A Review of the Best News of the Week on Cyber Threats & Defense
ICS Attack Framework “TRITON” and Disruption to Critical Infrastructure (FireEye, Dec 15 2017)
Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems.
The history and practice of e-mail tracking (Schneier on Security, Dec 13 2017)
The tech is pretty simple. Tracking clients embed a line of code in the body of an email — usually in a 1×1 pixel image, so tiny it’s invisible, but also in elements like hyperlinks and custom fonts. When a recipient opens the email, the tracking client recognizes that pixel…
HP leaves accidental keylogger in laptop keyboard driver (Naked Security – Sophos, Dec 11 2017)
HP didnt beat around the bush – when a researcher found a left-over keylogger, the company fessed up and fixed it fast. Result!
Threat Modeling the Internet of Things: Modeling Reaper (SecurityWeek, Dec 13 2017)
The discovery of Reaper in September 2017, in between the fourth and fifth installments of this series on Threat Modeling IoT, allows us to conduct an interesting thought experiment. Could threat model have prevented Reaper?
Malware Decompiler Tool Goes Open Source (Dark Reading, Dec 13 2017)
Avast’s RetDec machine-code decompiler now available for free on Github.
Juniper Expands Security Portfolio With Automation Capabilities (eWEEK, Dec 14 2017)
New capabilities and products announced by Juniper at its NXTWORK event aim to make security simpler to deploy and automate.
Extremely durable computer chips bring cybersecurity to harsh environments (Futurism, Dec 15 2017)
Each chip contains a physical “fingerprint” that’s practically impossible to replicate.
Understanding Endpoint Threat Diversification to Help Better Secure Infrastructures (Infosec Island, Dec 14 2017)
Threat diversification has enabled the development of new security technologies designed within layers, aimed at preventing advanced and sophisticated malware from breaching security at various attack stages.
How public-private partnerships can combat cyber adversaries (Microsoft, Dec 13 2017)
Information-sharing is the Charlie Brown football of cyber: we keep running toward it only to fall flat on our backs as attackers continually pursue us.
Researchers’ tool uncovers website breaches (CSO Online, Dec 12 2017)
UCSD researchers’ Tripwire tool uncovered website breaches, yet none of the sites disclosed the breaches to customers after being informed. The study is another harsh reminder about the dangers of password reuse.
19 M California Voter Records Held for Ransom in MongoDB Attack (Dark Reading, Dec 15 2017)
The records were first exposed in an unsecured MongoDB database, continuing a cyber-extortion trend.
North Korea Attacks London Cryptocurrency Firm (Infosecurity Magazine, Dec 15 2017)
The Lazarus Group has been targeting Bitcoin industry insiders to steal their credentials.