Vulnerabilities Broke Records Yet Again in 2017

Meanwhile, organizations still struggle to manage remediation.
Source: Vulnerabilitys & Threats

Rewriting the Social Contract for Aging

Technology and Aging

Imagine you had a magic wand, and with a quick flip you cast America with an aging “social contract.” One in which few go to college and most would retire by age 65. Many of whom stay withdrawn and dependent until their passing.

Would you be shocked that nobody noticed? Many Americans and hundreds of millions of others throughout the developed world still adhere by this contract. The problem? This “aging” contract is not suited to fit today’s society – one which scientific progress has yielded longer, healthier lives, and an urbanized world, with a steadily declining birthrate.

We must develop a new social contract, recognizing that population aging is about more than retirement, hip replacements, and senior healthcare. Today, wealth creation, global competitiveness, economic growth, and the sustainability of political systems depend as much on capturing the power of a nation’s over-65 population as any other factor on the global agenda.

For America, a new aging strategy could be a transformative instrument of national leadership. As the entire world struggles to manage the unstoppable demographic shift and to pioneer models for a multigenerational active society, we are already late to act—but not too late to chart a leadership course.

A decade ago, former Intel CEO Craig Barrett delivered the keynote address at the White House Conference on Aging. Barrett addressed what strategies could be deployed to care for the tens of millions of boomers about to turn 65. At that time, we were all still firmly committed to our 20th-century assumptions about what it means to age, which wasn’t about driving economic growth, but rather, about avoiding risks. Today, things have changed.

When living in China, I saw firsthand how long-enduring social and family structures are upended by aging. As one of the world’s most rapidly aging populations, China understands the issue isn’t just “more old people.” It’s about establishing an entirely different life course and reconsideration of the many assumptions that shaped life in the 20th century. It’s about social, political, and economic well-being.

We need to spark a serious dialogue on how to design an American aging strategy that enables and supports an extended healthy, active, and happy life course. This debate must be framed as a search for American global competitive advantage in the 21st century. Unless we stop scientific discovery in its tracks, we must frame the debate to proactively focus on achieving and harnessing the lifespan of 100 healthy, active years that humans will enjoy by the end of this century.

We have barely begun to prepare; our policies and institutions must adapt. To achieve this goal, a new social contract must answer these three overarching questions.

1. How can the United States reframe aging to regain global leadership and competitive advantage?

Traditional thinking positions old age as a time of dependency, inactivity, and disengagement, when today’s breakthroughs in technologies and health sciences rewrite aging as a process that is healthy, active, and productive.

The new national aging strategy must recognize aging in terms of millennials and their children as much as boomers and their parents. The basic tenets of society—education, work, and healthcare—must be cast as lifelong questions, not as issues only relevant to certain age groups. If it matters to older people, it will be a concern to all generations.
Technology helps break down old barriers. Every country in which Intel has a presence is working mightily to make healthcare smarter, more efficient, and available to more people than ever before. Only through the total digitization, decentralization, and personalization of healthcare can the accessibility, economics, and capability of the system hope to meet the growing need.

Technology is also opening new opportunities for education. Countless college courses are available online and enable “mature” students to continue their educations, despite unforgiving schedules.

A lifelong approach to education will serve a multigenerational workforce that can reignite and sustain American economic growth.

The metric for success is ultimately economic growth and job creation, which will open opportunities for all generations, including those who need sustained care and support.

2. What are the game changers? How do we implement them?

It’s important to realize that “retirement age” is an arbitrary construct left over from a bygone era. What relevance does the 65-year-old retirement age have today? Not much. Many countries have raised the age, and at least one, Singapore, replaced its Retirement Age Act with a Retirement & Re-employment Act in 2012 that requires a company to make an offer of post-retirement employment.

“Retirement” needs to be retired. Health policy must be a tool to enable healthier and active aging. When reframed along these lines, the money spent on healthcare is not a cost, but an investment. The logic for strategic investment is well understood in other facets of life. Consider, for example, how society views spending on childhood education. No one will argue childhood education isn’t an investment in the future.

