Marcel Brown: October 19th, 1979. According to Dan Bricklin, one of the co-creators of VisiCalc, the first “real” release of VisiCalc was completed and packaged for shipment. VisiCalc was the first commercially available spreadsheet software and quickly became the first killer app of the personal computer market.

Edwin Kwan: Malicious version of the Israeli incoming airstrike warning app has been found distributed over the internet. The fake site serving the malicious software was created on October 12th, 2023 and provided download options for both iOS and Android versions.

Hillary Coover: In light of recent warnings from intelligence agencies, we have to consider our own readiness to face insider threats. The MI5 head’s statements regarding over 20,000 covert online approaches by Chinese spies in the UK should serve as a sobering reminder of the evolving landscape.

Ian Garrett:  Security budgets can be tricky to manage, and often hidden costs can erode these budgets. Understanding these hidden expenses, negotiating for fair pricing, and aligning security strategies with business priorities can help optimize budgets.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
Malicious “Red Alert” App Spying on Israelis

A malicious version of the Israeli incoming airstrike warning app has been found distributed over the internet.

This is Edwin Kwan from Sydney, Australia.

Red Alert is a legitimate app used by Israeli citizens to receive notifications of incoming rocket attacks. The app’s popularity has soared since the attack in South Israel and the malicious version of the app has been discovered. The fake site serving the malicious software was created on October 12th, 2023 and provided download options for both iOS and Android versions. The iOS download links redirects users to the legitimate app on the Apple App Store, but the Android link downloads the malicious Android APK file.

This spoofed version uses the same code as the legitimate app, so it provides the same functionality. It, however, also includes some additional malicious features. The app requests additional permissions that the legitimate app does not such as access to the user’s contacts, numbers, SMS content, lists of installed software, call logs, phone IMEI, logged-in email and app accounts, and more. The app collects those data when it is launched and uploads them to an external server.

To determine between the legitimate and malicious versions, review the permission the app requests or has access to. You can do that by long-pressing the app icon, selecting ” App Info” and ” Permissions.”

Resources
– Dark Reading: https://www.darkreading.com/application-security/fake-airstrike-alert-app-targets-israelis
– Bleeping Computer: https://www.bleepingcomputer.com/news/security/fake-redalert-rocket-alert-app-for-israel-installs-android-spyware/

 

Hillary Coover
Threat Posed by Chinese Espionage and Social Engineering

Is your cybersecurity program prepared to face the threat posed by Chinese espionage and social engineering?

Hi, this is Hillary Coover in Washington, DC.

In light of recent warnings from intelligence agencies, we have to consider our own readiness to face insider threats. The MI5 head’s statements regarding over 20,000 covert online approaches by Chinese spies in the UK should serve as a sobering reminder of the evolving landscape.

As guardians of digital security, we should take this opportunity to reflect on our existing policies and guidance concerning insider threats and social engineering. Are we adequately prepared to defend against such sophisticated tactics?

Here are some key questions to consider:

– Insider Threat Awareness. Are your employees and team members well-versed in recognizing the signs of insider threats, like unauthorized access or data exfiltration? Do you have ongoing training and awareness programs in place?

– Social Engineering Awareness. Are your personnel equipped to identify and respond to social engineering attempts, be it through phishing emails, fake LinkedIn profiles, or other online interactions? Do you provide them with clear guidelines and training to recognize and report suspicious activity?

-Protection of sensitive information. What measures do you have in place to safeguard your organization’s sensitive information, especially when dealing with cutting-edge technologies or proprietary data? Are these protections up to date and robust?

– Incident response and reporting. Is there a well-defined incident response plan in place for dealing with potential insider threats or social engineering incidents? Do your employees know how to report such incidents, and is there a mechanism to ensure their confidentiality and protection from retaliation?

– Education and communication. How effectively are you at communicating the importance of cybersecurity, insider threat awareness, and social engineering defense to your employees, contractors, and collaborators? Do they understand the implications of their actions in protecting the organization?

– Continuous improvement. Are you regularly reviewing and updating your policies and guidance in response to emerging threats and vulnerabilities? Are you learning from the experiences of other organizations as highlighted by intelligence agencies’ warnings?

Stay vigilant and safeguard both your people and your digital assets.

For more, check out the full article at 505updates.com.

Resources
– BBC: https://www.bbc.com/news/uk-67142161

 

Ian Garrett
10 Hidden Costs Draining CISO Security Budgets (Part 2)

My budget is just way too big, said no CISO ever. In fact, recently many CISOs and security teams are finding their budgets are getting tighter as businesses weather economic challenges. This segment covers the second five traps that can whittle away an already shrinking budget.

Hey folks, this is Ian Garrett in Arlington, Virginia.

Security budgets can be tricky to manage, and often hidden costs can erode these budgets without immediate notice. Let’s dig into these hidden expenses.

Trap 6: Redundant Tools and Misspending. CISOs can often invest in tools that don’t deliver expected value. These tools might lack integration with existing systems or fail to address the organization’s specific security needs. Such investments can divert resources from more effective security measures, leading to budget strain.

Trap 7: Expense-in-Depth Purchasing. CISOs may make the mistake of repeatedly buying tools without validating their use cases or checking for existing solutions. This results in a sprawl of redundant and potentially unnecessary security controls. Remember, expense in depth isn’t defense in depth.

Trap 8: Vendor Lock-In. Vendor lock-in can be a significant hidden cost. The investment to make a solution work effectively can be higher than initially expected, making it challenging to switch to a more cost-effective alternative.

Trap 9: Misaligned Business Priorities. Misalignment between organizational priorities and cybersecurity goals can lead to overpayment. A lack of alignment often results in disputes over budget allocation and reactive spending in response to security incidents.

Trap 10. Long-Term Thinking and Alignment. For effective cybersecurity, long-term thinking is crucial. Aligning security priorities with organizational objectives and regularly evaluating investments ensures efficient allocation of resources and cost-effective security coverage plans.

Understanding these hidden expenses, negotiating for fair pricing, and aligning security strategies with business priorities can help optimize budgets.

Resources
– CSO Online: https://www.csoonline.com/article/655295/beware-the-cost-traps-that-can-strain-precious-cybersecurity-budgets.html

 

Marcel Brown
This Day, October 19, in Tech History

This is Marcel Brown with some technology history for October 19th.

October 19th, 1979. According to Dan Bricklin, one of the co-creators of VisiCalc, the first “real” release of VisiCalc was completed and packaged for shipment. VisiCalc was the first commercially available spreadsheet software and quickly became the first killer app of the personal computer market.

October 19, 1997. The RSA Data Security RC5 56-bit encryption key is cracked by the team Bovine RC5 Effort. RC5 56-bit encryption was the strongest encryption allowed to be exported by the US at the time. This was part of an organized effort to get the government to approve the export of stronger encryption, such as those with 128-bit keys.

That’s your technology history for today. For more, tune in tomorrow and visit my website, ThisDayInTechHistory.com.

Resources
– https://thisdayintechhistory.com/09/19