Atomic Wallet hack leads to at least $35M in stolen crypto assets

Read Time:29 Second

A cyberattack on crypto wallet Atomic Wallet has resulted in at least $35 million worth of crypto assets being stolen since June 2, according to ZachXBT. The five most significant losses account for $17 million. 

“Think it could surpass $50m. Keep finding more and more victims sadly,” said Twitter user ZachXBT, who is an on-chain investigator known for tracing stolen crypto funds and assisting with hacked projects.

The biggest victim of the Atomic Wallet was an individual who reportedly lost $7.95 million in Tether. 

To read this article in full, please click here

Read More

The Software-Defined Car

Read Time:1 Minute, 47 Second

Developers are starting to talk about the software-defined car.

For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock brakes, a module there to run the cruise control radar, and so on. Now engineers and designers are rationalizing the way they go about building new models, taking advantage of much more powerful hardware to consolidate all those discrete functions into a small number of domain controllers.

The behavior of new cars is increasingly defined by software, too. This is merely the progression of a trend that began at the end of the 1970s with the introduction of the first electronic engine control units; today, code controls a car’s engine and transmission (or its electric motors and battery pack), the steering, brakes, suspension, interior and exterior lighting, and more, depending on how new (and how expensive) it is. And those systems are being leveraged for convenience or safety features like adaptive cruise control, lane keeping, remote parking, and so on.

And security?

Another advantage of the move away from legacy designs is that digital security can be baked in from the start rather than patched onto components (like a car’s central area network) that were never designed with the Internet in mind. “If you design it from scratch, it’s security by design, everything is in by design; you have it there. But keep in mind that, of course, the more software there is in the car, the more risk is there for vulnerabilities, no question about this,” Anhalt said.

“At the same time, they’re a great software system. They’re highly secure. They’re much more secure than a hardware system with a little bit of software. It depends how the whole thing has been designed. And there are so many regulations and EU standards that have been released in the last year, year and a half, that force OEMs to comply with these standards and get security inside,” she said.

I suppose it could end up that way. It could also be a much bigger attack surface, with a lot more hacking possibilities.

Read More

SAFE Security claims to predict data breaches with new generative AI offering

Read Time:57 Second

AI-based cyber risk management SaaS vendor SAFE Security has announced the release Cyber Risk Cloud of Cloud – a new offering it claims uses generative AI to help businesses predict and prevent cyber breaches. It does so by answering questions about a customer’s cybersecurity posture and generating likelihoods for different risk scenarios. These include the likelihood of a business suffering a ransomware attack in the next 12 months and the dollar impact of an attack, the firm added. This enables organizations to make informed, prognostic security decisions to reduce risk, SAFE Security said.

The emergence of generative AI chat interfaces that use large language models (LLMs) and their impact on cybersecurity is a significant area of discussion. Concerns about the risks these new technologies could introduce range from the potential issues of sharing sensitive business information with advanced self-learning algorithms to malicious actors using them to significantly enhance attacks. Some countries, US states, and enterprises are considerting or have ordered bans on the use of generative AI technology such as ChatGPT on data security, protection, and privacy grounds.

To read this article in full, please click here

Read More

CISOs, IT lack confidence in executives’ cyber-defense knowledge

Read Time:34 Second

IT security teams lack confidence in their executives’ ability to prevent attacks on their personal hardware, systems, and network. This is according to a study sponsored by BlackCloak, a provider of digital privacy protection for high-profile executives, Ponemon Institute surveyed 553 US IT and IT security practitioners.

Asked to rate from 1 to 10 how confident they were in CEOs and executives’ abilities to know how to recognize a phishing email, only 28% of respondents were confident. A similar percentage (26%) applying to security teams’ trust in high-level executives to securely set up their home network and protect their personal computers from viruses.

To read this article in full, please click here

Read More

USN-6112-2: Perl vulnerability

Read Time:22 Second

USN-6112-1 fixed vulnerabilities in Perl. This update provides the
corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu
22.10, and Ubuntu 23.04.

Original advisory details:

It was discovered that Perl was not properly verifying TLS certificates
when using CPAN together with HTTP::Tiny to download modules over HTTPS.
If a remote attacker were able to intercept communications, this flaw
could potentially be used to install altered modules.

Read More

curl-8.0.1-2.fc38

Read Time:9 Second

FEDORA-2023-37eac50e9b

Packages in this update:

curl-8.0.1-2.fc38

Update description:

fix more POST-after-PUT confusion (CVE-2023-28322)
fix IDN wildcard match (CVE-2023-28321)

Read More

curl-7.85.0-9.fc37

Read Time:9 Second

FEDORA-2023-8ed627bb04

Packages in this update:

curl-7.85.0-9.fc37

Update description:

fix more POST-after-PUT confusion (CVE-2023-28322)
fix IDN wildcard match (CVE-2023-28321)

Read More

Three ways agribusinesses can protect vital assets from cyberattacks

Read Time:5 Minute, 36 Second

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

In an era where digital technology increasingly underpins food production and distribution, the urgency of cybersecurity in agriculture has heightened. A surge of cyberattacks in recent years, disrupting operations, causing economic losses, and threatening food industry security- all underscore this escalating concern.

In April 2023, hackers targeted irrigation systems and wastewater treatment plants in Israel. The attack was part of an annual “hacktivist” campaign, and it temporarily disabled automated irrigation systems on about a dozen farms in the Jordan Valley. The attack also disrupted wastewater treatment processes at the Galil Sewage Corporation.

