top of the cost of the agency’s legal battle against Apple.

Flatgard finds that “troubling”.

“Even if you get what you want, you don’t get what you actually need. You don’t know what you want well enough, and how to ask for it,” he said.

Politicians and law enforcement agencies, in both the US and Australia, are escalating the anti-encryption rhetoric. Sometimes, as in the San Bernardino case, they’re backing it up with serious legal and budgetary muscle in a “scary way”.

“You see some of this in Australia as well… the suggestion of using, like, extra-judicial and extra-legal measures to obtain the information. I think that should give everyone pause for concern, when politicians suggest that we’re going to demand someone give us X, Y, or Z. If there’s a court order to do so, that’s a different thing,” Flatgard said.

“It also fails to appreciate the technology constraints behind it, right. So giving access to an iPhone isn’t the same as giving access to data that’s potentially encrypted at the app level or in other ways, [or] it’s not stored on-prem[ises] but is managed by someone else in an encrypted way.”

It also fails to appreciate that most encrypted messaging apps are built on open-source software.

“Being able to regulate the software marketplace seems incredibly difficult,” Flatgard said. People that are trying to do bad things aren’t idiots, and will roll their own messaging apps.

Indeed, just a week after Turnbull’s speech, a browser-based messaging app appeared at brandis.io. It’s named, of course, after Australia’s favourite attorney-general, Senator George Brandis QC.

What this leads to, said Flatgard, is that as the conversation progresses, the solution space shrinks. “[It’s] us basically saying, ‘Well then you have to use approved domestic software, [and] data has to be localised’.

“At the end of the day, that sounds a lot like how China, for instance, regulates the use of some of these technologies.”

Quite.

Related Coverage

US deputy attorney general just called for ‘responsible encryption.’ Don’t fall for it.

You only need to look at the past year of data breaches, leaks, and exposures to see that some of the most precious national security and technological secrets in the US aren’t safe.

Thou shalt be secure: RSA says you can’t force private sector to break encryption

RSA’s VP and GM of Global Public Sector Practice Mike Brown believes there’s a better way to thwart terrorism than breaking end-to-end encryption, as recently proposed by the Australian government.

WhatsApp, Facebook to face EU data protection taskforce

WhatsApp and its parent company Facebook have been invited to meet a data protection taskforce after alleged non-compliance with European data laws.

US AG rips Silicon Valley tech firms, says encryption makes crime easier to hide (TechRepublic)

The US Deputy Attorney General Rod Rosenstein recently gave a speech criticizing Silicon Valley tech companies for not working with the US government on encryption.

Security News

via .:[ packet storm ]:. – http://ift.tt/pG2dUI http://ift.tt/1Fpvz7L

November 6, 2017 at 09:21AM

CoreBot Banking Trojan Returns After Two Year Break

CoreBot Banking Trojan Returns After Two Year Break

http://ift.tt/2AbPOuS

Video: Ransomware using trojan trick to expand threat

A form of banking trojan malware has suddenly reappeared after a two-year break and is targeting online banking customers.

CoreBot trojan was mainly active in the summer of 2015, after suddenly switching its focus to target banks. After a relatively short campaign, the malware seemingly disappeared until making a sudden reappearance this week.

Spotted by researchers at Deep Instinct, a new version of CoreBot is being distributed in spam email campaigns with the intention of stealing information from customers of Canadian banking websites.

Customers of TD, Des-Jardins, RBC, Scotia Bank, Banque National are all targeted by those behind the campaign, with successful execution of the malware allowing the attackers to steal the credentials of infected users as they login into these sites.

The new CoreBot campaign claims to be an invoice and thanks the target for making a payment – a common tactic used in phishing campaigns which aims to panic the victim into thinking they’ve lost money.

corebot-lire.png

CoreBot email lure.


Image: Deep Instinct

The email contains a ‘view invoice’ link, which if clicked initiates the download of the malicious payload. This is different to previous CoreBot campaigns which distributed spam emails with malicious Word documents containing the payload.

