Cybersecurity in the Energy Sector

The report proposes that the European Commission should analyse potential threats to cybersecurity within the EU and how to combat them, and also encourage EU energy regions to cooperate and share information about cybersecurity risks.
Source: Cybersecurity and digital privacy newsletter

Source: Privacy Online

Source: Zologic

Artificial intelligence being turned against spyware

Two Horizon 2020 projects, SecTrap and ProBOS, demonstrate how artificial intelligence can teach computers to spot malicious tinkering with their own code.
Source: Cybersecurity and digital privacy newsletter

Source: Privacy Online

Source: Zologic

Workshop on a European ICT security certification framework

In its July 2106 Communication on Strengthening Europe’s Cyber Resilience System, the European Commission has committed to develop a proposal for a European ICT security certification framework. As a follow-up on this commitment, the European Commission, together with the European Union Agency for Network and Information Security, is organising a consultation workshop with industry and experts from Member States.
Source: Cybersecurity and digital privacy newsletter

Source: Privacy Online

Source: Zologic

A universal security infrastructure for ISPs and corporate networks: the SHIELD project

The recently launched EU-funded SHIELD project proposes a universal solution for dynamically establishing and deploying virtual security infrastructures into ISP (Internet Service Provider) and corporate networks.
Source: Cybersecurity and digital privacy newsletter

Source: Privacy Online

Source: Zologic

Build the wall: a huge wall (of LEDs)

London-based Solid State Group decided to combine Slack with a giant LED wall, and created a thing of beauty for their office.

Solid State LED wall Raspberry Pi

“BUILD THE WALL we cried aloud. Well, in truth, we shouted this over Slack, until the pixel wall became a thing.” Niall Quinn, Solid State Group.

Flexing the brain

Project name RIO: Rendered-Input-Output took its inspiration from Google Creative Lab’s anypixel.js project. An open source software and hardware library, anypixel.js boasts the ability to ‘create big, unusual, interactive displays out of all kinds of things’ such as arcade buttons and balloons.

Every tech company has side projects and Solid State is no different. It keeps devs motivated and flexes the bits of the brain sometimes not quite reached by day-to-day coding. Sometimes these side projects become products, sometimes we crack open a beer and ask “what the hell were we thinking”, but always we learn something – about the process, and perhaps ourselves.

Niall Quinn, Solid State Group

To ‘flex the bits of the brain’, the team created their own in-house resource. Utilising Slack as their interface, they were able to direct images, GIFs and video over the internet to the Pi-powered LED wall.

Solid State LED wall Raspberry Pi

Bricks and mortar

They developed an API for ‘drawing’ each pixel of the content sent to the wall, and converting them to match the pixels of the display.

After experimenting with the code on a small 6×5 pixel replica, the final LED wall was built using WS2812B RGB strips. With 2040 LEDs in total to control, higher RAM and power requirements called for the team to replace their microcontroller. Enter the Raspberry Pi.

Solid State LED wall Raspberry Pi

“With more pixels come more problems. LEDs gobble up RAM and draw a lot of power, so we switched from an Arduino to a Raspberry Pi, and got ourselves a pretty hefty power supply.”

Alongside the Slack-to-wall image sharing, Solid State also developed their own mobile app. This app used the HTML5 canvas element to draw data for the wall. The app enabled gaming via a SNES-style controller, a live drawing application, a messaging function and live preview capabilities.

Build your own LED wall

If you’re planning on building your own LED wall, whether for an event, a classroom, an office or a living room, the Solid State team have shared the entire project via their GitHub page. To read a full breakdown of the build, make sure you visit their blog. And if you do build your own, or have done already, make sure to share it in the comments below.

The post Build the wall: a huge wall (of LEDs) appeared first on Raspberry Pi.

Source: RaspberryPi – IOT Anonimo

Source: Privacy Online

Source: Zologic

Commission's top scientific advisers publish opinion on Cybersecurity in the Digital Single Market

The High Level Group of the Commission’s Scientific Advice Mechanism (SAM) has published a new independent scientific opinion on cybersecurity in the Digital Single Market. At the request of the Commission Vice-President Andrus Ansip, the scientific advisers make a number of recommendations to make it easier and safer for people and businesses to operate online in the EU.
Source: Cybersecurity and digital privacy newsletter

Source: Privacy Online

Source: Zologic

The All-Seeing Pi: a Raspberry Pi photo booth

Have you ever fancied building a Raspberry Pi photo booth? How about one with Snapchat-esque overlay filters? What if it tweeted your images to its own Twitter account for all to see?