There are a number of critical, age-related health conditions that stand in the way of active aging, such as skin and muscle deterioration or vision and hearing loss, but the keystone is Alzheimer’s disease. Alzheimer’s is correlated to age — with the risk elevating to about one in two for ages 85 and over. The disease already consumes 1 percent of global GDP per year, roughly $604 billion. With the number of people with Alzheimer’s expected to double to 75.6 million by 2030, the human and economic costs are incalculable. We must control or cure Alzheimer’s.

Sizable efforts are underway to better understand, treat, and ultimately cure neurological diseases, but the complexity is enormous. Advances in technology; high performance computing and “big data” analytics are propelling the speed at which scientists gain understanding of the composition and interactions of the tiny genes and proteins in our bodies.

One such development comes from a collaboration between the Michael J. Fox Foundation and Intel Corporation, which combine wearables, apps, and big data analytics to provide tremor, sleep, gait, and balance monitoring Parkinson’s data to researchers. Technology allows researchers to shine lights on the dark corners of scientific knowledge to enable new discovery.

In his presidency of the G7, former British Prime Minister David Cameron made beating Alzheimer’s a priority.  Japanese Prime Minister Shinzō Abe supported this goal during the G7 in Tokyo in 2016. Now, it’s time for the United States to step up.

3. How can we leverage our homes, communities, and cities for real results?

In the years since the launch of the World Health Organization’s Age-friendly Cities and Communities Network, the organization has proved to be an important public policy structure for positive and active aging. Across the United States, a number of high profile cities have become age-friendly, providing essential services like education, health, and transportation for older citizens, with public, private and technology capabilities to enable and drive change. Think wearables and connected sensors.

This is only one way health delivery and social welfare systems are starting to use technology to “place shift” care to the home for substantial reductions in cost, working to avoid hospital-acquired complications; to coordinate efficient service delivery horizontally across the health and social welfare silos.

America can still capture the opportunity within an aging population to pave the road for national prosperity, competitive advantage, and ongoing innovation. Aging is about the future of all generations, and our duty today is to design the new 21st-century social contract for the new normal — 100 years of active and healthy life.

To stay informed about Intel IoT developments, subscribe to our RSS feed for email notifications of blog updates, or visit, LinkedIn, Facebook and Twitter.

Source: Network News

Generating Your Own Threat Intelligence Feeds in ThreatStream

Getting threat intelligence into your existing security products – SIEMs, endpoints, network tools — can significantly enhance their effectiveness. Here at Anomali we understand the value of product integrations, so much so that my entire job is to manage the 30+ we currently offer.

Recently we launched a feature that allows you to create your own threat intelligence feeds in CSV, JSON and STIX format for consumption by other products. They’re super simple to setup…

Step one: Create a saved search

Use ThreatStream’s search functionality to define the type of indicators you want to include in your feed. I used the search:

(itype="mal_domain") and (status="active") and (confidence>=95)

Translated into English; only include malware domain indicators type that are currently reported as active with a very high confidence score of 95 assigned by ThreatStream.

Once the constraints meet the requirements for your feed, select “save as” to convert it into a saved search you can use across ThreatStream.

Step two: Create a custom integration

In ThreatStream navigate to: Settings > Integrations > New Integration

The pop-up modal will allow you to configure the settings for your feed including:

  • The search filter (set in step one)
  • The feed format (JSON, CSV or STIX)
  • The fields to be included in the feed (35 available to select)

Once you hit save, ThreatStream will create a custom URL for your feed.

Step three: Add your feed to your existing products

You can now use the URL generated in step two as a feed source to any products that can ingest threat feeds in the configured format. 

The feed is updated on a set schedule (every 4 hours in the example above). If you’re asked for a polling interval make sure to set it equal to this schedule so you’re not making more requests than necessary.

