A Review of the Best News of the Week on Cyber Threats & Defense

DHS, FBI Issue SamSam Advisory (Dark Reading, Dec 04 2018)
Following last week’s indictment, federal government issues pointers for how security pros can combat SamSam ransomware.

Banks Attacked through Malicious Hardware Connected to the Local Network (Schneier on Security, Dec 07 2018)
Kaspersky is reporting on a series of bank hacks — called DarkVishnya — perpetrated through malicious hardware being surreptitiously installed into the target network: In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents. Each attack had a common springboard: an unknown device directly connected to the company’s local network.

The Dark Side of the ForSSHe (WeLiveSecurity, Dec 05 2018)
ESET researchers discovered a set of previously undocumented Linux malware families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”, they release analysis of 21 malware families to improve the prevention, detection and remediation of such threats

Compliance is necessary. Wasting money isn’t.
The Mosaic Security Research Market Intelligence Platform provides the tools you need for OWASP’s Cyber Defense Matrix. Build your threat defense systematically.

Emotet and Trickbot Are the Future of Malware (Infosecurity Magazine, Dec 05 2018)
Fileless malware is more likely to succeed than file-based malware, says Malwarebytes.

Insider Threats & Insider Objections (Dark Reading, Dec 07 2018)
The ‘tyranny of the urgent’ and three other reasons why it’s hard for CISOs to establish a robust insider threat prevention program.

Massive botnet chews through 20,000 WordPress sites (Naked Security – Sophos, Dec 10 2018)
Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords.

Adventures in Video Conferencing Part 1: The Wild World of WebRTC (Google Project Zero, Dec 04 2018)
We reviewed the three most widely-used video conferencing implementations. In this series of blog posts, we describe what we found. This part will discuss our analysis of WebRTC.

Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea (Graham Cluley, Dec 06 2018)
Computer users are being reminded once again to take care over the browser extensions they install after security experts discovered a hacking campaign that has been targeting academic institutions since at least May 2018.

OceanLotus Targets Southeast Asia in New Watering Hole Campaign (Infosec Island, Dec 03 2018)
A cyber-espionage group believed to be operating out of Vietnam has compromised over 20 websites as part of a watering hole campaign targeting users in Southeast Asia, ESET reports.

Phishing Campaign Delivers FlawedAmmyy, RMS RATs (SecurityWeek, Dec 03 2018)
A new campaign delivering various remote access Trojans (RATs) is likely the work of a known Dridex/Locky operator, Morphisec security researchers warn.

Bleichenbacher’s CAT puts another scratch in TLS (Naked Security – Sophos, Dec 04 2018)
Researchers demonstrate Cache-like ATacks against RSA key exchange.

Toyota Builds Open-Source Car-Hacking Tool (Dark Reading, Dec 05 2018)
PASTA (Portable Automotive Security Testbed), an open-source testing platform for researchers and budding car hacking experts.

Apple Issues Security Fixes Across Mac, iOS (Dark Reading, Dec 06 2018)
Software updates for Mac and iOS bring patches to Safari, iCloud, iTunes on Windows, and tvOS.

Two-Fifths of Firms Have Suffered “BPC” Attacks (Infosecurity Magazine, Dec 07 2018)
Trend Micro warns of business process compromise threat

Kids’ VTech tablets vulnerable to eavesdropping hackers (Naked Security – Sophos, Dec 07 2018)
Attackers can boobytrap what should be access to only parent-vetted sites and can take over the webcam, speakers and microphone.

Preparing for Tomorrow’s Threats Today (SecurityWeek, Dec 07 2018)
New threat trends on the horizon look to raise the stakes even higher. Here are just two of the vast number of emerging threats that some security professionals are predicting: Swarmbots & The commoditization of fuzzing

Supply chain compromise: Adding undetectable hardware Trojans to integrated circuits (Help Net Security, Dec 10 2018)
Is it possible for attackers to equip integrated circuits with hardware Trojans that will not change the area or power consumption of the IC, making them thus indiscernible through power-based post fabrication analysis? A group of researchers from the National University of Sciences and Technology (Islamabad, Pakistan), the Vienna University of Technology and New York University have proven it is.

New Mac Malware Combines Open-Source Backdoor and Crypto-Miner (SecurityWeek, Dec 10 2018)
A recently discovered piece of malware targeting Mac systems is a combination of two open-source programs, Malwarebytes security researchers warn.