Tech News - Security

After the first preview of its Blockchain Cloud Service at OpenWorld last October, Oracle has confirmed the general release and availability of its Blockchain platform in an official press release this Monday. Before this release, Oracle’s pre-release version of  Blockchain Cloud Service was being used by different businesses across the globe such as Arab Jordan Investment Bank, Certified Origins, Solar Site Design, CargoSmart, etc. These organizations say have seen a major difference in their business after adopting Oracle’s Blockchain as a service (BaaS). For instance,  Andrea Biagianti, CIO of Certified Origins (Italy based olive oil producer) mentions that the company wanted to trace the products (Bellucci EVOO) that they sell in the market of United States across the entire supply chain. Oracle’s Blockchain service helped the company by making the implementation and collaboration of all the included parties quite simple. It also provided them with a competitive edge over the others in the market. “It adds a further level of transparency and information that is valuable for consumers looking for quality products and helps us to support the excellence of the small farms”, says Biagianti. This Blockchain service will be of great help to organizations in three major ways. Firstly, it provides them with a development platform to build their own Blockchain networks. Secondly, it allows integration with Oracle SaaS, existing third-party applications, Oracle PaaS and other Blockchain networks to drive more reliable transactions. Lastly, clients or customers can program and test smart contracts to automate processes over the Blockchain distributed electronic ledger. The new service is based on top of the Linux Foundation’s Hyperledger Fabric, which is a collaboration tool that comes with in-built infrastructure dependencies, REST proxy, and a number of monitoring and operation tools. It helps in building Blockchain based automated ledger such as smart contract technology. A smart contract is an automation tool based on the Blockchain technology. It gets rid of the middleman in a business by enabling automatic exchange of money, property, etc, in a transparent and hassle-free manner. According to Amit Zavery, executive vice president of Oracle Cloud Platform, “Blockchain promises to be one of the most transformative technologies of our generation”. This is quite true as Blockchain is helping transform businesses by making interactions more secure, efficient and cost-effective. It has also made the future Blockchain implementations easier. This means that as the Hyperledger specification evolves and makes new updates, there is no need for the developers to rewrite the company-specific Blockchain applications. Apart from that, new SaaS applications are being offered by Oracle for the Blockchain technology. These can be used in cases like track and trace, warranty and usage, cold chain, etc. Organizations wanting to avail Oracle’s Blockchain services can either pay per usage (without a contract) or via a monthly, yearly or a multi-year deal. There is also a 30-day free trial of the cloud service that the Customers can sign up for. Oracle Apex 18.1 is here! Oracle announces Oracle Soar, a tools package to ease application migration on cloud

Have you ever visited YouTube for watching some breaking news videos expecting to get all the info in one go but did not get what you expected? Videos use luring thumbnails and clickbait titles to attract more views and traffic. Most breaking news videos that follow such patterns are either fake, have a high level of misinformation or don’t clarify what the news really is. The news that continuously keeps popping up is most of the time, catchy. Google engineer, Guillaume Chaslot, who worked on the recommendation algorithm for YouTube, stated that this was purely designed to boost user engagement. To tackle this fake thread going around the popular video-sharing website, YouTube has initiated a $25 million plan to counter fake news and misinformation. In a Wired interview held in March, YouTube CEO, Susan Wojcicki announced new features which include updates to breaking news and conspiracy theories by adding information cues to every video. Information cues are short blocks of text based on moon landing and chemtrails, for example. Susan further added, “When there are videos that are focused around something that’s a conspiracy — and we’re using a list of well-known internet conspiracies from Wikipedia — then we will show a companion unit of information from Wikipedia showing that here is information about the event.” https://twitter.com/movandy/status/973688202530869248 Now, YouTube also features ‘authoritative’ content in their breaking news shelf. This means, news in this ‘authoritative’ section comes only from authoritative sources such as Google News and other providers who have applied to be part of Google News program. YouTube then uses a different set of algorithms to determine who within that group is authoritative. Later, based on this YouTube uses those news providers in their breaking news shelf, and their home feed. YouTube chief product officer Neal Mohan said, “Rather than recommending a video first, the algorithm will point to a text-based story surfaced by Google News. Results will be accompanied by a label reminding users that the story is still developing, and the info is "subject to change." These updated features for anti-fake news plan are currently active in 17 countries, including the US and YouTube is planning to double the reach in coming months. Python founder resigns. Guido van Rossum, goes ‘on a permanent vacation from being BDFL’ Facebook to launch AR ads on its news feed to let you try on products virtually Microsoft launches a free version of its Teams app to take Slack head on