The All-Seeing Pi on Twitter

The All Seeing Pi has seen you visiting @Raspberry_Pi Party @missphilbin #PiParty

Introducing The All-Seeing Pi

“Well, the thing I really want to say (if you haven’t already) is that this whole thing was a team build”, explains one of the resource creators, Laura Sach. “I think it would be a brilliant project to do as a team!”

The All-Seeing Pi Raspberry Pi Photo Booth

The resource originally came to life at Pycon, where the team demonstrated the use of filters alongside the Camera Module in their hands-on workshops. From there, the project grew into The All-Seeing Pi, which premiered at the Bett stand earlier this year.

The All-Seeing Pi on Twitter

The All Seeing Pi has seen you, @theallseeingpi #PiatBETT #BETT2017

Build your own photo booth

To build your own, you’ll need:

  • A Camera Module
  • A monitor (we used a touchscreen for ours)
  • Two tactile buttons (you can replace these later with bigger buttons if you wish)
  • A breadboard
  • Some male-female jumper leads

If you’re feeling artistic, you can also use a box to build a body for your All-Seeing Pi.

By following the worksheets within the resource, you’ll learn how to set up the Camera Module, connect buttons and a display, control GPIO pins and the camera with Python code, and how to tweet a photo.

The All-Seeing Pi Raspberry Pi Photo Booth

Raspberry Pi Foundation’s free resources

We publish our resources under a Creative Commons license, allowing you to use them for free at home, in clubs, and in schools. The All-Seeing Pi resource has been written to cover elements from the Raspberry Pi Digital Curriculum. You can find more information on the curriculum here.

Raspberry Pi Digital Curriculum


The post The All-Seeing Pi: a Raspberry Pi photo booth appeared first on Raspberry Pi.

Source: RaspberryPi – IOT Anonimo

Source: Privacy Online

Source: Zologic

Weekly Threat Intelligence Briefing – March 28, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.

Trending Threats

This section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing and can be used for indicator matching against your logs.

Fraudsters Using GiftGhostBot Botnet to Steal Gift Card Balances (March 25, 2017)
Researchers have identified a new botnet named GiftGhostBot, that has been targeting ecommerce gift card systems since at least late February 2017. Retail company websites around the globe are actively being attacked by this sophisticated botnet. Actors are using automation to check various account numbers against retail websites to discern if they exist. If the account number exists, the attacker can use it to purchase goods, or sell the account information on underground markets.
Recommendation: eCommerce site owners must take every step necessary to secure their data and safeguard their payment card information. A bad experience at a retailer site may mean the loss of revenue as impacted users search for alternative.
Tags: Botnet, GiftGhostBot, eCommerce

Advanis Tech Support Screenlocker (March 24, 2017)
A new tech support scam, and possibly the actor behind the scam, has been identified to be targeting Windows machines. The scam is distributed when a user visits a malicious domain. First an installer will attempt lock the screen with an executable called MT. The screen will then display an image which purports that the PC/Device needs to be repaired because a component of the operating system has expired. A number is provided to contact a cybercriminal that assists the caller in installing malicious programs on their machine.
Recommendation: Technical support scams are common threats facing individuals and companies alike. Any image that appears that requests a phone number be called in order to receive assistance in repairing a machine is likely fake. Often times there are research blogs that provide instructions to remove malware related to these type of scams from an infected machine. Policies should also be in place to educate your employees on the proper steps to avoid these scams, and who to inform if such an instance occurs.
Tags: Tech support scam

New Targeted Attack Against Saudi Arabia Government (March 23, 2017)
A new spear phishing campaign has been identified to be targeting Saudi Arabia governmental organizations. This campaign requires macros in Word document attachments to execute malicious code. The unique characteristic of this campaign is that after infection, the malware will distribute itself to every contact located in an Outbox inbox.
Recommendation: Spear phishing emails represent a significant security risk because the sending email will often appear legitimate to the target; sometimes a target company email is compromised and used for such emails. Education is the best defense, inform your employees on what to expect for information requests from their managers and colleagues. Employees should also be aware of whom to contact when they suspect they are the target of a possible spear phishing attack.
Tags: Spear phishing

Third-Party App Stores Delivered via the iOS App Store (March 23, 2017)
Malicious applications have again made it into the Apple App Store, one of which leads users to a third-party application store, according to Trend Micro researchers. The application appears to be Japanese and translates to “Household Accounts App.” The third-party application store is contained inside the Household Accounts applications. The third-party store contains several malicious applications that were identified to be harvesting AppleID credentials and other information stored on the device.
Recommendation: Always keep your mobile phone fully patched with the latest security updates. Use the Google Play Store/Apple App Store to obtain your software, and never install software from unverified sources. Furthermore, it is important to research an application before downloading and do not trust the software based on ratings alone.
Tags: Mobile, Apps

Microsoft Word File Spreads Malware Targeting Both Apple Mac OS X and Microsoft Windows (March 22, 2017)
Fortinet researchers have discovered a malicious Word document in the wild that targets both Windows and macOS systems. The Word document spreads malware by executing Visual Basic for Applications (VBA) code after macros have been enabled by a user. Researchers believe that malware affecting macOS and Windows operating systems may be a new trend among threat actors.
Recommendation: At the time of this writing, the distribution method for the malicious Word document has not been reported, however, it does serve as a reminder to avoid documents that request Macros to be enabled. All employees should be educated on the risk of opening attachments from unknown senders. Anti-spam and antivirus protection should be implemented and kept up-to-date with the latest version to better ensure security.
Tags: Malicious Word, Malware, macOS, Windows

Lithuanian Man’s Phishing Tricked US tech Companies Into Wiring Over $100m (March 22, 2017)
A man named Evaldas Rimasuaskas has been arrested in Lithuania by authorities for charges related to a fraudulent email compromise campaign. Rimasuaskas and his accomplices impersonated a computer manufacturing company, and used phishing emails to trick two major U.S. companies into wiring them approximately $100 million over two years. The FBI was able to work with the unnamed affected companies and Lithuanian law enforcement to recover “much of the stolen funds.”
Recommendation: It is important to educate your employees on the risk that phishing attacks represent because these kind of schemes are a constant threat. One employee who falls victim to a phishing attack could potentially infect an entire company’s network, or result in employee credentials being stolen that could lead to further theft of sensitive information. Additionally, policies should be in place for employees regarding who to notify when phishing attempts are identified.
Tags: Phishing, Fraud

LastPass Extensions Can Be Made to Cough Up Passwords, Deliver Malware (March 22, 2017)
Google researcher Tavis Ormandy has discovered that the password manager “LastPass” has vulnerable extensions for Chrome and Firefox web browsers. A malicious website is potentially able to exploit a flaw in the LastPass Remote Procedure Call (RPC) that could grant full control of the extension to an attacker. Additionally, if the binary component is installed in Chrome, a malicious website would be capable of executing a script to download malware onto the machine visiting the website.
Recommendation: Web browser extensions are useful applications in everyday activities, however, using them should be done so with caution and updates should always be applied as soon as they are offered. While LastPass has offered a small fix addressing one of the vulnerabilities, this story serves as a reminder that it may be best for your company to turn off extensions until all of the flaws have been addressed. Additionally, policies should be in place regarding the proper use and downloading of extensions that have been vetted by the appropriate personnel.
Tags: Vulnerable extensions

Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom (March 21, 2017)
A threat group calling themselves the “Turkish Crime Family” has claimed to have access to over 300 million iCloud accounts. The group is demanding that Apple pay them $75,000 in Bitcoin or Ethereum, or $100,000 in iTunes gift cards. The group has been unclear in the amount of accounts they purport to have access to; the amount has ranged from 200 to 559 million. The group claims that they will erase the data on the accounts on April 7 if they have not received payment by that time. At the time of this writing, it is unclear if the Turkish Crime Family actually has access to any iCloud accounts.
Recommendation: Your company should implement security policies on accounts that store any sensitive information. Multi-factor authentication, and frequent password changes can help protect trade secrets and other forms of sensitive data.
Tags: Threat group, iCloud