Here’s an example using Splunk’s Enterprise Security Threat Intel Download input. In the screenshot above, I’ve created an input for my ThreatStream CSV threat feed. Once active, the indicators will be consumed by Splunk ES and used for log enrichment within the app.

My product does not support CSV, JSON or STIX inputs…

There are currently 30+ native integrations supported by ThreatStream — Splunk, QRadar, Arcsight, Carbon Black, Palo Alto Networks

Trying to do integrate with a product that’s a little more niche? Let us know on the Anomali forum.

Source: Honeypot Tech

Taking the cyber No-Fly list to the skies

In our last post, we talked about how companies can use the concept of a No-Fly list to keep malicious actors out of their networks. So how does a cyber No-Fly list work in a real situation? We spoke with one of our customers, Alaska Airlines, about how they make the most of threat intelligence and the threat intelligence sharing community to protect their networks from malicious attacks.

Jessica Ferguson, Director of Information Security Architecture at Alaska Airlines, has implemented threat intelligence programs at multiple large enterprises. “Threat intelligence gives us visibility into known security threats, letting my team focus more time on hunting for unknown threats,” says Ferguson.

Threat intelligence in action

At Alaska Airlines, Ms. Ferguson collects threat intelligence from research partners, internal sources and even other airlines. She then integrates this intelligence with security infrastructure, including firewalls, intrusion detection systems, endpoint monitoring tools and security monitoring solutions. In doing so, she automates detection and blocking of known threats in the network and on the endpoint wherever possible.

Ms. Ferguson states threat “indicators” (malicious cyber “fingerprints”) vary in confidence. I.e., certain indicators are very high confidence, meaning there is near certainty that the traffic is malicious. The network can take automated action in response to these high confidence threats, including blocking traffic from that source. In other instances, there is lower confidence, in which case Ms. Ferguson puts these events through a cyber “secondary screening” process. This involves a more manual investigation into the traffic, understanding what took place, what process initiated traffic, what changes were made, whether files were downloaded, etc.

In fact, “the hunt begins in the gray area” according to Ms. Ferguson, referring to the need to examine less obvious security threats. “The beauty of this approach is we may detect potential threats based on suspicious behavior or strange network activity. We then dig into the traffic and may discover a unique, specific threat indicator, which then feeds into our threat intelligence program – and gets integrated with all our security infrastructure – which starts the whole process loop again.” In many cases an investigation into one suspicious indicator will lead to a discovery of an entire new family of threats – taking unknown threats and making them known.

The web of known threats becomes much wider as companies share and exchange this kind of information. Threat sharing has become a critical element of Ms. Ferguson’s security arsenal, “just as the TSA shares no-fly list dossiers with other intelligence agencies.” In the last few years numerous Information Sharing and Analysis Centers (ISACs) have formed. These are communities of organizations, often aligned with a specific industry (e.g., Aviation ISAC, Financial Services ISAC, Automotive ISAC), where members collaborate with each other on cybersecurity topics and share intelligence. Ms. Ferguson frequently engages other airline security teams to discuss threats targeting their sector. 

To pinpoint malicious humans, the FBI recognized that knowledge of their activities outside of what’s observable at the last point of entry is a necessity. While airline passengers and digital traffic are not interchangeable, enterprises need to recognize that the same level of knowledge is required to better identify and stop dangerous digital traffic

* Missed part 1 of this series? Check it out here. Want to read the original article, posted on Harvard Business Review. Read it here

Source: Honeypot Tech

WTB: Olympic Destroyer Takes Aim At Winter Olympics

The intelligence in this week’s iteration discuss the following threats: Compromised server, Cryptocurrency miner, Data theft, Malspam, Phishing, Targeted attacks, Underground markets, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.