In the real world, a person having multiple identities is said to have Dissociative identity disorder (DID); but what about the virtual world? Social media sites such as Facebook, Twitter, and so on have an equal number or even more fake identity profiles than real ones. It has set out on a mission to excise these fake and suspicious profiles from its platform. The committee plans to depreciate 214% more accounts on a yearly basis for violating its spam policies. Source: Twitter blog Twitter initiated this drive to improve the authenticity of conversations on the platform. It also aims to ensure users have access to information that is highly credible, relevant, and of a high-quality. Following this, it started off its battle against the fake profiles and has been constantly suspending fake accounts which are inauthentic, spammy or created via malicious automated bots. Instead of waiting for people to report on these accounts, the company is proactively dodging across problematic accounts and observing their behavior by using machine learning tools. These tools identify spam or automated accounts and automatically take necessary actions. Some plans Twitter has, to avoid fake account creation, include: Enabling a read-only mode to reduce visibility of suspicious accounts It plans to monitor the behaviour of every profile and update its account metrics in near-real time. This will help in knowing the number of followers an account has, or the number of likes or Retweets a Tweet receives, and so on. The account may even be converted into a read-only mode, if found behaving suspiciously. The account will be removed from follower figures and engagement counts until it has passed a challenge of conforming the account with a phone number. A warning is displayed against such read-only accounts to prevent new accounts from following it. Once the account passes the challenge, its footprint is restored. Improving Twitter’s sign-up process Twitter will make it all the more difficult for spam accounts to register for an account. The new accounts will also have to confirm either an email address or phone number when they sign up to Twitter. It also plans to working closely with its Trust and Safety Council and other expert NGOs to ensure this change does not affect people working in a high-risk environment where anonymity is necessary. This process would be rolled-out later this year. Auditing existing accounts for signs of automated sign-up It is also conducting an audit to secure a number of legacy systems used to create accounts. This process will ensure that every account created on Twitter passes some simple, automatic security checks designed to prevent automated signups. The new protections Twitter has recently developed as a result of this audit have already aided them in preventing more than 50,000 spam sign-ups per day. Malicious behavior detection systems being expanded They are also planning to automate some processes where suspicious account activity is detected by the behavior detection systems. Activities such as exceptionally high-volume tweeting using the same hashtag, or the same @username without a reply from the account. These tests vary in intensity, and may simply request the account owner to complete a simple reCAPTCHA process or a password reset request. Complex cases are automatically passed to the team for review. Twitter has fastened its seat belt and won’t stop until it takes down all the fake accounts from its platform. While this move is bold and commendable for a social network platform given the steep rise in fake news and other allied unsavory consequences of an ever-connected world, Twitter’s investors did not take it well. The company shares fell to around 9.7% on Monday, after it announced that it is suspending more than 1 million accounts a day. As per a Twitter statement, the account suspension doubled since October last year. Many speculate that this is a response to the congressional pressure the platform has been receiving regarding the alleged Russian fake accounts found on Twitter to interfere with the U.S elections held last year. The number reached around 7 million in May and June, and a similar pace continues in July. Though this move raises serious concerns around their falling user growth rate, this is an important step for the organization to improve the health of their social platform. Chief Financial Officer, Ned Segal, tweeted, "most accounts we remove are not included in our reported metrics as they have not been active on the platform for 30 days or more, or we catch them at sign up and they are never counted." I, for one, ‘like’ Twitter’s decision. Minor inconveniences are a small price to pay for a more honest commune and information sharing. Read more about this news on The Washington Post’s original coverage. Top 5 cybersecurity assessment tools for networking professionals Top 5 Cybersecurity Myths Debunked Top 10 IT certifications for cloud and networking professionals in 2018  

You might remember that back in January, fitness app Strava was revealed to be giving away military secrets. The app, when used by military personnel, was giving the location of some potentially sensitive information. Well, it's happening again - this time another fitness app, Polar, is unwittingly giving up sensitive military locations. The digital investigation organization Bellingcat was able to scrape data from 200 sites around the world. From this, it gained information on exercises by nearly 6,500 Polar users. The level of detail Bellingcat was able to gain was remarkable. It was not only able to learn more about military locations - information that could be critical to national security - but also a startling level of information about the people that work on them. The investigation echoes the Strava data leak. It emphasizes the (disturbing) privacy issues that fitness tracking applications have been unable to confront. But Bellingcat explains that Polar is actually one of the worst apps for publicizing private data. On Strava and Garmin, for example, it's only possible to see individual exercises done by users. "Polar makes it far worse by showing all the exercises of an individual done since 2014, all over the world on a single map." Polar is reveals dangerous levels of detail about its users Some of the information found by Bellingcat is terrifying. For example: "A high-ranking officer of an airbase known to host nuclear weapons can be found jogging across the compound in the morning. From a house not too far from that base, he started and finished many more runs on early Sunday mornings. His favorite path is through a forest, but sometimes he starts and ends at a car park further away. The profile shows his full name." The investigators also revealed they were able to cross-reference profiles with social media profiles. This could allow someone to build up a very detailed picture of a member of the military or security personnel. Some of these people have access to nuclear weapons. Bellingcat's advice to fitness app users Bellingcat offers some clear advice to anyone using fitness tracking apps like Polar. Most of it sounds obvious, but it's clear that even people that should be particularly careful aren't doing it.  "As always, check your app-permissions, try to anonymize your online presence, and, if you still insist on tracking your activities, start and end sessions in a public space, not at your front door." The results of the investigation are, perhaps, just another piece in a broader story emerging this year about techno-scepticism. Problems with tech have always existed, it's only now that those are really surfacing and seem to be taking on a new urgency. This is going to have implications for the military for sure, but it is also likely to have an impact on the way these applications are built in the future. Read next The risk of wearables – How secure is your smartwatch? Computerizing our world with wearables and IoT

Facebook’s public image suffered quite a few setbacks in recent times. The Cambridge analytica scandal has opened up a pandora’s box full of questions about user data security and privacy. In the recent senate hearings, Facebook CEO, Mark Zuckerberg had an apologetic tone and he promised to give utmost importance to user data security. The misfortunes however, doesn’t seem to be over for Zuckerberg and Facebook. In a latest security scare, a bug had caused quite a ruckus for the tech giant. Facebook composer bug Now let’s talk about the bugs, yes, you read that correctly, there were more than one recent Facebook bugs affecting user data and privacy. The first bug was related to the Facebook message composer. According to Facebook’s Chief Privacy Officer Erin Egan, the bug affected composer’s privacy settings in a way that when the users were creating new posts, it automatically changed the privacy settings to public. This meant that user updates which might have been private, were available publicly. This bug had affected 14 million users worldwide and it was active during 18th May to 22nd May 2018. It took Facebook till 27th May to identify the bug and then rectify the problem. As a trust building measure, Facebook had sent notifications to all the users affected by this breach. A snapshot of the Facebook notification looked like this:   Source: Techcrunch Automatic Unblocking bug The second incident occurred was between 29th May to 5th June. This particular incident was reported via a Facebook blog post which stated that a bug that had affected around 800k Facebook users, had temporarily unblocked contacts and enabled previously blocked contacts to message or view the details of the respective users. This security breach was in a way potentially dangerous since it openly allowed stalking or even harassment. Facebook had although stated that this bug had unblocked one contact per user. The official Facebook notification to the affected users looked like this: Source: Facebook Blog Facebook Analytics Data leak The story of bugs is not over yet. There were recent reports that the Facebook analytics data of around 3 percent Facebook apps were leaked to testers accidentally. This was  due to a faulty automated email system according to Facebook. Although Facebook insists on the fact that no personal user data was leaked, still this incident doesn’t go down well keeping in mind the company’s latest record of user privacy and data secrecy. Facebook is trying to be transparent in its approach to tackle this menace of recurring bugs, but how successful their efforts will be, only time and their future actions will tell. The Cambridge Analytica scandal and ethics in data science Mark Zuckerberg’s Congressional testimony: 5 things we learned F8 AR Announcements  

