3954 stories
·
0 followers

Touting Government/Industry 'Partnership' on Security Practices, NIST Drafts Cybersecurity Framework Update

1 Share
Remember NIST, the non-regulatory agency of the U.S. Department of Commerce? Their mission expanded over the years to protecting businesses from cyberthreats, including a "Cybersecurty Framework" first published in 2014. "The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation's critical infrastructure, such as bridges and the electric power grid," NIST wrote in January, "but the framework has been widely adopted by many types of organizations across the country and around the world." Now SC Media reports: The second draft of the update to the National Institute of Standards and Technology's cybersecurity framework, NIST 1.1, is meant "to clarify, refine, and enhance the Cybersecurity Framework, amplifying its value and making it easier to use," according to NIST. Specifically, it brings clarity to cybersecurity measurement language and tackles improving security of the supply chain. Calling the initial NIST CSF "a landmark effort" that delivered "important benefits, such as providing common language for different models" of standards and best practices already in use, Larry Clinton, president and CEO of the Internet Security Alliance, said "it fell short of some of the most critical demands of Presidential Executive Order 13636, which generated its development... "To begin with, the new draft makes it clear that our goal is not some undefined metric for use of the Framework, but for effective use of the Framework. Moreover, this use-metric needs to be tied not to some generic standard, but to be calibrated to the unique threat picture, risk appetite and business objective of a particular organization"... Clinton praised the process used by NIST as "a model 'use case' for how government needs to engage with its industry partners to address the cybersecurity issue." The internet's inherent interconnectedness makes it impossible for sustainable security to be achieved through anything other than true partnership, he contended. Slashdot reader Presto Vivace reminds you that public comments on the draft Framework and Roadmap are due to NIST by 11:59 p.m. EST on January 19, 2018. "If you have an opinion about this, NOW is the time to express it."

Read more of this story at Slashdot.

Read the whole story
tain
7 hours ago
reply
Share this story
Delete

'Process Doppelganging' Attack Bypasses Most Security Products, Works On All Windows Versions

2 Shares
An anonymous reader quotes a report from Bleeping Computer: Yesterday, at the Black Hat Europe 2017 security conference in London, two security researchers from cyber-security firm enSilo have described a new code injection technique called "Process Doppelganging." This new attack works on all Windows versions and researchers say it bypasses most of today's major security products. Process Doppelganging is somewhat similar to another technique called "Process Hollowing," but with a twist, as it utilizes the Windows mechanism of NTFS Transactions. "The goal of the technique is to allow a malware to run arbitrary code (including code that is known to be malicious) in the context of a legitimate process on the target machine," Tal Liberman & Eugene Kogan, the two enSilo researchers who discovered the attack told Bleeping Computer. "Very similar to process hollowing but with a novel twist. The challenge is doing it without using suspicious process and memory operations such as SuspendProcess, NtUnmapViewOfSection. In order to achieve this goal we leverage NTFS transactions. We overwrite a legitimate file in the context of a transaction. We then create a section from the modified file (in the context of the transaction) and create a process out of it. It appears that scanning the file while it's in transaction is not possible by the vendors we checked so far (some even hang) and since we rollback the transaction, our activity leaves no trace behind." The good news is that "there are a lot of technical challenges" in making Process Doppelganging work, and attackers need to know "a lot of undocumented details on process creation." The bad news is that the attack "cannot be patched since it exploits fundamental features and the core design of the process loading mechanism in Windows." More research on the attack will be published on the Black Hat website in the following days.

Read more of this story at Slashdot.

Read the whole story
tain
1 day ago
reply
Share this story
Delete

The Cryptocurrency Crackdown

1 Share

Bitcoin value reached a new high this week, topping $12,000 for the first time, but otherwise cryptocurrencies have not been enjoying a banner PR season. For instance, there was the Nov. 1 Motherboard article “One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week,” shaming wealthy bitcoin miners for their prodigious energy consumption and the toll their virtual currency is taking on the physical planet. The same day, the U.S. Securities and Exchange Commission warned celebrities about promoting cryptocurrencies. Soon after came a high-profile alleged theft of millions from an unauthorized bitcoin wallet. Then, this week, the SEC’s new cyber unit announced it had filed its first ever complaint, signaling that the agency is getting serious about regulating cryptocurrency enterprises. The complaint alleges that cryptocurrency firm PlexCorps defrauded customers and—more significantly—failed to follow rules for U.S. securities offerings. The latter charge in particular hints that the unsustainability of cryptocurrencies might be due to more than just carbon emissions.



Read the whole story
tain
4 days ago
reply
Share this story
Delete

NiceHash Hacked, $62 Million of Bitcoin May Be Stolen

1 Share
New submitter Chir breaks the news to us that the NiceHash crypto-mining marketplace has been hacked. The crypto mining pool broke the news on Reddit, where users suggest that as many as 4,736.42 BTC -- an amount worth more than $62 million at current prices -- has been stolen. The NiceHash team is urging users to change their online passwords as a result of the breach and theft.

Read more of this story at Slashdot.

Read the whole story
tain
4 days ago
reply
Share this story
Delete

NiceHash diced up by hackers, thousands of Bitcoin pilfered

1 Share

Mining outfit says its entire wallet gone, estimated $62m

Cryptocurrency mining market NiceHash says it has fallen victim to a hacking attack that may have resulted in the loss of its entire Bitcoin wallet.…

Read the whole story
tain
4 days ago
reply
Share this story
Delete

Inside Baidu's Bid To Lead the AI Revolution

1 Share
mirandakatz writes: China's search giant missed mobile: As WeChat and Alibaba deftly transformed their companies to suit mobile, Baidu stayed stuck in browser mode. It can't afford to make that mistake with the AI revolution -- and, as Jessi Hempel writes at Backchannel, it just might have an edge in its bid to come out on top. There's huge governmental support for AI in China, including a plan to make the country the world leader in AI by 2030, and it has double the number of people online than America does -- AKA vast quantities of raw data. Hempel traveled to Beijing to chronicle this tenuous moment in Baidu's history, and has delivered a deep look at Baidu's AI be on AI, speaking with key leaders including CEO Robin Li and COO Qi Lu. She writes that 'Robin Li is doubling down on a future beyond 2017. In that future, Baidu is not a series of products, but rather an engine that belongs inside everything -- an engine that powers Baidu back to dominance in China, and possibly far beyond.'

Read more of this story at Slashdot.

Read the whole story
tain
4 days ago
reply
Share this story
Delete
Next Page of Stories