Canada and the U.K. Hit by Ramnit Trojan in New Malvertising Campaign (March 21, 2017)
Researchers at Malwarebytes Labs have discovered a new malicious advertising (malvertising) campaign targeting users via pop-under advertisements. The pop-under advertisements appear in a new web browser and are primarily targeting users in Canada and the U.K. If the malvertisement is followed, a user will be infected with the information stealing malware “Ramnit.” Ramnit is capable of stealing banking and file transfer protocol credentials.
Recommendation: Malvertising techniques are constantly being improved by cybercriminals, so keeping software updated with the latest security patches is critical for users and enterprises. This includes both the operating system and all applications being used. Make sure there is a security system in place that can proactively provide a comprehensive defense against attackers targeting new vulnerabilities.
Tags: Malvertising, Ramnit trojan, Malware

Global Spam Volume Goes Back Up to Deliver Huge Pump-and-Dump Scam (March 21, 2017)
The actors behind the notorious Necurs botnet have begun to increase their infected machines’ activity, according to researchers. The activity is in the form of malicious spam (malspam) advertising a supposed opportunity to purchase shares that are purported to increase in value 10 times its current price. This tactic is a stark change from typical Necurs activity, which usually conducts its spam attempts to direct recipients to malicious links that aim to distribute ransomware.
Recommendation: Always be on high alert while reading email, in particular when it has attachments, attempts to redirect to a URL, comes with an urgent label, or uses poor grammar. Use anti-spam and antivirus protection, and avoid opening email from untrusted or unverified senders.
Tags: Malspam, Necurs

Swearing Trojan Continues to Rage, Even After Authors’ Arrest (March 21, 2017)
Tencent Security researchers have disclosed information on a new Android malware dubbed “Swearing Trojan.” The trojan received its name due to Chinese curses identified within its source code. The malware targets banking credentials and is capable of bypassing two-factor authentication. The trojan is distributed by hiding in infected applications that infect a user after download, and phishing conducted via SMS messages.
Recommendation: Mobile applications should only be downloaded from official locations such as the Google Play Store and the Apple App Store. Websites and documents that request additional software is needed in order to access, or properly view content should be properly avoided. Additionally, mobile security applications provided from trusted vendors are recommended.
Tags: Mobile, Swearing trojan, Malware, Phishing

Big Surprise: Chinese PUPs Deliver Backdoored Drivers (March 20, 2017)
Researchers have discovered that multiple Potentially Unwanted Programs (PUPs) secretly install drivers that contain backdoors. The drivers contain malicious code that is capable of bypassing Windows security features and escalating privileges by running code with kernel-level access. The backdoored driver has been distributed since at least 2013, and is located in the following Chinese applications: Android rooting toolkit, Calendar application, driver updater, USB drive helper utility, and a WiFi hotspot location.
Recommendation: The threat of preinstalled malware has the possibility of hiding from even the most cautious of users; if the devices listed here are being used by your company they should be properly wiped and restored. Additionally, it is important that mobile devices connecting to corporate and personal networks have trusted antivirus software installed that it always kept up-to-date.
Tags: Mobile, PUP, Backdoor, Malware

Serious Flaws Found in Moodle Learning Platform (March 20, 2017)
The open source Moodle learning platform, which is used by teachers and professors around the globe, has been identified to contain a vulnerability registered as “CVE-2017-2641.” The vulnerability can be exploited by an authenticated Moodle user via an SQL injection attack to add a new administrator on the system. With an administrator account, an attacker can execute malicious PHP code by “uploading a new plugin or a template to the server.”
Recommendation: Maintaining policies that require software and applications are always running the latest version is paramount. Threat actors will often use vulnerabilities that have been discussed in open sources after patches have been released because sometimes proof-of-concept is also provided. Thus giving less sophisticated actors an opportunity to use the instructions that are provided.
Tags: CVE

Tax-themed Phishing and Malware Attacks Proliferate During the Tax Filing Season (March 20, 2017)
As tax season progresses, threat actors continue to use tax-themed attacks in attempts to steal sensitive information. Researchers have identified a phishing attack that claims that email recipients are eligible for a tax refund from senders pretending to be HM Revenue and Customs, the tax collection body in the U.K. Other phishing methods include actors sending a fake receipt for taxes that have already been filed. Other phishing attempts include subject lines claiming that taxes are overdue, a subpoena from IRS, or titled “I need a CPA.” Malicious attachments in the emails have been identified to contain information stealing Trojans.
Recommendation: Education is the best defense against phishing attacks. Poor grammar and urgent subject lines are often signs of phishing attempts. Employees should be aware of whom to contact when they suspect they are the target of a possible phishing attack.
Tags: Phishing

Observed Threats

This section includes the top threats observed from the Anomali Community user base as well as sensors deployed by Anomali Labs. A ThreatStream account is required to view this section. Click here to request a trial.