On June 25, 2018, Wi-Fi Alliance introduced the next generation of Wi-Fi security, WPA3. It took over a decade to introduce the successor of WPA2 protocol that brings new capabilities of enhancing personal and enterprise Wi-Fi networks. Individuals along with organizations were awaiting for this update especially after last years KRACK vulnerability, which was later fixed on many devices. This update comes with a variety of added features that include more robust authentication and increased cryptographic strength for highly sensitive data markets. With this update Wi-Fi industries transit to WPA3 security, however, WPA2 devices will continue to interoperate and provide recognized security. In order to maintain flexibility of mission critical networks, WPA3 networks will: Prohibit outdated legacy protocols, Deliver the latest security methods, and Use PMF (Protected Management Frames) WPA3 security supports the market through two distinct modes of operation: WPA3-Personal and WPA3-Enterprise. WPA3-Personal If users choose passwords that fall short of typical complexity recommendation, WPA3 leverages SAE (Simultaneous Authentication of Equals) a secure key establishment protocol between devices to provide more robust protection for users against third party password guessing attempts. With this level of security enhancement your network is more resilient. WPA3-Enterprise The WPA3-Enterprise protocol proves beneficial to organizations transmitting sensitive data such as finance or government, as it provides 192-bit cryptographic strength along with additional protection to these networks. This 192-bit bundle has a consistent combination of cryptographic tools deployed across WPA3 networks. Earlier this year, Wi-Fi Alliance introduced new features and some enhancements for Wi-Fi protected access. This addition ensures that WPA2 maintains robust security protection in the evolving wireless landscape. WPA2 is still a mandatory requirement for all Wi-Fi CERTIFIED devices as it would still take some time for WPA3 market adoption to grow. Through a transitional mode of operation, WPA3 will still maintains interoperability with WPA2 devices, and Wi-Fi users can remain confident that their devices are well-protected when connected to secured Wi-Fi CERTIFIED networks. Users and Wi-Fi device vendors need not worry as WPA3 protections won’t come into action overnight; it may still take some time to evolve or maybe even many-years-long process. To get WPA3 in place you need a new router that supports it or you can hope your old one can be updated to support it. This is also true for all your gadgets. You have to buy new gadgets that support WPA3 or can hope your old devices are updated to the required standards. However, WPA3 can still connect with devices that use WPA2, so you need not worry about your device not working just because you brought in a new connectivity hardware at home. WPA3 adoption has been on a positive side as organizations such as Hewlett Packard, Qualcomm, Huawei Wireless, Intel, Cisco and many more have announced their support towards next-gen Wi-Fi security for personal and enterprise networks. Qualcomm announces a new chipset for standalone AR/VR headsets at Augmented World Expo Intel’s Spectre variant 4 patch impacts CPU performance Top 5 cybersecurity assessment tools for networking professionals

Parrot, a Debian-based platform, announced the release of its latest version, Parrot 4.0. This release puts an end to all the development and testing processes of many new features, which were experimented in the previous releases since the release of Parrot 3.9. It also consists of all the updated packages and bug fixes announced since its previous version, Parrot 3.11. So, What’s new in Parrot 4.0? Netinstall Images Introduced Netinstall images are a powerful tool, which enables one to install just the necessary software components. One can even use them to install other desktop environments and to build a system of choice. With the provision of netinstall images in Parrot 4.0,  one can use Parrot as a pentest distribution, and also as a framework to build their very own working environment with ease. Docker images This version includes a release of Parrot’s own Docker templates. Docker is a powerful container technology that allows Parrot users to quickly download a Parrot template and immediately spawn unlimited and completely isolated Parrot instances on top of any host OS. Linux Kernel 4.16 The introduction of the new Linux 4.16 kernel is a very important step forward for Linux distributions. The Linux Kernel 4.16 version includes important updates, such as AMDGPU multi-display fixes, optimized in-kernel filesystem operations and so on. Sandbox Parrot system is secure and sandboxed. This is because of its custom firejail profiles with the underlying AppArmor support. This 4.0 version includes sandboxed applications that are stable and reliable. MATE 1.20 The MATE Desktop Environment is updated to its 1.20 release. This includes many graphic bug fixes and new features, such as HiDPI support, and the ability to auto-resize windows by simply dragging them to the screen corner and can also divide them into new layouts. Nginx This version introduces Nginx as Parrot’s new default web server daemon replacing Apache 2. Apache2 is the most famous web server out there, but it is heavy and complex to configure and maintain. On the other hand, Nginx is very lightweight and easy to use. It is not only a fast and secure web server but also a powerful proxy, cache, load-balancer and general purpose forwarder. And its configuration syntax is very easy to use. Apache2 will be available in the repository or pre-installed as a dependency of some security tools that rely on it. LibreOffice 6 LibreOffice 6 is now included as default in Parrot 4.0, with better documents support, memory efficiency and stability. MD Raid Support The Parrot 4.0 now includes a default MD raid support, which was absent in the previous versions. This is because parrot is also used for forensic analysis, and to open software, raids can be crucial while reading disks in a server environment. Mdadm is also introduced, which can be used as a pre-installed tool. This means that parrot can be installed in a software raid for better reliability. To know more about the new changes in detail, read the release notes. Pentest tool in focus: Metasploit 5 pen testing rules of engagement: What to consider while performing Penetration testing Top 5 penetration testing tools for ethical hackers