This version of CoreBot also comes with with new evasion techniques in an attempt to avoid analysis of the malware code, indicating those behind it have spent time developing their malicious product to be stealthier.

Researchers also note that the command and control server domain has switched to a different IP address since the last known CoreBot campaign. Meanwhile, the IP addresses delivering the malware appear to be based in France and Canada.

Initial examination of the new CoreBot malware suggests it’s related to other active banking malware campaigns, although researchers haven’t yet stated which.

It’s also uncertain who is behind this criminal campaign, but artefacts in the code could potentially point to a Chinese link, Deep Instinct told ZDNet.

Analysis of CoreBot is still ongoing, but bank customers are instructed to be cautious of any messages about an unexpected payment.

istock-468347435.jpg

Artefacts in the code could potentially point to a Chinese link.


Image: Getty Images/iStockphoto

Previous and related coverage

CoreBot malware evolves overnight into virulent banking Trojan

It didn’t take long for hackers to take advantage of the malware’s bolt-on structure and transform it into something dangerous.

TrickBot banking Trojan steps up attacks against UK targets

IBM X-Force researchers warn that this sophisticated malware family is fast becoming one of the most prevalent forms of data-stealing banking Trojans

Quick glossary: Malware [Tech Pro Research]

This list of 22 terms will help you grasp the vocabulary that describes malware and the technology that spawns it.

Read more on cybercrime

Security News

via .:[ packet storm ]:. – http://ift.tt/pG2dUI http://ift.tt/1Fpvz7L

November 6, 2017 at 09:21AM

Vuln: Avaya IP Office Contact Center CVE-2017-12969 Remote Buffer Overflow Vulnerability

Vuln: Avaya IP Office Contact Center CVE-2017-12969 Remote Buffer Overflow Vulnerability

http://ift.tt/2heCq5h

Avaya IP Office Contact Center CVE-2017-12969 Remote Buffer Overflow Vulnerability

Bugtraq ID: 101667
Class: Boundary Condition Error
CVE:

CVE-2017-12969

Remote: Yes
Local: No
Published: Nov 05 2017 12:00AM
Updated: Nov 05 2017 12:00AM
Credit: John Page.
Vulnerable:

Avaya IP Office Contact Center 9.1

Avaya IP Office Contact Center 10.1

Avaya IP Office Contact Center 10.0

Not Vulnerable:

Avaya IP Office Contact Center 10.1.1

Security News

via SecurityFocus Vulnerabilities http://ift.tt/Y0pFEv

November 6, 2017 at 09:12AM

Vuln: OpenSSL CVE-2017-3736 Information Disclosure Vulnerability

Vuln: OpenSSL CVE-2017-3736 Information Disclosure Vulnerability

http://ift.tt/2zhl1jx

Vulnerable:

Redhat JBoss EWS 2

Redhat Jboss EAP 6

Redhat JBoss Core Services 1

Redhat Enterprise Linux 7

OpenSSL Project OpenSSL 1.1

OpenSSL Project OpenSSL 1.0.2

OpenSSL Project OpenSSL 1.1.0f

OpenSSL Project OpenSSL 1.1.0e

OpenSSL Project OpenSSL 1.1.0d

OpenSSL Project OpenSSL 1.1.0c

OpenSSL Project OpenSSL 1.1.0b

OpenSSL Project OpenSSL 1.1.0a

OpenSSL Project OpenSSL 1.0.2l

OpenSSL Project OpenSSL 1.0.2k

OpenSSL Project OpenSSL 1.0.2j

OpenSSL Project OpenSSL 1.0.2i

OpenSSL Project OpenSSL 1.0.2h

OpenSSL Project OpenSSL 1.0.2g

OpenSSL Project OpenSSL 1.0.2f

OpenSSL Project OpenSSL 1.0.2e

OpenSSL Project OpenSSL 1.0.2d

OpenSSL Project OpenSSL 1.0.2c

OpenSSL Project OpenSSL 1.0.2b

OpenSSL Project OpenSSL 1.0.2a

Security News

via SecurityFocus Vulnerabilities http://ift.tt/Y0pFEv

November 6, 2017 at 09:12AM

Vuln: IBM OpenPages GRC Platform CVE-2017-1148 Information Disclosure Vulnerability