EITest Tool Tip
The EITest gate or Traffic Direction System (TDS) is a service used by criminals to direct web traffic to Exploit Kits (EKs) to install malware on victim’s computers. In the past EITest has been observed directing traffic to Angler, Neutrino, and the Rig EK.
Tags: EITest-gate, EITest

Source: Honeypot Tech

"Neural Lace," Extended Cognition, and Privacy


United States
Imagine a world, not as distant as we might like to think, where our individual thought processes are aided and improved by technologies external to the biologically-bequeathed neural matter that sits within our skulls and throughout our nervous systems. Further, these technologies are designed and optimized to perform these functions in such a way as to become automatic or invisible to their user. And rather than act as simple one-way conduits or repositories, they actively drive their user’s thinking in a manner that creates a two-way, symbiotic interaction between human and device. This interactive link between user and external object thus becomes so critical to the overall reasoning ability of the user that the removal of the object directly results in a decrease in the user’s overall cognitive abilities.
Let us also assume that, in this world, we have encountered the same questions about access to private data that we do in our world. Specifically, how do we define a “reasonable expectation of privacy” as it is currently understood under the Fourth Amendment to the U.S. Constitution, which regulates the government’s ability to search or seize citizens’ information? And how should we regulate—if at all—the “data capitalism” currently exercised by corporate giants like Google and Facebook (along with countless other entities)? 
Recently, Elon Musk announced the launch of a new company whose goal is to create direct links between human brains and computers. The “neural lace” technologies being researched by this company will “allow people to communicate directly with machines without going through a physical interface,” giving humans the ability “to achieve higher levels of cognitive function.” 
The world I have described–and being brought to reality through Musk’s company–borrows from Clark’s and Chalmer’s work on the nature of mind and cognition, specifically the question of “where does the mind stop and the rest of the world begin?” Their theory of active externalism raises a number of interesting questions as to our relationship to our data, the choices we make—consciously and unconsciously—about the use of these data, and our rather confused and inchoate ideas about individual data privacy.
To illustrate just one aspect of this, we can look to the current debate over strong encryption on user devices, specifically, the Apple iPhone. Briefly, when the FBI and other law enforcement agencies wish to examine the contents of a suspect’s iPhone (let us assume for these purposes that the FBI has obtained a warrant for this information), they sometimes find themselves stymied by the strong encryption Apple has made available through later versions of their hardware and software. Under previous versions of these devices, Apple has been able to assist law enforcement by unlocking these un- or lightly-encrypted phones. In the later versions, however, Apple has taken themselves out of this loop, creating encryption mechanisms that have no back door or master key. This has meant that recent (lawful) requests of Apple by law enforcement agencies to obtain data from these newer devices have been rejected.
U.S. Magistrate Judges have relied upon laws such as the All Writs Act to try to compel Apple to provide a solution to this problem. Apple, and other similarly-situated technology companies, have protested these orders on a number of bases both legal and technical. Senior law enforcement officials have responded by stating that no door (real or virtual) should be impervious to law enforcement keys.
The implications of this philosophy of all-seeing law enforcement become quite serious if we were to apply it to our imaginary world of extended cognition. For example, what happens to this equation if our symbiotic cognitive relationships with these objects become so seamless that we no longer have any conscious control over the flow of information to—and stored by—these devices? Further, what if the information we send these devices could be used to reconstruct our inner thought processes? How, then, do we consider the question of government access to individual data? Is there anything that would or should be off limits, even to a warrant or court order?
This is but one example of the privacy questions that I believe would need to be reexamined in our world of extended cognition. Other questions might fall along the lines of legislative and judicial interpretations of the extended cognition theory; if extended cognition can be viewed as a spectrum, what lines might be drawn as the objects become further attenuated?; would U.S. jurisprudence such as third-party doctrine apply? I am in the very early stages of framing this extended project, and am testing the waters as to its usefulness and viability. Comments and suggestions are welcome.
Focus Areas: 

Source: Cyber Law

Source: Privacy Online

Source: Zologic

Data Visualization: Keeping an Eye on Security

Visualization can be one of the most powerful approaches a security team can use to make sense of vast quantities of data. So why does it end up as an afterthought?
Source: Cyber Monitoring