Intel recently announced their fix for Spectre variant 4 attack that would significantly decrease CPU performance. While working on this fix, Intel anticipated some performance questions that were around the combined software and firmware microcode updates that helps mitigate Spectre variant 4. As discovered by Jann Horn of Google Project Zero and Ken Johnson of Microsoft Spectre variant 4 is a speculative store bypass. Speculative bypass is a variant 4 vulnerability, with this an attacker can leverage variant 4 to read older memory values in a CPU’s stack or other memory locations. This vulnerability allows less privileged code to read arbitrary privileged data and run older commands speculatively. Intel call its mitigation of this Spectre attack as Speculative Store Bypass Disable (SSBD). Intel delivers this as a microcode update to appliance manufacturers, operating system vendors and other ecosystem partners. According to Intel, this patch will be ‘off” by default but if enabled Intel has observed an impact on the the performance from 2%-8% approximately but this would all depend on the overall scores from benchmarks such as SPECint, SYSmark® 2014 SE, and more. Back in January, Intel was less forthcoming in communicating about the CPU performance impact caused by Spectre variant 2 mitigation. They just waved-off such concerns with claiming that the performance would vary depending on the workload. However, Google pushed back stating the impact was severe and ended-up developing its very own Retpoline software alternative. Recently, Intel tested the impact of SSBD running it on an unspecified Intel reference hardware and 8th Gen Intel Core desktop microprocessor. The results on the performance impact of the overall score are as follows: SYSmark 2014 SE: 4% SPECint_rate_base2006 (n copy): 2% SPECint_rate_base2006 (1 copy): 8% These benchmark results are similar even on a Skylake architecture Xeon processor. Intel has clearly stated that this mitigation will be set to ‘off’ by default giving customers a choice to enable it. This is because Intel speculates that most industry software partners will go with the default option to avoid overall performance degradation. They also noted that SSBD would add an extra layer of protection to the hardware of consumers and original equipment manufacturers to prevent the Speculative Store Bypass from occurring. They also stated that the existing browser mitigations against Spectre variant 1 will help to an extend in mitigating variant 4. You can know more about the latest security updates on Intel products form Intel security center. Top 5 penetration testing tools for ethical hackers 12 common malware types you should know Pentest tool in focus: Metasploit  

Barracuda Networks recently announced its new Cloud-Delivered Web Application Firewall service. This new service offers organizations various novel ways to manage, deploy and integrate application security into an application delivery stack. A WAF is a type of firewall purpose-built to help defend against application-layer threats and attacks. WAFs can be used to protect against known vulnerabilities in applications, such as input validation and SQL injection types of risks. Barracuda's WAF-as-a-Service application security is offered through a cloud service. It aims to simplify overall management and speed of deployments for customers. Barracuda also enables developers to use its WAF-as-a-Service for DevOps via an API. The WAF API allows developers to modify behavior of application traffic. Some features of the Cloud-Delivered Web Application Firewall service are: Secure Web applications: It delivers high level of protection via its synchronous integration with Barracuda's real-time threat intelligence network. The service defends against the OWASP Top 10, bots, DDoS, and other sophisticated attacks. For example, attacks that use XML or JSON, and even the most advanced zero-day threats. Automated vulnerability remediation and granular policy configuration: No extensive security expertise is required. This is because, the firewall service offers a simple 5-step setup wizard that starts protecting web applications in minutes. One can take full control and fine tune security policies for every application. One can even build baseline application security policies automatically with out-of-the-box automated vulnerability remediation, and pre-built templates for common applications such as WordPress and SharePoint and then take control and fine-tune as needed. Simplified cloud-delivered service: This new service is fast, with an intuitive UI. Now that one does not require any device to deploy or manage, it removes the complexity of WAF deployment. One can integrate security directly into the application development lifecycle as this solution is always available, and can reduce or eliminate the need to manually test code. To know more about this new Cloud-Delivered Web Application Firewall service visit Barracuda’s official blog post. Top 5 penetration testing tools for ethical hackers What is Digital Forensics? IoT Forensics: Security in an always connected world where things talk  

In less than ten months of Wireshark’s last release, the Wireshark community has now released Wireshark 2.6. Wireshark is one of the popular tools to analyze traffic over a network interface or a network stream. It is used for troubleshooting, analysis, development and education. Wireshark is based on the Gerald Combs-initiated "Ethereal" project, released under the terms of the GNU General Public License (GNU GPL). Wireshark 2.6 is released with numerous innovations, improvements and bug fixes. The highlight of Wireshark 2.6 is that, it is the last release that will support the legacy (GTK+) user interface. It will not be supported or available in Wireshark 3.0. Major improvements since 2.5, the last version, include: This version now supports HTTP Request sequences. Support for MaxMind DB files, GeoIP and GeoLite Legacy databases has been removed. Windows packages are now built using Microsoft Visual Studio 2017. The IP map feature (the “Map” button in the “Endpoints” dialog) has been removed. Some other improvements since the version 2.4 Display filter buttons can now be edited, disabled, and removed via a context menu directly from the toolbar Support for hardware-timestamping of packets has been added Application startup time has been reduced. Some keyboard shortcut mix-ups have been resolved by assigning new shortcuts to Edit → Copy methods New Protocol Support: Many protocols have been added including the following. ActiveMQ Artemis Core Protocol: This supports interceptors to intercept packets entering and exiting the server. Bluetooth Mesh Protocol : This allows (Bluetooth Low Energy) BLE devices to network together to carry data back to a gateway device, where it can be further routed to the internet. Steam In-Home Streaming discovery protocol: This allows one to use input and output on a single computer, and lets another computer actually handle the rendering, calculations, networking etc. Bug Fix: Dumpcap, a network traffic dump tool which lets one capture packet data from a live network and write the packets to a file, might not quit if Wireshark or TShark crashes. (Bug 1419) To know more about the updates in detail, read Wireshark 2.6.0 Release Notes What is Digital Forensics? Microsoft Cloud Services get GDPR Enhancements IoT Forensics: Security in an always connected world where things talk

Offensive security released their second incremental update on Kali Linux i.e Kali Linux 2018.2.  This release comprises of all the updated packages and bug fixes from the last release in February i.e 2018.1. 2018.2 release is focused on Kernel version 4.15, which contains most-awaited patch fixes for Meltdown and Spectre malwares. Some exciting features of Kali Linux 2018.2 are: Metasploit script access made simple This release comes  for metasploit script writers. Popular metasploit scripts such as pattern_create, pattern_offset, msf- egghunter etc. can be called directly by prepending these script names with msf. These scripts were hidden under /usr/share/metasploit-framework/tools/exploit/ until this release, which made it really difficult for the writers to call these scripts. Kernel Updates Kali Linux 2018.2 is focussed on Kernel version 4.15, which includes x86 and x64 fixes focussed on Malware vulnerabilities. It also comes up with better support for AMD GPUs and support for AMD Secure Encrypted Virtualization, which allows encryption of Virtual Machine memory so that not even Hypervisor has the rights to access it. Package updates Kali Linux has a suite of in-built tools for pentesting different environments. The new release sees some significant updates to these tools. Some of them are as follows: Bloodhound is a tool which uses graph theory to reveal the path of attacks in an Active Directory environment. It has been updated to V1.5 BurpSuite has been updated to V1.7.3.1 Reaver WPS, widely used for WiFi security has been updated to V1.6.4 PixieWPF, the tool launched for pixie dust attack has been updated to V1.2.2 Hashcat, the world’s fastest and advanced password utility has been updated to V4.0.0 Ropper, the ROP gadget finder and binary information tool has been updated to V1.10.10 For the complete set of bug fixes and new features, refer to Kali Linux blog. Top-5-penetration-testing-tools-for-ethical-hackers Introduction to Penetration Testing with Kali Linux [Tutorial] Wireless Attacks in Kali Linux [ Tutorial]