Vuln: IBM OpenPages GRC Platform CVE-2017-1148 Information Disclosure Vulnerability

http://ift.tt/2heCguH

IBM OpenPages GRC Platform CVE-2017-1148 Information Disclosure Vulnerability

Bugtraq ID: 101668
Class: Input Validation Error
CVE:

CVE-2017-1148

Remote: Yes
Local: No
Published: Oct 27 2017 12:00AM
Updated: Oct 27 2017 12:00AM
Credit: IBM
Vulnerable:

IBM OpenPages GRC Platform 7.3

IBM OpenPages GRC Platform 7.2

Not Vulnerable:

Security News

via SecurityFocus Vulnerabilities http://ift.tt/Y0pFEv

November 6, 2017 at 09:12AM

Vuln: Tor Browser CVE-2017-16541 Information Disclosure Vulnerability

Vuln: Tor Browser CVE-2017-16541 Information Disclosure Vulnerability

http://ift.tt/2zhDk88

Tor Browser CVE-2017-16541 Information Disclosure Vulnerability

Bugtraq ID: 101665
Class: Unknown
CVE:

CVE-2017-16541

Remote: Yes
Local: No
Published: Nov 03 2017 12:00AM
Updated: Nov 03 2017 12:00AM
Credit: Filippo Cavallarin
Vulnerable:

Tor Tor Browser Bundle 7.0.8

Not Vulnerable:

Tor Tor Browser Bundle 7.0.9

Security News

via SecurityFocus Vulnerabilities http://ift.tt/Y0pFEv

November 6, 2017 at 09:12AM

Tear down the wall: Docker’s ticket to China may be aboard the Alibaba Cloud

Tear down the wall: Docker’s ticket to China may be aboard the Alibaba Cloud

http://ift.tt/2hMLwn4

China may not have Gmail, Facebook, WhatsApp Messenger, Instagram, or even YouTube, but they sure have Docker! Mark Zuckerberg, the Facebook boss, recently made a high-profile push to get his company’s services unblocked, “showering praise” on top Chinese officials. The push seems to have fallen on deaf ears as there has been no show of interest by Chinese officials in Facebook and instead have recently blocked messages though Facebook-owned app WhatsApp as well due to a political issue in the country. Meanwhile, Docker’s ticket to China may be on a first-class seat on the country’s biggest cloud provider: the Alibaba Cloud.

Breaching the great wall

Alibaba Cloud

China had previously blocked messaging app Telegram because it became popular among human rights lawyers. With a country whose censorship system is often referred to as “The Great Firewall,” how do you get in? The answer is “in containers,” and that’s exactly what Docker is all set to do. On June 9, Docker launched a Docker Public Registry in China, which is a cloud-based repository that provides users with free access to popular community-generated content, including official Docker images. Earlier in October last year, Docker had already announced its commercial partnership with Alibaba Cloud, the Chinese rival to AWS.

If Docker has adoption on its side, the Chinese e-commerce giant has money. It held a record-breaking $25 billion IPO in 2014 and in recent news, co-founder Jack Ma’s net worth went up by $2.8 billion in one night. Ma, a former English teacher, is now the richest person in Asia and 14th richest in the world, with a net worth of $41.8 billion. He was recently quoted describing to the world how his company had become effectively the world’s 22nd largest economy after Argentina.

Welcoming the third-largest Docker community

What he probably failed to mention is that the company effectively has the backing of the second-largest economy in the world as well. When Docker’s CEO Steve Singh and COO Scott Johnston said “it’s a really huge market” in an interview with GeekWire, could this be the market they were talking about? Docker’s ticket to China is definitely on the company’s mind: Docker’s chief marketing officer David Messina was quoted as talking about “deepening roots in Asian markets” since there are a whole lot of enterprises looking to containerize their applications. In an official press release, Docker said its Chinese container community was already the third largest in the world despite the lack of local services.

