The industry is poised to lose a combined $7.2 billion worldwide this year thanks to bogus ad fraud bots, according to a study carried out this past summer by the Association of National Advertisers (ANA) and White Ops, an online fraud mitigation firm. Bot fraud, essentially non-human internet traffic, occurs when operators are able to trick advertisers’ detection systems into registering an impression. Masquerading as a legitimate user, the fraud passes through the advertising ecosystem, but oftentimes it’s the bot operators, not the advertisers, who collect payments for fake impressions. Some of the more sophisticated bots can mimic human browsing behaviors. Others are usually associated with residential IP addresses, something that makes blacklisting large swathes of addresses, often a solution for fraud, difficult, as many legitimate impressions get swept up in the mix.
The motivation for the honeypot his group built was to understand attackers’ behaviors once they wormed their way onto a critical industrial network. The honeypot is a virtualized environment designed to mimic an EMS, a SCADA device that controls the grid. Access to an EMS could give a hacker complete access to an electric grid. Lures varied according to geographies and were tailored in some cases to particular APT groups known to chase power grid intrusions.
The perfect global cyberattack could involve severing the fiber-optic cables at some of their hardest-to-access locations in order to halt the instant communications on which the West’s governments, military, economies and citizens have grown dependent. Effectively this would cripple world commerce and communications, destabilize government business and introduce uncertainty into military operations. A significant volume of military data is routed via this Internet backbone.
The Wi-Fi vulnerabilities can be exploited by sending a malicious wireless control message packet. The packets could corrupt kernel memory and expose an Android device to remote code execution at the kernel level. These vulnerabilities can be triggered when the attacker and the victim are associated with the same network. During media file and data processing of a specially crafted file, vulnerabilities in mediaserver could allow an attacker to cause memory corruption and remote code execution as the mediaserver process.
One of the biggest takeaways is that wearables represent many familiar types of vulnerabilities such as SQL injection, phishing, cross-site request forgery and buffer overflow attacks. Securing fitness data shared with third parties becomes increasingly important as more wearables become part of employer or insurer-sponsored corporate benefit programs, West said. Wearable makers need to protect against the falsification of health data via physical manipulation of the device or tampering with the data in transit, he said.
DHCP, or the Dynamic Host Configuration Profile, automates the assignment of IP hosts with IP addresses and configuration information. A badly formed packet with an invalid IPv4 UDP length field can cause a DHCP server, client, or relay program to terminate abnormally. The flaw affects nearly all IPv4 DHCP clients and relays and most servers.
The problematic appliances are not limited to those generally thought of when smart devices are discussed, but instead include a building’s heating, lighting and air conditioning systems, said Paul Ionescu, IBM X-Force ethical hacking team lead. The X-Forcers were able to defeat the security through a design flaw that gave them control of a wireless access point and another huge help was finding the device password stored unencrypted in cleartext. From this point the BAS was accessed and a flaw found in the diagnostic page gave the team access to the device’s settings, which in turn led to the ability to discover, and then decrypt, the password for the central command server giving the white hat hackers access to several buildings across the country.