Welcome to this week's cyber security news bulletin. There's news of malware targeting hospitals, NATO attacking a fictional country (yes, seriously), and big security issues in online banking (who'd have guessed). Either it's a good time or a bad time to work in security. Cyber security news from the Packt Hub Microsoft Cloud Services gets GDPR Enhancements. If you hadn't noticed already, the GDPR deadline is looming. So about time Microsoft Cloud Services! Cyber security news from across the web Orangeworm malware targets healthcare sector. Two thirds of online banking systems in the UK in 2017 contain significant vulnerabilities. In news that will probably shock, if not surprise, SC Magazine reports that online banking is plagued with security issues. Time to get serious about it. NATO launches a cyber attack on a fictional country. The NATO Cooperative Cyber Defense Centre of Excellence (CCDCOE) has launched a security competition against 'Berylia' to test the skills and strategies of some of its brightest and most talented security engineers. UK government pledges £15 million cyber security investment for Commonwealth countries. With growing concerns around the global security of software, the UK has pledged to make an investment to support cyber security initiatives around the Commonwealth. The initiative investment is also part of the UK's enthusiasm for the digital economy. Improved security should, in theory at least, ensure trust and stability can encourage growth. Observables debuts cloud-based SD-LAN for IoT Security.

With the GDPR deadline looming closer everyday, Microsoft has started to apply General Data Protection Regulation (GDPR) to its cloud services. Microsoft recently announced that they are providing some enhancements to help organizations using Azure and Office 365 services meet GDPR requirements. With these improvements they aim at ensuring that both Microsoft's services and the organizations benefiting from them will be GDPR-compliant by the law's enforcement date. Microsoft tools supporting GDPR compliance are as follows: Service Trust Portal, provides GDPR information resources Security and Compliance Center in the Office 365 Admin Center Office 365 Advanced Data Governance for classifying data Azure Information Protection for tracking and revoking documents Compliance Manager for keeping track of regulatory compliance Azure Active Directory Terms of Use for obtaining user informed consent Microsoft recently released a preview of a new Data Subject Access Request interface in the Security and Compliance Center and the Azure Portal via a new tab. According to Microsoft 365 team, this interface is also available in the Service Trust Portal. Microsoft Tech Community post also claims that the portal will be getting a "Data Protection Impacts Assessments" section in the coming weeks. Organizations can now perform a search for "relevant data across Office 365 locations" with the new Data Subject Access Request interface preview. This helps organizations search across Exchange, SharePoint, OneDrive, Groups and Microsoft Teams. As explained by Microsoft, once searched the data is exported for review prior to being transferred to the requestor. According to Microsoft, the Data Subject Access Request capabilities will be out of preview before the GDPR deadline of May 25th. It also claims that IT professionals will be able to execute DSRs (Data Subject Requests) against system-generated logs. To know more in detail you can visit Microsoft’s blog post.

Welcome to this week's security news bulletin. This is where you'll find updates from around the web on what's happening in cybersecurity, from technology releases to changes in legislation. Security news from the Packt Hub Report warns of the growing threat of cryptojacking  YouTube gets hacked Security news from across the web Google Cloud Platform adds new security service to protect against DDoS attacks. Google wrote a blog post explaining the features making this possible: Cloud "Armor [the name of the feature] works with Cloud HTTP(S) Load Balancing, provides IPv4 and IPv6 whitelisting/blacklisting, defends against application-aware attacks such as cross-site scripting (XSS) and SQL injection (SQLi), and delivers geography-based access control." Google planning to build a 'walled garden' around Gmail. This decision is an obvious step for Google as it looks to push it's paid-for version of email much harder. However, it is notable that for all the security bells and whistles it has announced, it hasn't said anything about end to end encryption. Clearly, the need to keep the government happy remains high on the agenda for the company... Leonovus announces partnership with IT security experts SynerSolutions npm Acquires ^Lift Security and the Node Security Platform. The partnership shouldn't really come as a huge surprise, as the teams have history. They've been working together for number of years. npm wrote on Medium that "Adam Baldwin and his team have joined npm to work full time on keeping the npm Registry and npm applications safe, and to develop new products to help developers and their companies securely develop JavaScript." Humio Partners With Corelight To Bring Comprehensive Network Visibility And Fast, Affordable Log Management To Businesses. Humio, the log management software company, have teamed up with network monitoring tool Corelight to tackle today's biggest challenges in identifying and acting on security threats. Essentially, it should give greater visibility on potential attacks and points of vulnerability.

In the era of cloud deployment and DevOps, cloud adoption has seen a steady rise since 2017. Forbes report state that global public cloud market will rise up to $178B in 2018, as compared to $146B in 2017, and it will continue to grow at a staggering rate of 22% compound annual growth rate (CAGR). Though all major cloud service providers offer a wide range of efficient services related to Security, it still remains a looming concern when it comes to cloud adoption. Service providers definitely try to address the major concerns with respect to security, but it is always advisable to have a tab on all the major cloud security threats that can haunt you. Following are the top 5 trending cloud security threats for 2018: Data breaches and losses As the name suggests, breach of any confidential data pertaining to personal information, health or financial information is termed as a data breach. US reported the highest number of security breaches (1579) in 2017, with the business sector accounting for 55% of it. Data breaches can be a primary objective of any malicious attack, or a result of poor security best practices. Data loss can be a result of any cyber-attack, natural disaster, or just an accidental deletion. The best way to avoid a data loss is to keep strong back-ups at different geographical locations. Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks This is one of the most popular forms of attack and very simple to execute for any cyber hacker. DoS is also trending in the Dark Web ecosystem, so it becomes even simpler for the attackers as a Dark Web service and can be availed easily by trading few cryptocurrencies. Some security countermeasures like implementing intrusion prevention system, or setting clear expectations with the ISP for clean bandwidth can help you to prevent DoS attacks to a limited extent. Also, DDoS as-a-Service, which has been popular since decades, remains trending even in 2018. GitHub experienced the biggest-ever DDoS attack with an intensity as big as 1.35Tbps via 126.9 million packets per second. Insecurity in APIs Application Programming Interface (APIs) is a set of software user interfaces that is provided by cloud service providers, so that user can interact with the cloud environment. Exploiting an API vulnerability attack is the best way to gain access to all the confidential information, hence it needs to be secure thoroughly. A critical vulnerability discovered in a popular browser extension i.e grammarly is a perfect example of threat posed by insecure APIs.  API testing methodology is considered an effective way to secure cloud APIs before they go live. We can also perform API change reporting on a regular basis to ensure API security. Lack of secure Identity and Access management Attackers masquerading as developers, users, and operators can read, modify or miss-use the data on cloud. Hence lack of secure credentials, or access management can lead to a breach of information through unauthorized access to data and potentially leading to a big loss to the organization. A critical flaw was discovered CYBERARK Enterprise Password Vault application which allowed the attacker to gain unauthorized access to the system and data. Malware attacks 2017 was the year for malware attacks with popular malwares like Ransomware, Petya, Meltdown and Spectre disrupting the entire security mechanism of many organizations. This has affected everything, right from smartphones to servers and continues to be a looming threat for cloud as well. There are minor patch works that can be implemented to prevent these attacks, but they seem to degrade the performance of cloud servers to a great extent. Having a close eye on these security vulnerabilities will help you secure your cloud solutions and ecosystems. With machine learning based cyber attacks and hacking becoming bolder and more common, it is not enough to stay current in your knowledge of these threats and cyber security solutions available in the market. To learn how to secure your cloud environments, you can get your hands on a few of our books;  Mastering AWS Security, Cloud Security Automation, and Enterprise Cloud Security and Governance. Check out other latest news: Vevo’s YouTube account Hacked: Popular videos deleted Cryptojacking is a growing cybersecurity threat, report warns