The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Google: Security Keys Neutralized Employee Phishing (Krebs on Security, Jul 23 2018)
“Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.”
2. MoneyTaker Grabs $1m from PIR Bank (Infosecurity Magazine, Jul 20 2018)
…by compromising a router used by one of the bank’s regional branches.
3. Mitre ATT&CK™ and the Mueller GRU Indictment: Lessons for Organizations (Digital Shadows, Jul 22 2018)
“For this blog we have used the MITRE ATT&CK™ framework as our methodology to play back the findings of the indictment. In doing so, we aim to provide key lessons organizations can take away from this indictment.”
*AI, IoT, & Mobile Security*
4. Defeating the iPhone Restricted Mode (Schneier on Security, Jul 18 2018)
Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift, which allow attackers to recover information from a phone without the password or fingerprint. Elcomsoft just announced that it can easily bypass it.
5. NIST Updating Recommendations for Mobile App Security (eWEEK, Jul 23 2018)
The 50-page draft revision includes additional clarity and details on how to minimize mobile app risks.
6. T-Mobile Launches Narrowband IoT Communications Nationwide (eWEEK, Jul 22 2018)
Narrowband IoT is designed to provide a pathway for low-power devices that don’t require much bandwidth to communicate without interference.
*Cloud Security, DevOps, AppSec*
7. Chrome starts marking all HTTP sites as “Not secure” (Help Net Security, Jul 24 2018)
If you’re using Google Chrome and you suddenly start seeing sites you usually visit labeled as “Not secure”, it’s because Google wants to push site owners to use HTTPS, i.e., encrypt the traffic passing from their visitors to their servers and vice versa.
8. Trend Micro Launches Targeted Server-Side Bug Bounty Program (Dark Reading, Jul 24 2018)
Targeted Incentive Program will pay anywhere from $25,000 to $200,000 to researchers who are first to demonstrate exploitable vulnerabilities.
9. Effective DevSecOps (DZone, Jul 19 2018)
Security cannot be isolated in one team; let’s talk about how to make security everyone’s responsibility by implementing a DevSecOps strategy.
*Identity Mgt & Web Fraud*
10. Google introduces ‘Context-aware’ access to supplement logons (TechCrunch, Jul 25 2018)
“Context-aware access allows organizations to define and enforce granular access to GCP APIs, resources, G Suite, and third-party SaaS apps based on a user’s identity, location, and the context of their request,” Google explained.
11. Google takes on Yubico and builds its own hardware security keys (TechCrunch, Jul 25 2018)
These so-called Titan Security Keys will go up against similar keys from companies like Yubico, which Google has long championed as the de facto standard for hardware-based two-factor authentication for Gmail and other services.
12. LifeLock Bug Exposed Millions of Customer Email Addresses (Krebs on Security, Jul 25 2018)
“Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers.”
*CISO View*
13. 72% of CEOs admit they’ve taken intellectual property from a former employer (Help Net Security, Jul 25 2018)
While companies spend billions to prevent data loss, the research suggests that data remains vulnerable to employee transgressions — and the C-suite is among the worst offenders.
14. Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M (Krebs on Security, Jul 24 2018)
“Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses.”
15. 2018 Popular SIEM Starter Use Cases (Gartner Blog Network, Jul 20 2018)
So, let’s take a look at these mid-level use cases (technically, I’d classify my use cases here as mid-level in abstraction, BTW) and perhaps add others we’ve been noticing lately.