Alibaba Cloud

Wikimedia

That alone is a testament to the innovative spirit within the Chinese developer community. Imagine how much more progress they would make with the right tools and resources, and what a valuable addition they would be to the global open source community.

Docker Hub on Alibaba Cloud

Everyone’s interested in accelerating hybrid cloud deployment and building microservices, and the Chinese are no different. If you think about it, the only way you’re going to enter the Chinese market is if you have something that can help them make more money. As far as YouTube and Facebook go, this is a country with five channels on TV that all begin with the symbol of a big red star. Entertainment via social media is definitely not a priority, while making more money definitely is.

With a Docker registry in China, local access is expected to accelerate, and response rates of container-based applications are projected to go up seven times. The registry itself, which has been core element of Docker since its 1.0 release, now has a mirror sitting on Alibaba Cloud. The folks at Alibaba were actively looking for an easy solution to deploy Docker on Alibaba cloud according to Sicheng Yu, vice president of the Alibaba Group. Without the constraints of a budget, who better to get than Docker itself for this job, and that’s exactly what it did.

The new visionary

The partnership also means Alibaba Cloud will be reselling Docker’s Enterprise Edition platform in the Chinese market that includes a container runtime, multitenant container orchestration and security and management features. The platform will be also be integrated with Alibaba’s cloud stack which was previously launched as the first Chinese container application platform to support Docker. This stack is being specially designed to target hybrid cloud deployments, according to Tang Hong, chief architect of Alibaba Cloud. Also part of the agreement is that Alibaba Cloud will actively promote the Commercially Supported (CS) Docker Engine and resell Docker Datacenter to its enterprise customers while providing Level 1 and 2 support for Docker CS.

Alibaba has definitely added its name to the list of big cloud providers, so much so that when someone like the Singh mentions AWS, Azure and top cloud providers, he makes sure to include Alibaba on that list. There are still only two companies in the “leaders” quadrant of Gartner’s Infrastructure, but interestingly enough, there are more “visionaries.” Making its appearance for the first time as a “visionary” is Alibaba Cloud, and a June 2016 survey done by Alibaba themselves showed that more than 80 percent of their users are either already using containers or want to start. Partnering with Docker is definitely going to make it a lot easier for Chinese organizations to not only containerize their applications, but also move forward toward microservice architecture and high performance.

Sowing seeds in Asia

As mentioned before, China has the world’s third-largest Docker community in spite of the lack of services, and Alibaba counts 765,000 paying customers as of the last quarter. It’s also spreading its tentacles across Asia, which effectively counts for almost half the world’s population. Since just last year Alibaba acquired a controlling share in Lazada, the largest online shopping site in a region of more than 600 million consumers. In India, Alibaba has acquired a stake in Paytm, a popular mobile wallet app as well as a stake in Amazon rival Snapdeal. While most people agree that Alibaba is the clear cloud leader in China, it isn’t the only one, and there are many more like Cloud Global, another big cloud provider in China. The market is still relatively young compared to the United States, and there is still massive potential to move enterprises to the cloud since only a small segment is investing in the cloud right now.

Messina was quoted saying, “The relationship with Alibaba Cloud is unique from Docker’s other strategic partnerships in that it is expressly structured and explicitly focused on driving and accelerating the production adoption of Docker in an explicit geography, China.” Now we all know that the people in Beijing want nothing more than foreign investment, but it has never been clear just how much control or profit they are willing to share. History has taught us that China plays by its own rules, and it isn’t uncommon for them to go back on commitments or open and close markets as they please.

