A Review of the Best News of the Week on Cyber Threats & Defense
Inside Uber’s $100,000 Payment to a Hacker, and the Fallout (Nicole Perlroth, Jan 12 2018)
How Uber grappled with a 2016 hack is under scrutiny and has cast a chill over how other companies deal with security threats.
Security Beyond The Perimeter (Andrew Hay, Jan 10 2018)
Thankfully, technology has evolved to allow for more seamless security in environments that need to span traditional datacenters, virtualization, and cloud environments. This has allowed organizations to grow their capabilities without the need to choose between having security and having new technology stacks. So how do we, as security professionals and business owners, decide what mitigating controls should be deployed to future-proof our security? It’s actually much easier than it sounds.
A Clever Radio Trick Can Tell If a Drone Is Watching You (Wired, Jan 12 2018)
A quirk of video compression lets spy targets see what the drone watching them sees.
VirusTotal Launches Visualization Tool (SecurityWeek, Jan 09 2018)
The tool should make it easier for investigators who are working with multiple reports at the same time, attempting to pivot between multiple data points (files, URLs, domains and IP addresses), as such work would normally result in having multiple tabs opened, which could complicate operations.
Cisco Adds Encrypted Traffic Analysis Function (Dark Reading, Jan 10 2018)
New Encrypted Traffic Analytics is designed to help enterprises inspect encrypted traffic for malicious activity without having to decrypt it first.
Skype finally getting end-to-end encryption (Ars Technica, Jan 11 2018)
Since its inception, Skype has been notable for its secretive, proprietary algorithm. It’s also long had a complicated relationship with encryption: encryption is used by the Skype protocol, but the service has never been clear exactly how that encryption was implemented or exactly which privacy and security features it offers. That changes today in a big way. The newest Skype preview now supports the Signal protocol: the end-to-end encrypted protocol already used by WhatsApp, Facebook Messenger, Google Allo, and, of course, Signal.
Challenge Your Threat Intelligence Assumptions: An Interview With Gavin Reid (Recorded Future, Jan 11 2018)
We interviewed Gavin Reid, who recently joined Recorded Future as chief security architect, focusing on next-generation threats and the role that threat intelligence can play in identifying and combating them.
Hard-Coded Backdoor in My Cloud Devices Offers Attackers Access to Personal Photos, Videos (Infosecurity Magazine, Jan 08 2018)
Threat actors could gain control over the device, exfiltrate information and spread malware.
Simple Attack Allows Full Remote Access to Most Corporate Laptops (SecurityWeek, Jan 12 2018)
If attackers have physical access a device, one need only boot up the device pressing CTRL-P during the process, and log in to MEBx with ‘admin’. “By changing the default password, enabling remote access and setting AMT’s user opt-in to “None”, a quick-fingered cyber criminal has effectively compromised the machine,” writes F-Secure.
Bogus Passwords Can Unlock AppStore Preferences in macOS (SecurityWeek, Jan 11 2018)
A security vulnerability impacting macOS High Sierra allows admins to unlock the AppStore Preferences in System Preferences by providing any password.
Update on Pawn Storm: New Targets and Politically Motivated Campaigns (TrendLabs, Jan 15 2018)
Pawn Storm has been attacking political organizations in France, Germany, Montenegro, Turkey, Ukraine, and the United States since 2015. We saw attacks against political organizations again in the second half of 2017. These attacks don’t show much technical innovation over time, but they are well prepared, persistent, and often hard to defend against.
Russia-linked hackers apparently targeting 2018 Olympics (TheHill, Jan 15 2018)
Hackers calling themselves “Fancy Bears” release alleged confidential communications from International Olympic Committee officials.