A Review of the Best News of the Week on Cyber Threats & Defense
PROPagate Code Injection Seen in the Wild (Schneier on Security, Jul 09 2018)
This can be used to inject code and drop files while also hiding the fact it has happened, making it a useful, stealthy attack.
New macOS Malware Targets Crypto-Currency Users (SecurityWeek, Jul 03 2018)
A new piece of macOS malware has been observed being distributed via crypto-currency related Slack or Discord chat groups, security researchers warn.
German web hosting firm DomainFactory suffers data breach (Help Net Security, Jul 09 2018)
DomainFactory, one of the largest web hosting companies in Germany, has suffered a data breach.
Four common API vulnerabilities and how to prevent them (Help Net Security, Jul 03 2018)
For the API provider, this requires a balance. One of the main purposes of an API is to help developers get things done—and no one wants to work with a locked-down tool whose security mechanisms get in the way of productivity. An API is worthless if developers aren’t consuming it, so ease-of-use is important.
New insider attack steals passwords by reading thermal energy from keyboards (Help Net Security, Jul 06 2018)
As noted in the paper, results show that entire sets of key-presses can be recovered by non-expert users as late as 30 seconds after initial password entry, while partial sets can be recovered as late as one minute after entry.
Chrome and Firefox pull history-stealing browser extension (Naked Security – Sophos, Jul 06 2018)
An extension used by about two million people has been pulled by Chrome and Firefox after it was found exfiltrating browsing data.
The Pirate Bay is cryptomining for Monero with your CPU again (Graham Cluley, Jul 06 2018)
Now, following complaints on its official forum, The Pirate Bay has admitted (in very small print) that it is cryptomining again.
Navigating Dangerous Waters: the Maritime Industry’s New Cybersecurity Threat as Technology Innovation Grows (Infosec Island, Jul 03 2018)
By the end of the decade, for example, a new era of shipping will have started with the world’s first autonomous container ship transporting goods around the coastline of Norway.
Science Fiction Come True: Weaponized Technology Threatens to Shatter Security, Critical Systems (Infosec Island, Jul 03 2018)
In the face of mounting global threats, organization must make methodical and extensive commitments to ensure that practical plans are in place to adapt to major changes in the near future.
Flaws Expose Siemens Central Plant Clocks to Attacks (SecurityWeek, Jul 03 2018)
Siemens informed customers on Tuesday that some of its SICLOCK central plant clocks are affected by several vulnerabilities, including ones that have been rated “critical.”
New Malware Variant Hits With Ransomware or Cryptomining (Dark Reading, Jul 05 2018)
A new variant of old malware scans a system before deciding just how to administer pain.
New Smoke Loader Attack Targets Multiple Credentials (SecurityWeek, Jul 05 2018)
The attacks begin with malicious emails carrying a Word document as an attachment. Using social engineering, the attackers attempt to lure victims into opening the document and executing an embedded macro.
Creating a Defensible Security Architecture (Dark Reading, Jul 09 2018)
Take the time to learn about your assets. You’ll be able to layer in multiple prevention and detection solutions and have a highly effective security architecture.
Intel Patches Security Flaws in Processor Diagnostic Tool (SecurityWeek, Jul 09 2018)
Intel has updated its Processor Diagnostic Tool to address vulnerabilities that could lead to arbitrary code execution and escalation of privileges.
Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign (WeLiveSecurity, Jul 09 2018)
D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan