While blockchain is among the hottest technologies in the enterprise security, data storage and file-sharing arenas, many experts question its use or even whether it's really as secure as billed.
CS Digest Section: Network Security
Has ‘Fireball’ Malware Infected 250 Million Computers? Microsoft Disputes Shocking Claim
Microsoft sparked a curious squabble over malware discovery and infection rates. At the start of the month security firm Check Point reported on a browser hijacker and malware downloader called Fireball. The firm claimed that it had recently discovered the Chinese malware and that it had infected some 250 million systems.
Malware Uses Router LEDs to Steal Data From Secure Networks
Specially-designed malware installed on a router or a switch can take control over the device’s LEDs and use them to transmit data in a binary format to a nearby attacker, who can capture it using simple video recording equipment.
Split Tunnel SMTP Exploit Explained
How Game Theory and Nash Equilibrium Can Help Decide Cybersecurity Responses
Watching the movie A Beautiful Mind, where Russell Crowe played John Nash, a professor of mathematics who won the Nobel Prize for his contributions to a complex concept called game theory, one would never guess that a hypothesis of his Nash equilibrium would someday help improve cybersecurity strategy.
Intel Patches Nine-Year-Old Critical CPU Vulnerability
Intel patched a critical vulnerability that dates back nine years and impacts business desktop PCs that utilize the company's Active Management Technology. According to an Intel security bulletin, the flaw could allow an adversary to elevate privileges on a vulnerable system.
https://threatpost.com/intel-patches-nine-year-old-critical-cpu-vulnerability/125331/
Windows Bug Used to Spread Stuxnet Remains World’s Most Exploited
The Windows vulnerability was first publicly disclosed in July 2010, a few days before security reporter Brian Krebs was the first to report on the Stuxnet outbreak.
Apache Struts 2 Under Zero-Day Attack, Update Now
Apache Struts 2 installations are being targeted - and hacked in large numbers - by attackers who are exploiting a zero-day flaw in the platform to remotely execute code, security researchers warn.
http://www.databreachtoday.com/apache-struts-2-under-zero-day-attack-update-now-a-9761
Samas Ransomware Uses Active Directory to Infect Entire Networks
Unlike most ransomware out there, which focuses mainly on encrypting local files, Samas spreads inside the entire network to encrypt files on every server and computer, the researchers say. This operation is performed in three steps: the attackers steal domain credentials, identify targets via Active Directory reconnaissance, and then move laterally through
http://www.securityweek.com/samas-ransomware-uses-active-directory-infect-entire-networks
Blockchain’s New Role In The Internet of Things
With next gen 'distributed consensus' algorithms that combine both security and performance, organizations can defend against DDoS attacks, even those that leverage IoT devices.
http://www.darkreading.com/iot/blockchains-new-role-in-the-internet-of-things/a/d-id/1328239?
