Threats & Defense – The Week’s Best News – 2017.12.25

A Review of the Best News of the Week on Cyber Threats & Defense

Home Economics: How Life in 123 Million American Households Was Exposed Online (UpGuard, Dec 19 2017)
While the Census data consists entirely of publicly accessible statistics and information, Experian’s ConsumerView marketing database, a product sold to other enterprises, contains a mix of public details and more sensitive data.Taken together, the exposed data reveals billions of personally identifying details and data points about virtually every American household.

Google Warns DoubleClick Customers of XSS Flaws (SecurityWeek, Dec 21 2017)
Google has warned DoubleClick customers that some of the files provided by third-party vendors through its advertising platform can introduce cross-site scripting (XSS) vulnerabilities.

Facebook Launches New Anti-Phishing Feature (SecurityWeek, Dec 21 2017)
Facebook announced on Wednesday the introduction of a new security feature designed to help users check if the emails they receive are legitimate or if they have been sent by cybercriminals.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Configuring Snort Rules (Beginners Guide) (Hacking Articles, Dec 16 2017)
“How to write any rules in Snort” that could be work as NIDS and NIPS…

Advanced Deception: How It Works & Why Attackers Hate It (Dark Reading, Dec 18 2017)
While cyberattacks continue to grow, deception-based technology is providing accurate and scalable detection and response to in-network threats.

Microsoft Word slams the door on DDEAUTO malware attacks (Naked Security – Sophos, Dec 18 2017)
DDEAUTO, short for automatic dynamic data exchange, is a command you can put right inside the data of an Office file to get it to pull data out of another file. According to Microsoft’s official documentation, DDEAUTO is only supposed to work within the same app, or between two apps that are already active.

Hex-Men Trio using compromised SQL servers to conduct mining, DDoS attacks (SC Magazine, Dec 19 2017)
A trio of campaigns, jointly known as the Hex-Men Trio, that are going after SQL Servers has been identified by Guardicore Labs.

Did You Accidentally Friend a North Korean Hacker on Facebook? (PCMag, Dec 19 2017)
North Korean hackers have been creating fake personal Facebook accounts and friending random people, so be careful not to accept requests from randos.

Report: Chinese cyberspies targeted Western think tanks with spy tools, DDos attacks in Q4 (SC Magazine, Dec 20 2017)
At least four Western think tanks and two non-government organizations were targeted in Chinese cyber espionage activities this past October and November, according to a new report from CrowdStrike.

Block Threats Faster: Pattern Recognition in Exploit Kits (Dark Reading, Dec 22 2017)
When analysts investigate an indicator of compromise, our primary goal is to determine if it is malicious as quickly as possible. Identifying attack patterns helps you mitigate quicker.

VenusLocker Switches Tactics from Ransomware to Monero Mining (Infosecurity Magazine, Dec 22 2017)
An attack was observed targeting South Korea, which arrives via phishing emails using a variety of social engineering contexts. One variant pretends to be from a South Korean online garment seller who falsely claims that the recipient’s information from their website has been leaked due to a website hack.

Nissan Canada Data Breach: 1.1 Million Customers Notified (Infosecurity Magazine, Dec 22 2017)
Nissan Canada’s finance business revealed on Thursday that all of its 1.13 million current and former customers may have had their details compromised in a data breach.

Share on facebook
Share on twitter
Share on linkedin