October 26, 2015
-
Joe Franscella

Cybersecurity News In Review

<p>In the latest installment of our bi-weekly news round-up, readers will find news articles filled with key findings and insights about the most compelling cybersecurity news and events.</p><p>Below you’ll find a brief recap of breaking news and hot-topics in the security industry. Don’t forget to send us any interesting news you find and check back for our next news review!</p><p> </p><p><a href="http://arstechnica.com/security/2015/10/backdoor-infecting-cisco-vpns-steals-customers-network-passwords/">Backdoor infecting Cisco VPNs steals customers’ network passwords</a></p><p>Attackers are infecting a widely used virtual private network product sold by Cisco Systems to install backdoors that collect user names and passwords used to log in to corporate networks. The attacks appear to be carried out by multiple parties using at least two separate entry points. Once the backdoor is in place, it may operate unnoticed for months as it collects credentials that employees enter as they log in to company networks.</p><p><a href="http://www.zdnet.com/article/encryption-and-surveillance-the-unstoppable-force-and-the-immovable-object-of-the-internet-age/">Encryption and surveillance: The unstoppable force and the immovable object of the internet age</a></p><p>The US government has decided not - at least for now - to seek new laws to force tech companies to decode their customers&#39; encrypted communications. Over the last year there has been a gradually intensifying debate about what to do about the growth of end-to-end encrypted communications: because of the way these systems are designed, these messages are all-but-impossible to spy on.</p><p><a href="http://www.bloombergview.com/articles/2015-10-11/behind-great-firewall-malware-thrives-in-china">Has Malware Jumped Over China&#39;s Great Firewall?</a></p><p>For years now, China&#39;s elaborate efforts to censor and control the Internet -- collectively known as the Great Firewall -- have restricted what the world&#39;s biggest population of Netizens can see and how fast they can download. In recent weeks, however, Chinese-origin attacks on Apple&#39;s iOS and App Store have raised a discomfiting prospect: The closed-off Internet ecosystem China has created may be breeding malware that could affect the rest of us.</p><p><a href="http://www.nbcnews.com/tech/security/feds-fund-research-centers-protect-power-grid-cyberattacks-n443241">Feds Fund Research Centers to Protect Power Grid From Cyberattacks</a></p><p>Some $12.2 million will go to a research center led by the University of Arkansas, while another $22.5 million will be shared among the members of the University of Illinois Cyber Resilient Energy Delivery Consortium. Both will look into ways of protecting power grid elements — from the hardware that runs transformers to the software that power companies use — from cyberattacks.</p><p><a href="http://www.pcworld.com/article/2993865/privacy/us-proposal-aims-to-regulate-car-privacy-make-hacks-illegal.html#tk.rss_security">US proposal aims to regulate car privacy, make hacks illegal</a></p><p>A subcommittee of the U.S. House of Representatives has proposed requiring vehicle manufacturers to state their privacy policies. A proposed section on motor-vehicle data hacking would make it illegal and impose a civil penalty of up to $100,000 for each violation if a person accesses “without authorization, an electronic control unit or critical system of a motor vehicle, or other system containing driving data for such motor vehicle, either wirelessly or through a wired connection.” </p><p><a href="http://arstechnica.com/tech-policy/2015/10/hacker-releases-new-purported-personal-data-for-top-cia-dhs-officials/">Hacker releases new purported personal data for top CIA, DHS officials [Updated]</a></p><p>The person who claims to have hacked an AOL e-mail account belonging to John Brennan, the director of the Central Intelligence Agency, has now released a small spreadsheet with alleged personal information for a number of former and current government officials. The sample includes phone numbers, social security numbers, e-mail addresses, and level of security clearance and employment status in some cases.</p><p><a href="http://www.zdnet.com/article/state-sponsored-attack-facebook-will-now-tell-you-youve-been-hacked/">State-sponsored attack? Facebook will now tell you &#39;You&#39;ve been hacked&#39;</a></p><p>Facebook has started to notify users when it suspects they&#39;ve been targeted by government-sponsored hackers, rather by than run-of-the-mill cybercriminals. The notification users will see when Facebook detects that they are probably being targeted by a state-sponsored hacker advises them to turn on its two-factor authentication feature, Login Approvals, which requires the user give Facebook their phone number.</p><p> </p><p>Have any thoughts or comments? Tweet us @ThreatStream</p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.