Trending Threats

Olympic Destroyer Takes Aim At Winter Olympics (February 12, 2018)
On February 11, 2018, Winter Olympic officials confirmed that the games were struck by a cyber-attack shortly before the opening ceremony on February 9. The target was the official Pyeongchang 2018 website. The website was inaccessible for approximately 12 hours. In addition, the internet and televisions stopped working in the main press center, as well as the Wi-Fi in the Pyeongchang Olympic stadium, according to the U.K. newspaper outlet The Guardian. Cisco Talos researchers believe with moderate confidence that they have identified malware samples used in this attack. The malware, dubbed “Olympic Destroyer,” appears to have been used with the objective to disrupt the games by rendering affected machines “unusable by deleting shadow copies, event logs and trying to use PSExec & WMI to further move through the environment.”
Click here for Anomali recommendation

Thousands of Government, Orgs’ Websites Found Serving Crypto Mining Script (February 12, 2018)
Security researcher Scott Helme discovered that the U.K.’s Information Commissioner’s Office (ICO) had a crypto miner installed on it. Further investigation led Helme to discover that the cause of this incident was the compromise of the “Browsealoud” service run by U.K. firm Texthelp; the service uses a JavaScript that “adds speech, reading, and translation to websites.” Texthelp’s script server was compromised and threat actors added an obfuscated script to the Browsealoud one that would limit the processing power of the crypto miner to assist in staying hidden. Researchers believe that approximately 4,200 websites were infected as a result of this incident.
Click here for Anomali recommendation

Lenovo Warns Critical Wi-Fi Vulnerability Impacts Dozens of ThinkPad Models (February 9, 2018)
Lenovo has released a security advisory in which they state that 24 of its ThinkPad models are to firmware vulnerabilities registered as “CVE-2017-11120” and “CVE-2017-11121.” These are the same firmware vulnerabilities that were patched by Apple and Google for their products in September 2017. The vulnerabilities are associated with controllers used by Broadcom’s wireless LAN driver that contain buffer overflow vulnerabilities. The buffer overflow can be exploited by threat actors to acquire arbitrary code execution on the adapter.
Click here for Anomali recommendation

U.S. Arrests 13, Charges 36 in “Infraud” Cybercrime Forum Bust (February 8, 2018)
The U.S. Department of Justice (DOJ) has announced that it has filed charges against 36 individuals for “Alleged Roles in Transnational Criminal Organization Responsible for More than $530 Million in Losses from Cybercrimes.” The DOJ worked with Asian, Australian, and European officials during this takedown called “Operation Shadow Web.” The individuals are believed to be influential members of an underground cybercrime forum called “Infraud.” The forum, which began in October 2010, had approximately 11,000 members prior to the takedown, who bought, sold, and traded various data and malwares including ATM skimmers, botnet hosting, credit card accounts, and malware.
Click here for Anomali recommendation

UDPOS – Exfiltrating Credit Card Data via DNS (February 8, 2018)
A Point-of-Sale (POS) malware, dubbed “UDPOS,” is being distributed by threat actors by impersonating a service pack provided by “LogMeln,”. According to Forcepoint researchers one sample, of UDPOS, has been observed in the wild, and there is evidence to suggesting it is being used. Evidence consists of LogMeln file names and Command and Control (C2) URLs. If the fake package is downloaded and the file named “update.exe” is executed, the content of the file is automatically launched with 7-Zip’s “RunProgram” feature. The malware then creates a new service to maintain persistence on an affected system. UDPOS is designed to steal magnetic stripe data (Track 1 and Track 2) from debit and credit cards by scraping the memory of running processes.
Click here for Anomali recommendation

Targeted Attacks In The Middle East (February 7, 2018)
Cisco Talos researchers have published their researcher regarding a new campaign consisting of targeted attacks against the Middle East. The threat actor(s) behind this campaign are using lure documents that purport to be “written by the Jordanian publishing and research house, Dar El-Jaleel.” Dar El-Jaleel is an organization now for their research and publications regarding the Palestinian-Israeli and Sunni-Shia conflicts. The campaign begins with a VBScript document titled “From inside Iran’s secret war in Syria.vbs” that generates a PowerShell script that creates a Microsoft Office document called “Report.doc” and opens it. The document contains a macro that is capable of creating a Windows Script File (WSF) and execute it to register the infected machine with the Command and Control (C2) server. The script then performs a loop to continually contact the C2 to download additional payloads. The payloads are designed to steal the information from the affected machine such as architecture, IP address, operating system, and username in addition to maintaining persistence on the host.
Click here for Anomali recommendation