The China factor

Alibaba Cloud

Flickr / Crabchick

The political situation is another factor with a major election coming up, and while they seem committed to this new partnership, we all know anything can happen. Today we have Mark Zuckerberg desperately trying to unban his company’s services, tomorrow it could be Docker’s Steve Singh trying to do the same thing. China is known to make its own versions of everything and then stop imports; they have their own MiGs, their own F16s, and even their own AK47s. In a country that’s even banned Winnie the Pooh over an Internet joke, what’s stopping them from putting up a great wall to cancel Docker’s ticket to China by making their own Docker?

Photo credit: Wikimedia

The post Tear down the wall: Docker’s ticket to China may be aboard the Alibaba Cloud appeared first on TechGenix.

Security News

via Comments on: http://techgenix.com

November 6, 2017 at 09:11AM

Glasgow’s Internet of Things network expands

Glasgow’s Internet of Things network expands

http://ift.tt/2hM4r1l

Glasgow’s Internet of Things (IoT) network has enhanced the quality and range of its coverage with the addition of a ninth gateway at the City of Glasgow College’s new Riverside Campus on the south bank of the Clyde.

The consortium behind the city’s LoRa network – Stream Technologies, Semtech Inc, Boston Networks and CENSIS – will also begin working with the college’s staff and students to help them use the new technology.

The extra gateway adds to the eight already placed around the central, west end, and northern areas of the city.

It will extend coverage to Glasgow’s south east and improve the consistency of connectivity for devices in the city centre, particularly those inside and under buildings.

Each gateway can connect as many as 10,000 devices within a radius of at least three miles in urban areas. The Glasgow network has already been used to monitor river levels, the capacity of public bins, and pollution levels in the city centre, with a host of other trials underway.

READ MORE: Sensors innovation centre launches IoT accelerator

Dr Mark Begbie, business development director at CENSIS, the Scottish innovation Centre for Sensor and Imaging Systems, said: “The City of Glasgow College’s Riverside Campus is the ideal location for the latest addition to the Glasgow LoRa network – enhancing the city’s existing coverage and extending it to the south east. It will also act as an important engagement point for us with the college’s staff and students, giving them the best possible opportunity to use the IoT. We look forward to working with them on new applications and projects for this exciting technology in the near future.”

Douglas Morrison, innovation project lead at City of Glasgow College, said: “We are delighted to partner on this exciting project. Glasgow is very much a Smart City and the continued growth of IoT means we are always on the look out for innovative education solutions across our super college.

“Not only is City of Glasgow College an established technical and professional Centre of Excellence, our Riverside campus is the most technologically advanced maritime and engineering campus anywhere, so this is a great fit. Each day we work to ensure that our students are equipped with relevant and modern skills to flourish in the workplace. We look forward to further developing this relationship with CENSIS.”


Security News,IoT News

via IoT – Google News http://ift.tt/2h68U1y

November 6, 2017 at 09:10AM

Africa set to top 1 billion mobile internet connections in five years: study

Africa set to top 1 billion mobile internet connections in five years: study

http://ift.tt/2j4z0mb

JOHANNESBURG (Reuters) – Africa’s mobile internet connections are set to double in the next five years, a study showed on Monday, thanks to affordable smartphones and the roll-out of high-speed networks.

A report by research and consulting firm Ovum in London estimates that mobile broadband connections will rise from 419 million at the end of this year to 1.07 billion by the end of 2022.

“Data connectivity is growing strongly in Africa, and there are also good prospects on the continent in areas such as digital media, mobile financial services, and the Internet of Things,” said Matthew Reed, Practice Leader Middle East and Africa at Ovum.

“But as Africa’s TMT market becomes more convergent and complex, service providers are under increasing pressure to make the transition from being providers of communications services, and to become providers of digital services.”

Mobile phone operators such as MTN Group, Orange and Bharti Airtel are investing heavily in high-speed networks to meet demand from users who are increasingly using phones for everything from paying their bills to streaming videos and surfing the internet.

Reporting by Tiisetso Motsoeneng; Editing by Hugh Lawson

Security News,IoT News

via IoT – Google News http://ift.tt/2h68U1y

November 6, 2017 at 09:10AM