Radio Stations Hacked Recently

Radio stations in South Carolina, Indiana, Texas, Tennessee and Kentucky, were hacked recently to broadcast the Bompton-based rapper YG and Nipsey Hussle’s anti-Trump song “F*** Donald Trump,” which was already a radio hit in some parts of the country last year, several sources report.

The song was repeatedly played on Monday night, according to the RadioInsight, and the news of the incident began emerging shortly after Trump’s inauguration on January 20, eight days before hackers hacked 70 percent of the police CCTV cameras in Washington DC.

Hackers gained access to the radio stations by exploiting known vulnerabilities in Barix Exstreamer devices which can decode audio file formats and send them along for LPFM transmission.

Read more in:
http://thehackernews.com/2017/02/radio-station-trump-hack.html

Using big data for security only provides insight, not protection

Cybersecurity experts are excited about big data because it is the “crime scene investigator” of data science. If your organization is hacked and customer information compromised, your use of big data to collect massive amounts of information on your systems, users and customers makes it possible for data analysts to provide insight into what went wrong.

But while big data can help solve the crime after it occurred, it doesn’t help prevent it in the first place. You’re still left cleaning up the mess left behind by the breach: angry customers, possible compliance issues with data privacy standards like HIPAA and PCI DSS, maybe even government fines and class-action lawsuits.

This is where big data fails to meet its big promise: when it is employed after a data breach happens. As the old saying goes, “Hindsight is the best sight.” Big data, when utilized after a cyberattack, certainly gives you that. However, what it doesn’t give you is the ability to realize that a breach is happening, or is about to happen, and stop it before massive damage is done. Because of this, big data, when used in a vacuum, will not secure your systems, your business, or any of your sensitive information.

Read more in:
http://www.networksasia.com: Using big data for security only provides insight, not protection Authority

Ransomware Infects D.C. Police Closed Circuit Camera Storage Devices

A ransomware attack caused storage devices for surveillance cameras used by police in Washington D.C. to be offline for three days in mid-January. The attack affected 70 percent of the devices that the police use to monitor public spaces. The ransom demand was not paid; instead, the city took the devices offline, removed all the software, and reset them.
Read more in:
https://www.scmagazine.com: Police camera system in D.C. hit with ransomware
http://www.theregister.co.uk: Ransomware killed 70% of Washington DC CCTV ahead of inauguration
https://www.washingtonpost.com: Hackers hit D.C. closed-circuit camera network, city officials disclose

Ransomware Costs Texas PD Eight Years of Evidence

The computer system at a police department in Texas became infected with Ransomware. The Cockrell Hill Police Department’s backup system had backed up its files only after they had been encrypted with the malware. The department decided not to pay the ransom after learning from the FBI that there was no guarantee their encrypted data would be returned. The lost files included video evidence in legal cases. The department has started notifying defense attorneys that the video evidence in those cases no longer exists.

Read more in:
http://www.theregister.co.uk: Texas cops lose evidence going back eight years in ransomware attack

Russian-Speaking Hacker Selling Access to the US Election Assistance Commission

Recorded Future threat intelligence technology identified chatter (not intelligence at that point) related to a suspected breach of the U.S. Election Assistance Commission (EAC).

Further research identified a Russian hacker (Recorded Future refers to this actor as Rasputin) soliciting a buyer for EAC database access credentials.

For more information visit https://www.recordedfuture.com/rasputin-eac-breach/.

Key Findings

  • On December 1, 2016, Recorded Future identified chatter related to a suspected breach of the U.S. Election Assistance Commission (EAC).
  • Recorded Future engaged the Russian-speaking actor (referred to as “Rasputin” in this research) to assess the full scope of the unauthorized access, and provided all relevant information to federal law enforcement.
  • Further analysis identified more than 100 potentially compromised access credentials, including some with administrative privileges.
  • Rasputin offered to sell an unpatched system vulnerability to a Middle Eastern government broker.
  • Recorded Future successfully attributed the EAC breach to Rasputin.

 

For more information visit https://www.recordedfuture.com/rasputin-eac-breach/.

Cyber Threat Intelligence?

What is cyber intelligence?

According to CERT-UK, cyber threat intelligence (CTI) is an “elusive” concept. While cyber security comprises the recruitment of IT security experts, and the deployment of technical means, to protect an organization’s critical infrastructure, or intellectual property, CTI is based on the collection of intelligence using open source intelligence (OSINT), social media intelligence (SOCMINT), human Intelligence (HUMINT) or intelligence from the deep and dark web. CTI’s key mission is to research and analyze trends and technical developments in three areas:

Cyber crime
Cyber activism
Cyber espionage (advanced persistent threat or APT)

Those accumulated data based on research and analysis enable states to come up with preventive measures in advance. Considering the seriousness impacts of cyber threats, CTI has been raised as a(n) efficient solution to maintain international security.

From Wikipedia, the free encyclopedia

Why does this matter?

So the idea behind cyber intelligence is to understand the intent of the adversary in order to develop better strategies for dealing with them, including whether to be offensive, defensive or both. This cyber intelligence is provided in the form of intelligence products that result from collecting, evaluating and interpreting available data concerning known cyber attacks and their surroundings activities. It is important to remember that cyber intelligence is just that intelligence not fact. It is the best educated guess at what your adversary may do based on the data available. The larger the pool of data, the better the analytical abilities and the more effective the countermeasures may only serve to delay, deflect or disengage the adversaries.

What cyber intelligence sources do you rely on?