Happy New Year! It’s 2017, I’m back from vacation, and all of our security problems are gone, right? Ha! Well, it was nice to have a couple of weeks off over the holiday and binge on great shows and champagne, but security was always in the back of my mind. Working in the security industry all these years has made me a bit paranoid, and this holiday season, the Internet of Things (IoT) finally entered my world in the form of a device that I can control with my voice to play music, control other smart home devices, and even remote start a car! The first thing I thought was, “This thing is going to be listening to my conversations even if I’m not asking it to do something.”
Now there are news stories about one of these Internet-connected devices being seized via a search warrant because it may hold crucial evidence in a murder case. While that situation focuses more on privacy, it’s probably only a matter of time until someone hacks these devices to listen in on conversations, steal credentials or have them take part in denial of service (DoS) attacks. With attacks on DVRs and IP cameras already in the books and a growing number of consumers owning Internet-connected devices, security is going to be a big deal. So much so that in the United States, the Federal Trade Commission (FTC) announced their IoT challenge to combat security vulnerabilities in home devices. Even Trend Micro has predicted in its annual security predictions report “The Next Tier – 8 Security Predictions for 2017,” that more cyber attacks will find IoT and its related infrastructure front and center and that vendors will not secure IoT and Industrial Internet of Things (IIoT) devices in time to prevent denial of service and other attack. Time will only tell.
Late last week, the US-CERT published a report regarding recent cyber activity designated as
‘Grizzly Steppe.’ The report contains information on several well-known APT groups as well as potential indicators of compromise in the form of YARA rules, file hashes, and IP addresses. There are mitigations in place for TippingPoint customers in the form of our mainline Digital Vaccine® filters as well as filters and the reputation feed available through our ThreatDV service. TippingPoint customers can contact their account representative or the TippingPoint TAC team for more information.
There are seven new zero-day filters covering two vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.
Trend Micro (5)
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap.