The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. CIA Network Exposed Through Insecure Communications System (Schneier on Security, Aug 29 2018)
People died because of that mistake. The moral — which is to go back to pre-computer systems in these high-risk sophisticated-adversary circumstances — is the right one, I think.
2. RansomWarrior Defeated with Decryption Tool (Infosecurity Magazine, Sep 03 2018)
“Written in .NET, the executable itself isn’t obfuscated, packed, or otherwise protected, suggesting those behind it are relatively new to the game. In fact, the ‘encryption’ used by the ransomware is a stream cipher using a key randomly chosen from a list of 1000 hard-coded keys in RansomWarrior’s binary code,” said Check Point.
3. Booz Allen researchers find new POS malware with no data exfiltration capabilities (SC Magazine, Aug 28 2018)
Researchers have discovered a point-of-sale malware program, RtPOS, that saves payment card data locally but does not exfiltrate it to a command-and-control server, perhaps so its activity is less likely to be detected as anomalous.
Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a better way to build your strategy.
*AI, IoT, & Mobile Security*
4. Of ML and malware: What’s in store? (WeLiveSecurity, Sep 04 2018)
All things labeled Artificial Intelligence (AI) or Machine Learning (ML) are making waves, but talk of them in cybersecurity contexts often muddies the waters. A new ESET white paper sets out to bring some clarity to a subject where confusion often reigns supreme
5. Semi-annual balance of mobile security (WeLiveSecurity, Aug 29 2018)
For Android, malware detections were down 27% compared to the first half of 2017; for iOS, they decreased 15% compared to the same period last year
6. Air Canada confirms mobile app data breach, passport numbers were accessed (Help Net Security, Aug 30 2018)
Air Canada has suffered a data breach and is forcing a password reset on all 1.7 million users of its mobile app, though apparently only 20,000 of the mobile app accounts were accessed by the attackers.
*Cloud Security, DevOps, AppSec*
7. How Google Chrome Spent a Decade Making the Web More Secure (Wired, Sep 04 2018)
Crucially, Chrome managed tabs in a new way; its “sandbox” made each one run with its own permissions and protected memory. That way if one tab crashed it didn’t crash the whole browser, and if an attacker tried to attack a Chrome user, she wouldn’t be able compromise more than one site at a time. For the first time, a browser functioned more like an operating system, running many isolated programs on a permission system, rather than as a single free-for-all program.
8. Chrome 69 is out, includes many functional and security changes (Help Net Security, Sep 05 2018)
Ten years ago Google released the first iteration of its Chrome browser. On Tuesday, the company pushed out version 69.
9. Conceptual and Technical Challenges in Multi-cloud Security (Infosec Island, Aug 30 2018)
Cloud vendors are in a race to close the gaps in capabilities among themselves as well as to create product differentiation that will attract and retain customers. Some services may look similar, but minor differences can lead to security issues and misconfigurations. Let’s explore some of the challenges that security organizations face with multi-cloud deployments.
*Identity Mgt & Web Fraud*
10. Google quietly bought Mastercard credit and debit card records (Sophos, Sep 03 2018)
The multimillion dollar data buy allows Google to link what we buy in brick-and-mortar stores to what ads we clicked online.
11. Google Claims MasterCard Data Deal Doesn’t Violate Privacy Rights (eWEEK, Sep 06 2018)
Google says its Store Sales Measurement program allows advertisers to see how well their online ads are performing using aggregated and highly-anonymized data.
12. For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records (Krebs on Security, Sep 04 2018)
“mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware.”
*CISO View*
13. Five Eyes demand for encryption workarounds raises stakes for tech companies (Washington Post, Sep 05 2018)
The U.S. government is going global in its anti-encryption push.
14. The SOC Gets a Makeover (Dark Reading, Sep 06 2018)
Today’s security operations center is all about reducing the number of alerts with emerging technologies – and enhancing old-school human collaboration. Here’s how some real-world SOCs are evolving.
15. Financial info of 380,000 British Airways customers stolen in site, app breach (Help Net Security, Sep 07 2018)
“From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making or changing bookings on our website [ba.com] and [mobile] app were compromised,” the company stated. “The stolen data did not include travel or passport details.”