[ISN] Cyber warfare research institute to open at West Point

http://www.armytimes.com/article/20140407/NEWS04/304070052/Cyber-warfare-research-institute-open-West-Point By Joe Gould Staff writer Army Times April 7, 2014 The Army’s academy has established a cyber warfare research institute to groom elite cyber troops and solve thorny problems for the Army and the nation in this new warfighting domain. The U.S. Military Academy at West Point, N.Y., plans to build a cyber brain trust unprecedented within the service academies, filling 75 positions over the next three years — including scholars in technology, psychology, history and law, among other fields. The chairman of the organization, called the Army Cyber Institute, will be retired Lt. Gen. Rhett Hernandez, the first chief of Army Cyber Command, according to Col. Greg Conti, the organization’s director. The institution, which aims to take on national policy questions and develop a bench of top-tier experts for the Pentagon, will be defining how cyber warfare is waged, to steer and inform the direction of the Army. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Mission-critical satellite communications wide open to malicious hacking

http://arstechnica.com/security/2014/04/mission-critical-satellite-communications-wide-open-to-malicious-hacking/ By Dan Goodin Ars Technica April 17, 2014 Mission-critical satellite communications relied on by Western militaries and international aeronautics and maritime systems are susceptible to interception, tampering, or blocking by attackers who exploit easy-to-find backdoors, software bugs, and similar high-risk vulnerabilities, a researcher warned Thursday. Ground-, sea-, and air-based satellite terminals from a broad spectrum of manufacturers—including Iridium, Cobham, Hughes, Harris, and Thuraya—can be hijacked by adversaries who send them booby-trapped SMS text messages and use other techniques, according to a 25-page white paper published by penetration testing firm IOActive. Once a malicious hacker has remotely gained control of the devices, which are used to communicate with satellites orbiting in space, the adversary can completely disrupt mission-critical satellite communications (SATCOM). Other malicious actions include reporting false emergencies or misleading geographic locations of ships, planes, or ground crews; suppressing reports of actual emergencies; or obtaining the coordinates of devices and other potentially confidential information. “If one of these affected devices can be compromised, the entire SATCOM infrastructure could be at risk,” Ruben Santamarta, IOActive’s principal security consultant, wrote. “Ships, aircraft, military personnel, emergency services, media services, and industrial facilities (oil rigs, gas pipelines, water treatment plants, wind turbines, substations, etc.) could all be impacted by these vulnerabilities.” Santamarta said that every single one of the terminals he audited contained one or more weaknesses that hackers could exploit to gain remote access. When he completed his review in December, he worked with the CERT Coordination Center to alert each manufacturer to the security holes he discovered and suggested improvements to close them. To date, Santamarta said, the only company to respond was Iridium. To his knowledge, the remainder have not yet addressed the weaknesses. He called on the manufacturers to immediately remove all publicly accessible copies of device firmware from their websites to prevent malicious hackers from reverse engineering the code and uncovering the same vulnerabilities he did. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Michaels Confirms Data Breach

http://www.bankinfosecurity.com/michaels-confirms-data-breach-a-6763 By Jeffrey Roman Bank Info Security April 17, 2014 Arts and crafts retailer Michaels has now confirmed its stores were hit by a data breach that potentially compromised account information for 3 million payment cards. The breach, which involved “criminals using highly sophisticated malware,” potentially affected about 2.6 million cards used at Michaels stores from May 8, 2013, through Jan. 27, 2014. The malware attack also affected Michaels’ Aaron Brothers stores, where approximately 400,000 cards were potentially affected from June 26, 2013, through Feb. 27, 2014, the company said in an April 17 statement. Michaels says breached systems contained certain payment card information, such as payment card numbers and expiration dates, for its customers. There is no evidence that other customer personal information, such as name, address or PIN, was at risk, the company says. The company provided a list of affected U.S. Michaels stores and a list of affected Aaron Brothers stores. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Heartbleed Means HealthCare.gov Users Must Reset Passwords

http://www.nextgov.com/cybersecurity/2014/04/heartbleed-means-healthcaregov-users-must-reset-passwords/82852/ By Aliya Sternstein Nextgov.com April 19, 2014 Federal officials are telling Obamacare website account holders to reset their passwords, following revelations of a bug that could allow hackers to steal data. Officials earlier in the month said the government’s main public sites, including HealthCare.gov, were safe from the risks surrounding Heartbleed


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] SQL Injection Cleanup Takes Two Months or More

http://www.darkreading.com/author.asp?section_id=331&doc_id=1204560 By Kelly Jackson Higgins Dark Reading 4/17/2014 A new report highlights the prevalence and persistence of SQL injection attacks. In the past 12 months, 65% of organizations have suffered a SQL injection attack, and it took them close to 140 days to realize they had been hit. According to a report by the Ponemon Institute published yesterday, it took an average of 68 days for victim organizations to recover and clean up after discovering they had suffered a SQL injection attack. SQL injection is a hacking technique where an attacker exploits a vulnerability in the targeted application to send malicious SQL statements to the database. The attacker inserts malicious SQL statements into an entry field. “SQL injection has been around for ages,” says Larry Ponemon, chairman and founder of the Ponemon Institute. It just won’t go away. “You’re lucky if you discover it [quickly], and it takes a long time to remediate: 140 days for an organization to even detect a SQL injection attack” has occurred. “And 40% of them say it takes six months or longer to detect it… It’s nine months on average from start to finish.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail