Daily Tech Digest - May 25, 2019

MuddyWater APT Group Upgrades Tactics to Avoid Detection

MuddyWater APT Group Upgrades Tactics to Avoid Detection
In a blog posted Monday, Cisco Talos researchers write that they have "moderate confidence" a new campaign called "BlackWater" is tied to MuddyWater. That campaign, which is mainly focused on targets in Turkey, shows that the group is changing its preferred tactics, techniques and procedures to help avoid detection and bypass certain security controls, the researchers say. And while avoiding endpoint detection helps improve this group's overall operational security, the main goal of BlackWater is still to plant a PowerShell-based backdoor within a target's network and gain remote access, the researchers note. "Due to the relation to MuddyWater and that actor's previous methods, we suspect the larger goal [of BlackWater] was cyberespionage," Matt Valites, threat research manager for Cisco Talos Outreach, tells Information Security Media Group. ... The group has also attempted operations in the U.S. and Europe as part of an ongoing espionage campaign, that report found.

Fintech in Brief: OCC Singles Out Financial Innovation as Special Risk Topic

The OCC noted that federal banks have adopted a wide variety of approaches to innovation by technology type and bank size. These approaches include pooling resources through industry consortia to collaborate and share costs associated with developing and acquiring new technologies; increasing reliance on third-party service providers or Fintechs; and a wait-and-see/slow-adopter strategy. The OCC cautioned against the latter approach because it can result in loss of customers or market share before banks can respond to the speed of innovation. It also noted that size alone might not be an advantage—although larger banks may have the financial resources to support technology investments, some smaller banks may find their businesses more agile and able to effectively adopt technology through Fintech collaborations. ... It also cited, among others, the burden of legacy technology systems, reliance on core processing firms, and resource limitations as drivers of higher strategic risk to the banking industry.

The whole company, not just a few people on the same team, must unite to drive success. Unfortunately, most organizations are siloed, with functional areas and business units struggling to communicate, coordinate and collaborate in relation to transformation initiatives. It gets worse. The diverse tools, data repositories and workflows across disparate functions exacerbate enterprise disorganization, resulting in a work ecosystem that is largely analog and siloed. Hence, a relatively small portion of a knowledge worker’s time — 39% according to our study — is dedicated to their primary job duties. ... All enterprises have systems of record for critical functions. SAP and NetSuite provide financial systems of record. Salesforce provides a customer system of record. There are systems of record for other functions as well, such as IT and HR. However, ask any executive what their organization is working on at the moment and they’ll struggle to tell you the what, who and how much of a significant amount of corporate investment. Enterprises lack an operational system of record that acts as the authoritative source of truth for the organization’s work investments, progress and results.

AI better than humans at spotting lung cancer

In the current study, the AI provided an "automated image evaluation system" that accurately predicted the malignancy of lung nodules without any human intervention. The researchers compared the AI's evaluations with those of six board-certified U.S. radiologists who had up to 20 years of clinical experience. When prior LDCT scans were not available, the AI "model outperformed all six radiologists with absolute reductions of 11% in false positives and 5% in false negatives," report Tse and colleagues. When previous imaging was available, the AI performed just as well as the radiologists. Study co-author Dr. Mozziyar Etemadi, a research assistant professor of anesthesiology at Northwestern University Feinberg School of Medicine in Chicago, explains why AI can outperform human evaluation. "Radiologists generally examine hundreds of 2D images or 'slices' in a single CT scan, but this new machine learning system views the lungs in a huge, single 3D image," Dr. Etemadi says.

The Future of Digital Health Lies Beyond These Six Barriers

six barriers to digital health
The healthcare industry tends to be a highly risk-averse one. In some respects, this makes sense—after all, people’s lives literally hang in the balance. Companies and medical experts cannot expect patients to entrust their well-being to glitchy devices or experimental features; healthcare solutions must be complete and functional. It’s no wonder that 56 percent of survey respondents agreed that “healthcare is driven by proven outcomes, not good ideas.” But this cautious mindset does present an obstacle to the progress of digital health solutions. ... The truly successful people are going to be the ones who actually monitor the patient’s compliance, instead of wholly relying on adherence. The connection provides value when it actively monitors.  Offering new solutions in any industry poses a business risk, too. Our research shows that many connected health devices never even make it to market. Companies will hesitate to invest time and money into developing a solution that may never be profitable.

