source: foreignpolicy.com, submitted by Artemus FAN, Bob Wallace

The first text message showed up on Ahmed Mansoor’s phone at 9:38 on a sweltering August morning in 2016. “New secrets about torture of Emiratis in state prisons,” it read, somewhat cryptically, in Arabic. A hyperlink followed the words. Something about the number and the message, and a similar one he received the next day, seemed off to Mansoor, a well-known human rights activist in the United Arab Emirates. He resisted the impulse to click on the links.

Instead, Mansoor sent the notes to Citizen Lab, a research institute based at the University of Toronto specializing in human rights and internet security. Working backward, researchers there identified the hyperlinks as part of a sophisticated spyware program built specifically to target Mansoor. Had he clicked on the links, the program would have turned his phone into a “digital spy in his pocket,” Citizen Lab later wrote in a report—tracking his movements, monitoring his messages, and taking control of his camera and microphone.

But the big revelation in the report wasn’t so much the technology itself; intelligence agencies in advanced countries have developed and deployed spyware around the world. What stood out was that Citizen Lab had traced the program to a private firm: the mysterious Israeli NSO Group. (The name is formed from the first initials of the company’s three founders.) Somehow, this relatively small company had managed to find a vulnerability in iPhones, considered to be among the world’s most secure cellular devices, and had developed a program to exploit it—a hugely expensive and time-consuming process. “We are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign,” the Citizen Lab researchers wrote in their report.

 source: defenseone.com

DARPA’s new research in brain-computer interfaces is allowing a pilot to control multiple simulated aircraft at once.

A person with a brain chip can now pilot a swarm of drones — or even advanced fighter jets, thanks to research funded by the U.S. military’s Defense Advanced Research Projects Agency, or DARPA.

The work builds on research from 2015, which allowed a paralyzed woman to steer a virtual F-35 Joint Strike Fighter with only a small, surgically-implantable microchip. On Thursday, agency officials announced that they had scaled up the technology to allow a user to steer multiple jets at once.

“As of today, signals from the brain can be used to command and control … not just one aircraft but three simultaneous types of aircraft,” said Justin Sanchez, who directs DARPA’s biological technology office, at the Agency’s 60th-anniversary event in Maryland.

More importantly, DARPA was able to improve the interaction between pilot and the simulated jet to allow the operator, a paralyzed man named Nathan, to not just send but receive signals from the craft. “The signals from those aircraft can be delivered directly back to the brain so that the brain of that user [or pilot] can also perceive the environment,” said Sanchez. “It’s taken a number of years to try and figure this out.”

In essence, it’s the difference between having a brain joystick and having a real telepathic conversation with multiple jets or drones about what’s going on, what threats might be flying over the horizon, and what to do about them. “We’ve scaled it to three [aircraft], and have full sensory [signals] coming back. So you can have those other planes out in the environment and then be detecting something and send that signal back into the brain,” said Sanchez.  

The experiment occured a “handful of months ago,” he said.

It’s another breakthrough in the rapidly advancing field of brain-computer interfaces, or BCIs, for a variety of purposes. The military has been leading interesting research in the field since at least 2007,. And in 2012, DARPA issued a $4 million grant to build a non-invasive “synthetic telepathy” interface by placing sensors close to the brain’s motor centers to pick up electrical signals — non-invasively, over the skin.

But the science has advanced rapidly in recent years, allowing for breakthroughs in brain-based communicationcontrol of prosthetic limbs, and even memory repair.

 source: threatpost.com

What has the makings of a targeted attack campaign against several high-value industries is using a Trojan that employs rigged PDFs to deliver its payload. Targeting organizations in the defense, chemical, technology, and aerospace industries, the MyAgent trojan is primarily spreading through email as a zipped .exe file or PDF attachment, according to researchers at the FireEye Malware Intelligence Lab.

What has the makings of a targeted attack campaign against several high-value industries is using a Trojan that employs rigged PDFs to deliver its payload. Targeting organizations in the defense, chemical, technology, and aerospace industries, the MyAgent trojan is primarily spreading through email as a zipped .exe file or PDF attachment, according to researchers at the FireEye Malware Intelligence Lab.

FireEye examined a sample of MyAgent that, once executed, opens a PDF file titled ‘Health Insurance and Welfare Policy’ and then drops a second executable, deviously titled ‘ABODE32.exe,’ in the temp directory, they say in their report.

 

FireEye notes that the ‘ABODE32.exe’ executable accesses Windows Protected Storage, which holds the passwords for IE, Outlook, and other applications. 

Once the trojan has infected its host machine, it communicates with its command and control server, the user agent string and URI of which are hard-coded into MyAgent’s binary. In addition to this, FireEye has noticed the malware loading different DLLs to communicate with its C&C. Despite MyAgent’s relatively high detection rate, its dynamic intermediary stages place it among what FireEye considers advanced malware.

JavaScript within the PDF variety of MyAgent determines which version of Adobe Reader is running on its host and then deploys well-known exploits tailored to the specific version. If the machine is running any of Reader 9.0’s predecessors, then MyAgent exploits the ‘Collab.getIcon()’ vulnerability.

 

The majority of MyAgent’s payloads are easily detected by up-to-date antivirus products

 source:darkreading.com

New Booz Allen Hamilton report advises companies to include printers in their overall security strategy.

 

Networked printers increasingly are becoming targets of hackers as these devices often aren't secured by enterprises.

A new study cited by Booz Allen Hamilton found that of 61% of survey respondents who reported a data loss incident in 2016, at least 50% had at least one such incident linked to a printer. The 2017 survey by Quocirca included 200 companies with more than 1,000 employees.

The security incidents included digitally intercepted print jobs (50%), loss of data from printer hard disks (48%), mailing of documents via multifunction printers to external sources (44%), and printers getting hacked to gain network access (18%).

"Today's office printers are full-functional computers that have a printer, scanner, photocopier, and a fax machine, as well as an email platform with local storage, wireless networking, and an operating system," says Nate Beach-Westmoreland, head of strategic threat intelligence for Booz Allen and author of the printer portion of the firm's new Cyber4Sight report. "Security pros need to prioritize network printers as such."

 

Some of the most common types of cyberattacks on printers include disabling printers for ransom and abusing insecure printers for vandalism or vigilantism.

Brian Minick, Booz Allen's vice president of cybersecurity, says state-linked criminals believed to be out of North Korea have regularly targeted printers in their cyberattacks on banks. They disabled printers used to confirm SWIFT network transfers, for example, in the attacks on City Union Bank in India and the Bank of Bangladesh.