Cisco: You Need to Patch Our Security Devices Again for Dangerous ASA VPN Bug (February 6, 2018)
Cisco has stated that it has found that its Adaptive Security Appliance (ASA) software is vulnerable to a new attack vector that its engineers identified. This means that the update Cisco issued for ASA in late January does not apply in this scenario. According to Cisco, the vulnerability can be exploited by a remote actor “to cause a reload of the affected system or to remote execute code.”
Click here for Anomali recommendation

T-Mobile Is Sending a Mass Text Warning of “Industry-Wide” Phone Hijacking Scam (February 5, 2018)
T-Mobile has distributed text messages en masse to its cell phone customers warning them of potential hijacking activity. The threat actor’s objective in this campaign is to gain control over a T-Mobile customer phone number. This can be accomplished by an actor calling T-Mobile and impersonating a legitimate customer and requesting a new SIM card for the customer’s phone number; a SIM card associated with authentic customer’s phone number can give an actor control over that number. An actor could also, again via social engineering, call T-Mobile and request that the phone number be moved to another provider. Once an actor has control over a phone number, he/she can pivot to other malicious activities to gain illicit revenue. This activity could include resetting passwords for financial accounts by asking a bank to send a reset link via text and two-factor authentication.
Click here for Anomali recommendation

Critical Flaw in Grammarly Spell Checker Could Let Attackers Steal Your Data (February 5, 2018)
Google Project Zero researcher Tavis Ormandy discovered a vulnerability in the “Grammarly” spell-checking extension for Chrome and Firefox. The vulnerability affects approximately 22 million Grammarly users by exposing authentication tokens to all websites that a user visits. A threat actor could exploit this vulnerability could steal said authentication tokens with a measly four lines of code, according to researchers.
Click here for Anomali recommendation

Malspam Using PDF Attachments to Push Dridex since 2018-01-30 (February 5, 2018)
Security researchers have observed a malspam campaign that is distributing the “Dridex” banking trojan via PDF file attachments. The PDF attachment contains a fake Google reCaptcha image that, when clicked, directs a user to a location that requests a 7-Zip (.7z) file be downloaded. Download and extraction of the 7-Zip file will unarchive a VBScript file that when run will result in Dridex infection.
Click here for Anomali recommendation

Source: Honeypot Tech

Getting into Tech…for the Non-Technical

My name is Teddy Powers. I have worked for Anomali (formerly ThreatStream) for almost the last three years and it’s been one of the best experiences of my life. But if you looked at my résumé or LinkedIn, much like anyone else, you’d do a double take.

How in the world did he score a job with a great firm in a technical sales role with a marketing degree, 9 months of experience on Wall Street, a couple internships and a summer job as a caddy? One word: networking. I’ve never been the smartest person in the room (sorry Mom and Dad), but I will outwork the competition and achieve as much knowledge in my domain as I can to be the best asset to my team.

I am very fortunate to be connected to one of the smartest and most successful women in the cyber security industry. It’s not your typical happy hour/LinkedIn story of networking, but I had attended elementary school in a small town with this person. She told me about her career path and that she was working for a threat intelligence platform company with great leadership. I asked that if any opportunities with the company ever came up in sales that she reach out. On a cold day in February 2015, I got the call, but it wasn’t for an entry level sales position. She told me they were looking for a junior sales engineer, which at the time I thought may as well be like applying for a position with NASA. I decided the worst outcome was I’d meet some new people to add to my network.

