Stay in the know with “The week in cybersecurity news,” a weekly report on all the industry headlines released every Friday. Sign up to get the report in your inbox every week.
IBM Awarded Patent for Network Security System Powered by Blockchain
Network security platforms are largely dependent on monitors and nodes within a network to feed data back to a centralized console for analytics. However, what happens when one or more of the monitors are compromised? Let’s take for instance a series of passive netflow analysis tools that are strung across various network boundaries. If one of the nodes is compromised, attackers could potentially manipulate the data streams to that of their desire. Concealment of illicit activities within these chains could spell disaster for organizations, especially to large networks that have thousands of nodes and monitors.
IBM has a potential solution for this problem and it’s built upon blockchain! The patent demonstrates how blockchain can be leveraged to distribute backups of network security events, across multiple nodes and monitors, to maintain integrity of the data. The concept is similar to that of traditional blockchain networks in the distributed system that combats unauthorized data manipulation.
Have a look at the coindesk article here.
Blockchain Security: So Good That Even Cyber-Criminals Use It.
The security and privacy benefits of blockchain are well known to both ethical and unethical parties. In decentralized networks, pinning down one particular source can be extremely difficult. Attackers are now leveraging blockchain’s power in what is called “distributed DNS”. Traditional cybercrime activities are hosted on the dark web or deep web. This leverages a series of tor nodes to conceal activities and provide anonymous browsing. However, there are weaknesses in the tor node methodology that has left cybercriminals to seek other options.
Blockchain-based DNS offers addresses that are unregulated by authorities like ICANN or Nominet. Basically, criminals can use this to split their sites into different nodes along the random paths. This would basically put the tor network on super steroids and offer even more concealment. Furthermore, for authorities to shut down these illicit sites, they may need to pin down all of the distributed sites in the mesh. This could add a whole new level of complexity in thwarting cybercriminals.
Get the scoop here.
Cyber-Criminals Want Fortnite Gamers Bitcoin Wallets
With over 1250 million active players on the popular game Fortnite, it is not a surprise that attackers have targeted them. A recent blog from Malwarebytes demonstrated a sophisticated attack technique that hid malicious files within supposed “gaming cash”. The malicious files contained hooks to steal browser sessions, cookies, crypto wallets, and even Steam sessions.
While malvertising and social engineering are not new tactics, targeting the crypto wallets of gamers is relatively new. Gamers beware as you may be led into some new-age traps. If it seems to good to be true, it most likely is.
Catch the full article here.
Cloud Service Providers: The New Target of Chinese Hacker Group APT 10
A recent report, from the Department of Homeland Security describes a new campaign that is targeting managed service providers (MSP’s) and Cloud Service Providers (CSP’s). The attackers are targeting such businesses due to their levels of access over other customer networks. Basically, if attackers hit these entities and infiltrate, then they could potentially have access to a large number of networks within the chain. These attacks could be devastating to say the least.
The Chinese cybercriminal group, known as APT 10 (Advanced Persistent Threat 10) is thought to be behind these attacks. It has been stated that the attackers are using variants of the PlugX and RedLeaves malware to infiltrate. News such as this is a testament to the need for supply chain security across all industries. Hacker groups are looking for the best return on their investment and managed providers are certainly juicy candidates.
Want to Login with Facebook? Think Twice.
What would it be like if hackers compromised one of the largest password managers in the world? Oh wait, they just did. While Facebook is not a password management site by any means, there are a plethora of third party sites and applications that use Facebook’s Single Sign On (SSO) feature. This is a really big problem and a gigantic data breach.
Just this week, hackers took on the social media giant. They managed to exploit a series of bugs within Facebook’s pages that granted them access to access tokens. This technique gave them full access to accounts. If the attack was limited to just Facebook, the public may actually chalk this up to a laughable situation, at best. However, with so many third parties connected to Facebook’s SSO, the attack surface expanded quite rapidly. Attackers could have accessed the third party sites and performed secondary or tertiary attacks. The future may hold more fallout from this massive breach but for now, the investigation is continuing.
Have a peak at the Wired article here.
Chinese Mini Spying Chips Found on 30 American Company Servers
A small microchip, almost the size of a grain of rice has been implanted and deployed out to systems belonging to the U.S. military, Amazon, Apple, and many other organizations. This is a massive hit to the supply chain industry and one that was in the crosshairs of a top-secret U.S. investigation for the last 3 years. The chips had been situated on the motherboards of servers and sent out to various public and private entities.
Nation-state hacker groups are constantly seeking new methods to spy on U.S.-based agencies and companies. Whether for military secrets, intellectual property, or trade-secrets; the actors working around the world are always looking for a way in.
Catch the full scoop here.