The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Black Hat Talk Reveals How Embedded Systems Expose Airlines to Risk (eWEEK, Aug 08 2018)
Security firm IOActive is set to disclose multiple vulnerabilities in the embedded systems used for satellite communications and in-flight WiFi, revealing the larger challenge of supply chain risk.
2. Breaking Down the PROPagate Code Injection Attack (Dark Reading, Aug 08 2018)
What makes PROPagate unique is that it uses Windows APIs to take advantage of the way Windows subclasses its window events.
3. Researchers Release Free TRITON/TRISIS Malware Detection Tools (Dark Reading, Aug 08 2018)
Team of experts re-creates the TRITON/TRISIS attack to better understand the epic hack of an energy plant that ultimately failed.
Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a better way to build your strategy.
*AI, IoT, & Mobile Security*
4. iPhone chipmaker blames ransomware for factory shutdowns (Sophos, Aug 07 2018)
Taiwan chipmaker TSMC is back up and running, and pinning the blame for its shutdown on an infection by WannaCry ransomware.
5. Android apps infected with umm… *Windows* malware (Graham Cluley, Aug 01 2018)
Security researchers at Palo Alto Networks recently discovered 145 apps in the official Google Play Android store that were “infected by malicious Microsoft Windows executable files.” Yes, you read that correctly. Android apps carrying malicious Windows executables.
6. FBI Offers New IoT Security Tips (Dark Reading, Aug 03 2018)
A new article from the FBI offers insight into IoT risks and ways to reduce them.
*Cloud Security, DevOps, AppSec*
7. Facebook Open Sources TLS 1.3 Library (SecurityWeek, Aug 07 2018)
Already deployed globally on Facebook’s mobile apps, load balancers, and internal services, the library handles millions of TLS 1.3 handshakes every second across the social media giant’s infrastructure. At the moment, over 50% of Facebook’s Internet traffic is secured with TLS 1.3, while its mobile apps also leverage TLS 1.3’s zero round-trip resumption (0-RTT) data.
8. How a Hacker Used Python to Extract the Source Code for ‘Super Mario Bros.’ (Motherboard, Aug 02 2018)
Hacker Matthew Earl used Python to extract raw visual data from Nintendo’s code.
9. Snapchat Source Code Leaked (SecurityWeek, Aug 08 2018)
Hackers obtained some source code for the popular messaging application Snapchat and made it public on GitHub, claiming that they were ignored by the app’s developer.
*Identity Mgt & Web Fraud*
10. Florida Man Arrested in SIM Swap Conspiracy (Krebs on Security, Aug 07 2018)
“Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims.”
11. Quantifying the impact of the Twitter fake accounts purge – a technical analysis (Elie Bursztein with Aude Marzuoli (Google), Aug 07 2018)
This post provides an overview of the impact of the Twitter 2018 accounts purge through the lens of its impact on 16k of Twitter’s most popular accounts.
12. Facebook wants to be the future of online banking (Naked Security – Sophos, Aug 08 2018)
Facebook says to banks: tell us who your customers are, and we’ll get them talking to you in Messenger.
*CISO View*
13. Mastering MITRE’s ATT&CK Matrix (Dark Reading, Aug 06 2018)
This breakdown of Mitre’s model for cyberattacks and defense can help organizations understand the stages of attack events and, ultimately, build better security.
14. Cybersecurity Transformation Is A Thing, And It Needs Personal And Relentless Drive (Forrester, Aug 02 2018)
What makes one leader a transformational CISO versus a traditional CISO? What is their secret sauce?
15. Adventures in vulnerability reporting (Project Zero, Aug 02 2018)
At Project Zero, we spend a lot of time reporting security bugs to vendors. Most of the time, this is a fairly straightforward process, but we occasionally encounter challenges getting information about vulnerabilities into the hands of vendors. Since it is important to user security that software vendors fix reported vulnerabilities in a timely matter, and vendors need to actually receive the report for this to happen, we have decided to share some of our experiences.