Thus began the interview process. I was lucky that before ever getting hired by Anomali, my connection became a great mentor and coach to me. She took the time out of her busy schedule to give me the basics on what to study up on for the interview. Getting a job in tech is a like becoming a parent for the first time – you have no choice but to dig into the available subject matter.

As great as it would have been if I could have downloaded a knowledge repository into my brain, I took to the web and sunk my teeth into anything I could find. I was lucky that 2014 had been the year of the breach, so there was plenty of live reading material about the global threat landscape. I studied up on everything from acronyms I might come across to industry competitors (and I promise I didn’t have it all down – my manager and I still laugh about comparing a file hash to a fingerprint).

After throwing my hat in the ring, 2 phone conversations drastically changed my life and career path. Upon deciding I was at least worth meeting in person, I got the opportunity to meet a couple representatives from the company who have gone on to become some of my greatest mentors and champions.

When going into an interview and a position that would be considered outside your realm, my best advice is be honest with yourself and your level of knowledge. On my technical interview, I used some of the most powerful words anyone can use in their professional life, “I don’t know.” Instead of attempting to fudge my through an interview topic, I was honest with my future manager as to what I knew or studied up and what I didn’t. I didn’t think much of it at the time, but now reflecting on it, being upfront about your knowledge level is going to help you figure out if the position is a good fit, especially if you’re breaking into a new field.

Expect week 1 on the new job to be knowledge overload. A leader within the company said to me early on, “Don’t try to cram it all in, just take a bit from the firehose and build on it everyday.” This is so crucial to what your reality is going to be – are you going to go home at night overwhelmed or with the mindset of “my knowledge is starting to grow?”

If you’re as fortunate as I was to have them take a chance on you to prove yourself, find a mentor at the company who is willing to invest in you. I’m willing to go out on a limb and say great companies hire people who are willing to invest not only in themselves, but those who join the company after them. This is something I genuinely think people need to consider and even ask about in an interview. See if they reflect fondly on someone at the company who invested in them or if they gush about how they had to do it on their own.

Get to know your team and how to be the best team player. This has been probably the number one reason I’ve been able to succeed at Anomali. Early on, I was thrust into projects that could have made my head explode (looking at you, lengthy RFPs) and reflecting back on it, I’m so thankful I was. I was so far out of my comfort zone from a knowledge and writing perspective. It should have been enough to scare me away. Taking on projects that are going to challenge you and force you to learn are excellent experience. When you come across things you don’t know, this provides an opportunity to form a relationship with the subject matter experts (SME) in the company. Again, in this situation, be a sponge and take a little bit from the firehose. Some sources that I found helpful – SANS, Dark Reading, Information Week, Medium, and Forbes.

Know your strengths and weaknesses. This comes back to being honest with yourself as to what you know. Refer to the above and figure out who your in house SMEs are and pick their brains. This creates a secondary SME in you and that person may be more likely to invest in you because you’ve taken initiative and some of the burden of being the lone expert off their shoulders. In turn, this also makes you more of an asset and a better team player.

Invest in yourself. If you are serious about making a change the way I did – go look into certifications in that field and, if you’re committed, buckle down and get one! It shows your potential employer that you are already devoting yourself to learning more about the field and have a level of discipline not everyone does.

Throw your hat in the ring – every time. Because I took that chance, uprooted my life and moved across the country for a job that I didn’t have any formal training, I have landed amongst some of the best people and opportunities a young person could have asked. There’s still a magnet on the fridge at home my mom put up that says “Life begins at the end of your comfort zone.” To anyone thinking about making a change like this, reach out – the least I can do is pay it forward.

Thanks to Colby DeRodeff, Trish Cagliostro, Trevor Welsh and Gabe Martinez for taking that chance on me and to everyone else who has invested in my professional and personal growth and development at Anomali.

Source: Honeypot Tech

Retailer Resolutions for 2018

Retail Rush Hour

The numbers are in and the results are clear. Retailers enjoyed a very good holiday season. Not only was U.S. retail spending up 4.9 percent over the previous year, but a new tax law promises to leave both businesses and many consumers with more money to spend in 2018. The critical question for retailers now is this: How can they capitalize on this changed landscape when the next holiday season rolls around in November?

The answer, according to Steve Dennis, a leading retail consultant, blogger, and former executive at Neiman Marcus and Sears, is a mixture of traditional tactics and investment in new technologies. That’s why retail analysts are forecasting increased experimentation with new tech tools in 2018.

With an eye on making the most of the next holiday season, Dennis breaks down how smart retailers are already using technology to drive sales.

The future of retail: how to maximize margins in 2018

1. Better preparation with data science and AI

“The more data you have, the better able you are to do just about anything. I think if you understand customer behavior and customer profitability, there’s certainly an ability to better maximize your margins.

Looking forward, artificial intelligence is going to inform how any brand is going to evolve its customer experience—both from a personalized marketing standpoint as well as how to make assortments more relevant.”

2.  Build a smarter supply chain

“The better you can predict demand by ultimate distribution point, the better you can actually buy and package the product. If you get that out of balance then that causes some problems. Either more markdowns or risk of being out of stock. As science gets better your inventory flow and some of your specific decisions can be better optimized.”

3. Offer data-driven discounts

“If you really understand your customers you don’t do one-size-fits-all promotions very often because you would understand that there are plenty of people that would buy without a 20 percent discount. And there’s plenty of people for whom 20 percent is not enough of a discount.

There’s a lot of money, in theory, that can be made by investing in data science and targeting your marketing for greater return on investment.”

4. Line breaking with mobile point of sale systems

“This certainly helps deal with the crush of people. But sometimes there’s more of a psychological benefit to customers. Like with drive-in fast food, it doesn’t actually speed up the time it takes you to get your food, but it speeds up the time it takes you to place your order so you feel like it is going faster.”

5. Order online, pick up in store

“Customers often would come to the store to pick up their order, and they’d buy stuff that they weren’t planning to. So it can be a good incremental traffic-driver and can grow transaction value. And lots of retailers are figuring out that this is just what you have to do to stay competitive.

Moving forward, I think you will see a lot more curbside pick-up or drive-throughs. That’s fundamentally changed the store design of pharmacies, for example. The same thing for fast food restaurants years ago. I think we’ll see over time that retailers will rethink not only the interiors of their stores, but their store exteriors to be able to facilitate more convenient pick-up and return of product.”

Get the most out of the holiday season with better connected stores. See how the Intel Responsive Retail Platform uses data-driven insights to deepen customer engagement, improve inventory management, and streamline store operations. Find out more here.

Source: Network News

Cisco Issues New Patch for Critical ASA Vulnerability

Cisco engineers discover that the flaw in Adaptive Security Appliance devices is worse than they initially understood.
Source: Vulnerabilitys & Threats

North Korean Cybersecurity Profile

North Korea, or more formally, the Democratic People’s Republic of North Korea (DPRK), is no stranger to international headlines. Most notably, it has captured attention in recent years for its nuclear testing and ballistic missile launches. Events in the cyber landscape have brought negative attention to North Korea as well. The United States officially blamed North Korea for the WannaCry attack last year as well as the destructive attack on Sony Pictures in 2014.

Much of the negative attention is not without merit. North Korea has developed a formidable cyber capability and has been tied to various financial attacks, cyber espionage, and destructive attacks in the recent past. South Korean organizations are a favorite target but attacks are not limited to South Korea. While attribution in these attacks is often far from conclusive, the choice of targets, likely attack motivations, and techniques and tools utilized tend to narrow the list of possible suspects.

With the upcoming 2018 Winter Olympics in PyeongChang, South Korea, suspicions have been raised around potential North Korean cyber activity specifically around espionage or financial theft. A recent agreement with South Korea regarding North Korean participation in the Olympics has lowered tensions. Despite this, cyber activity from North Korea remains a possibility.