Data Was An Asset, Now It’s A Liability

Data has a half-life, which is to say it decays gradually and unpredictably. Consider home addresses: one in a million people will move home today, and more over a week, month, year, decade. Some will never move, but there’s no telling who is who. Life is unpredictable. The longer data sits on the compost heap, the more inaccurate it becomes and there’s precious little you can do about it. At some level the cost – and efficacy – of cleaning and refreshing it outweighs the value of an ageing database. Factor in the risk of a hefty fine and hoarding data really starts to look like an evolutionary cul-de-sac. The business holding the most data is the business sitting on the most risk, which means it needs to be the one spending the most time and effort on technical controls and policy protections. Finding ways to delete, destroy or delegate data ownership means you can sleep a little easier. After all, there’s no point breaking into an empty bank vault – why waste all that time and effort for such a small reward? There’s pragmatism on both sides of the law.

A Futuristic Reality: Harnessing The Power Of The Three Layers Of Machine Learning

Google Assistant can draw on voice command, as seen here at the Google I/O conference in 2018, with the help of machine learning techniques. (AP Photo/Jeff Chiu)
Media buzz aside, many fast-growing startups are taking advantage of machine learning (ML) techniques like neural networks and support vector machines to learn from data, make predictions, improve products, and enhance business decisions. Unfortunately “machine learning theater” – companies pretending to use the technology to make theirs seem more sophisticated for a higher valuation – is also on the rise. Undeniably, ML is transforming businesses and industries, with some more likely to benefit than others. Like any source of economic power, ML has the potential to fundamentally change what are considered to be core or non-core functions for an enterprise, challenging some prevailing “theory of the firm” assumptions. While harnessing ML has the potential to yield extraordinary economic power for companies, many machine learning businesses aren’t able to build sustainable “moats.”

CISOs need to unleash the power of storytelling to make cybersecurity real to boards, leadership

Security lock on computer data
CISOs and CIOs should provide board members with information that can help them make the best decisions around governance and senior leaders with the intelligence to make optimal management decisions. Many security leaders want to elevate the dialogue to help their leaders make informed decisions and set strategic direction. More than providing a briefing on cybersecurity, they want to have a dialogue. Many CISOs and CIOs interviewed for the report said their role is to make sure the risk gets escalated to the right level of leadership. A critical early step is to ensure the board and senior leadership agree on the "crown jewels": data and assets that are most in need of protection. A good report provides leadership with a better understanding of the organization’s current state of cybersecurity, including threats and vulnerabilities the security team is seeing as well as the near-term proactive steps being taken to mitigate those threats and a clear understanding of how those threats and vulnerabilities could impact business functions.

Google has revoked Huawei’s Android license

[Update 8: Removed from Android Enterprise Recommended] Google has revoked HuaweiĆ¢€™s Android license
Users will not be able to just side-load APKs for these services because Google prohibits CTS-unverified devices from running its apps. Besides Google apps, all the others that use Google’s APIs, to facilitate log-in, for instance, will also be blocked on smartphones by Huawei and sub-brand Honor. For the existing Huawei devices, Google has confirmed users will continue to be able to update apps through the Google Play Store. However, the blacklisting also prohibits Huawei and Honor from sending out newer updates to their smartphones, and if it does, it will be forced to remove Google Play Services and Google apps from the existing devices too. ... Fundamentally, the only way Huawei can now continue using Android onto its smartphones is building its own custom version of Android using AOSP (Android Open Source Project) code, exactly how developers of custom ROMs do. Unlike custom ROMs, however, Huawei might not be able to strap GApps along with the package without going unnoticed by Google.

Cloud-Based EHR Vendor Slapped With HIPAA Fine

Cloud-Based EHR Vendor Slapped With HIPAA Fine
The Department of Health and Human Services says the settlement with Fort Wayne, Indiana-based Medical Informatics Engineering comes after an investigation of a breach discovered in July 2015. Hackers used a compromised user ID and password to access the electronic protected health information of approximately 3.5 million individuals, according to the HHS Office for Civil Rights, which enforces HIPAA. "OCR's investigation revealed that MIE did not conduct a comprehensive risk analysis prior to the breach," HHS notes in a statement. HIPAA requires entities to perform an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of an entity's ePHI. The lack of such as risk analysis has been a common finding in OCR's breach investigations that have resulted in enforcement actions, such as settlements. "Entities entrusted with medical records must be on guard against hackers," says OCR Director Roger Severino. "The failure to identify potential risks and vulnerabilities to ePHI opens the door to breaches and violates HIPAA."

Quote for the day:

"Managers control. Leaders create commitment." -- Jonh Zenger

No comments:

Post a Comment