In addition, in June 2022, six grain cooperatives in the US were hit by a ransomware attack during the fall harvest, disrupting their seed and fertilizer supplies. Adding to this growing list, a leading US agriculture firm also fell victim to a cyberattack the same year, which affected operations at several of its production facilities.

These incidents highlight the pressing need for improved cybersecurity in the agricultural sector and underscore the challenges and risks this sector faces compared to others.

As outlined in a study, “Various technologies are integrated into one product to perform specific agricultural tasks.” An example provided is that of an irrigation system which “has smart sensors/actuators, communication protocols, software, traditional networking devices, and human interaction.”

The study further elaborates that these complex systems are often outsourced from diverse vendors for many kinds of environments and applications. This complexity “increases the attack surface, and cyber-criminals can exploit vulnerabilities to compromise one or other parts of the agricultural application.”

However, the situation is far from hopeless. By taking decisive action, we can significantly strengthen cybersecurity in the agricultural sector. Here are three strategies that pave the way toward a more secure future for the farming industry:

1. Strengthening password practices

Weak or default passwords are an easily avoidable security risk that can expose vital assets in the agricultural sector to cyber threats. Arguably, even now, people have poor habits when it comes to password security.

As per the findings of a survey conducted by GoodFirms:

A significant percentage of people – 62.9%, to be exact – update their passwords only when prompted.
45.7% of people admitted to using the same password across multiple platforms or applications.
More than half of the people had shared their passwords with others, such as colleagues, friends, or family members, raising the risk of unauthorized access.
A surprising 35.7% of respondents reported keeping a physical record of their passwords on paper, sticky notes, or in planners.

These lax password practices have had tangible negative impacts, with 30% of users experiencing security breaches attributable to weak passwords.

Hackers can use various methods, such as brute force attacks or phishing attacks, to guess or obtain weak passwords and access sensitive information or control critical systems.

Therefore, agricultural organizations need to make passwords stronger. Here are some of the critical steps these organizations need to take:

Encourage using strong, unique passwords (8+ characters, mixed letters, numbers, symbols).
Implement regular password changes (every three months or upon a suspected breach).
Enforce multi-factor authentication on all systems.
Update network passwords regularly to invalidate stolen credentials.
Use a password keeper/generator app for secure password storage.
Discourage password sharing or reuse across platforms.
Avoid using dictionary words, common phrases, or personal info in passwords.
Deploy a password management tool for efficient password handling.

2. Maintaining updated systems

In the digitally transformed landscape of agriculture, known vulnerabilities linked to outdated software and hardware present significant cybersecurity risks. Cybercriminals often exploit these weaknesses in such systems, compounding the cybersecurity challenges faced by the industry.

The Ponemon Institute, in a comprehensive study, found that 60% of organizations that experienced a breach said it occurred due to a known vulnerability that was left unpatched, even though a patch was available. Further complicating matters, the study reported that 88% of IT teams had to coordinate with other departments when patching vulnerabilities. This coordination added an extra 12 days before a patch could be applied, leaving systems vulnerable for a more extended period.

As we’ve seen from the damaging agricultural infrastructure attacks, neglecting cybersecurity in the context of known vulnerabilities can lead to significant problems. Regular updates and patches are not just good practice—they’re a crucial first line of defense against cyberattacks. In the digitally transforming world of agriculture, this is not merely an option—it’s a necessity.

3. Securing operational technology traffic

Given the scale of the risks associated with known vulnerabilities, it’s clear that agribusinesses face a significant cybersecurity challenge. However, the threats are not confined to these known issues alone. The unknown vulnerabilities, particularly those associated with Operational Technology (OT) systems, present another layer of risk that has recently come into focus.

The growing prevalence of Internet of Things (IoT) devices in contemporary agriculture amplifies these concerns. If not adequately secured, these devices can expand the attack surface, offering potential attackers an open door to critical systems.

Highlighting the severity of such issues, Itay Glick, VP of Products at OPSWAT, brings up the cyberattack on irrigation systems in Israel. He pointed out that weak passwords and outdated OT devices were a significant part of the problem. He noted that “there was a critical vulnerability in a specific device dated back to 2015 (CVE-2015-7905), which could have been exploited by any average hacker.”

The vulnerability Glick referred to underscores the importance of regularly updating OT devices. “If this was the case, this underscores the importance of scanning and validating that OT devices are updated,” he emphasized.

This dual approach – segregating OT traffic and monitoring it – provides a solid defense strategy. Segregation makes it more challenging for attackers to access critical systems, while monitoring allows for early detection of any potential threats. Agribusinesses must heed this advice, as the digital landscape continues to evolve, and the stakes continue to rise.

Conclusion

Cyber threats pose grave risks, with the potential to disrupt operations and cause hefty financial losses. Plus, the enduring harm to brand image and customer trust post-attack can be tough to bounce back from. A thorough assessment of current cybersecurity protocols, identification of potential vulnerabilities, and application of the discussed solutions should be on top of the list. These steps encompass the use of robust and unique passwords, segregation and monitoring of OT traffic, and consistent updating of software and hardware.

In the final analysis, agribusinesses that can integrate these cybersecurity measures into their operations are better positioned to secure their future in the rapidly evolving agricultural landscape.

Read More