For organizations, understanding various elements driving North Korea’s cyber activities provides insight into any risk exposure the organization may have coming from North Korea.

Details regarding suspected North Korean cyber attacks such as:

  • Favored targets
  • Motivations
  • Specialized tools
  • Common techniques used
  • The geopolitical landscape affecting North Korea and the surrounding region

Gathering and consuming available open and closed source intelligence on suspected activity associated with North Korean actors helps provide key knowledge in each of these areas. Armed with as good of an understanding as possible, organizations can create a strong and highly tailored analysis that highlights specific areas where there is elevated risk to North Korean attackers.

However, another, much darker possibility looms on the horizon. Recent concerns have been raised by U.S. officials around the possibility of North Korea soon having nuclear-armed missiles capable of hitting the United States. To preempt this capability, the U.S. may elect to execute a targeted military strike to knock down North Korea’s nuclear program. Such an attack may prompt a cyber response from North Korea. Entities in the United States, South Korea, or their allies could see potentially destructive attacks in retaliation. This is a possibility  that should be taken seriously into consideration.
Anomali has produced a landscape report on North Korea to provide a high level view of the country and it’s cyber capabilities. It is available for free download here.

Source: Honeypot Tech

How Rogue Ales Makes a Great Beer from Wet Hops, Clean Water and Innovation

Rogue beers

The challenge is local and global. The world has a major perishables problem. A full 30 percent of all perishable produce and products never make it all the way from the farm to the table. For Rogue Ales in Newport, Ore., that means that some of their hops can’t be used in the best way possible, which means they can’t produce the best beer possible.

Intel has become a key ingredient in delivering fresh goods through more efficient supply chain tracking tools and management.

For the US and the world, that means less theft, less rotting and better food. For Rogue, that means fresher hops and better beer.

Hoppy Hazards

Fresh goods and efficient supply chain

Rogue produces hops meant to be used in brewing “fresh hop” or “wet hop” beers. In other words, the hops are not dried in the field but are shipped quickly for immediate use in breweries. In fact, these hops have to be dropped into a vat of beer within 12 hours of harvest, or they start to go bad.

And fresh hops can be more hazardous than you might expect. If they overheat, the volatile oils with which the brewer infuses them can infiltrate the beer and produce an “off” flavor. Think about how lovely compost smells as it decomposes. Who’d want to drink that?

Connected Reporting

Hops being shipped

Enter the Intel Connected Logistics Platform. Rogue learned that this platform is used in the shipping of 1.1 billion units of products to 24 warehouses in 68 countries worldwide. Logistics experts rely on Intel technology because the platform brings clear visibility on each shipment, helping them see exactly where the freight is and what condition it’s in.

Intel’s multifaceted tracking strategy empowers shippers to look at data on each shipment, immediately react to that data, and optimize around that data, helping future shipments arrive on time with minimal losses. All these insights are driven by Edge Intelligence, powered by a quad core processor inside of each gateway, which can deliver data whether it’s connected or not.

Saving the Hops

Using the Intel Connected Logistics Platform, Rogue set out to collect temperature and humidity data on its shipments of hops, at every stage between the hop yard and the brewery. Intel’s sensors tracked each shipment’s location via GPS and noted whether temperature or humidity rose above or below acceptable boundaries.

With the help of nearly real-time data on each step of the transit process, Intel Connected Logistics Platform has given Rogue the power to take diligent care of each shipment of wet hops. After the hop harvest process, each shipment gateway is tagged with three tags per bin – one at the top, one in the middle, and one at the bottom – to ensure comprehensive tracking from the harvest all the way to the brewing vat.

As a result of Intel’s in-depth tracking, Rogue’s shipments of hops now stay more consistently fresh. The proof is in the hops: Take a taste, and see for yourself.

To stay informed about Intel IoT developments, subscribe to our RSS feed for email notifications of blog updates, or visit and Twitter

Source: Network News