15 Bullet Friday – The Best Security News of the Week – 2019.02.08

The Top 15 Security Posts – Vetted & Curated

*Threats & Defense*
1. Major Zcash Vulnerability Fixed (Schneier on Security, Feb 05 2019)
Zcash just fixed a vulnerability that would have allowed “infinite counterfeit” Zcash. Like all the other blockchain vulnerabilities and updates, this demonstrates the ridiculousness of the notion that code can replace people, that trust can be encompassed in the protocols, or that human governance is not ncessary.

2. Why vaporworms might be the scourge of 2019 (Help Net Security, Feb 05 2019)
Not too long ago, the WatchGuard Threat Lab predicted the emergence of vaporworms as a major new cyber threat that will affect organizations of all sizes in 2019. We coined the term to describe a new breed of fileless malware with self-propagating, wormlike properties. At the time of the initial prediction, our team was fairly sure this idea was more than conjecture, but now the advent of the vaporworm in 2019 seems to be an abject certainty.

3. KeySteal could allow someone to steal your Apple Keychain passwords (Naked Security – Sophos, Feb 07 2019)
The researcher says it works without root or administrator privileges and without password prompts. But he’s not revealing how it works to Apple because there’s no money for him in its invite-only/iOS-only bounties.


8,000 Security News Articles
Since I started this curated newsletter in June 2017, I’ve clipped ~8,000 articles and narrowed them down into the best 20 per day. This is my favority way to stay abreast of the industry. Readers like you make this all worthwhile.
Thanks! – Lucas Samaras

Share on Twitter Facebook LinkedIn


*AI, IoT, & Mobile Security*
4. Criminals Are using SS7 attacks to Empty Bank Accounts (Motherboard, Jan 31 2019)
Motherboard has identified a specific UK bank that has fallen victim to so-called SS7 attacks, and sources say the issue is wider than previously reported.

5. Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users (Help Net Security, Feb 01 2019)
This attack could be performed via next generation IMSI catchers – essentially fake mobile towers – and would allow attackers to:
-Monitor users’ mobile activity (e.g., number of calls, SMSs sent in a given time);
-Create profiles based on that information;
-Use these profiles to monitor their activity remotely even if the users move away from the attack areas.

6. Rethinking the detection of child sexual abuse imagery on the internet – Enigma 2019 (Elie Bursztein’s site, Feb 04 2019)
“In this talk, we will delve into the most pressing challenges that need to be addressed to be able to keep up with the steady increase of child sexual abuse imagery content and outline promising directions to help meet those challenges…”

*Cloud Security, DevOps, AppSec*
7. Crooks Continue to Exploit GoDaddy Hole (Krebs on Security, Feb 04 2019)
“Spammy Bear targeted dormant but otherwise legitimate domains that had one thing in common: They all at one time used GoDaddy’s hosted Domain Name System (DNS) service. Researcher Ron Guilmette discovered that Spammy Bear was able to hijack thousands of these dormant domains for spam simply by registering free accounts at GoDaddy and telling the company’s automated DNS service to allow the sending of email with those domains from an Internet address controlled by the spammers.”

8. Chrome’s hidden lookalike detection feature battles URL imposters (Naked Security – Sophos, Feb 04 2019)
Chrome now checks for misspellings of popular URLs and will display a link to the site that it thinks the user might have wanted to visit.

9. Guidelines for protecting your AWS account while using programmatic access (AWS Security Blog, Feb 06 2019)
One of the most important things you can do as a customer to ensure the security of your resources is to maintain careful control over who has access to them. This is especially true if any of your AWS users have programmatic access.

*Identity Mgt & Web Fraud*
10. More Alleged SIM Swappers Face Justice (Krebs on Security, Feb 06 2019)
“Another video posted by Ortiz — to a hijacked, highly sought Instagram account “T” — shows members of this group dumping out $200 bottles of glow-in-the-dark Dom Perignon champagne onto designer watches that cost thousands of dollars each.”

11. Big Telecom Sold Highly Sensitive Customer GPS Data Typically Used for 911 Calls (Motherboard, Feb 06 2019)
A Motherboard investigation has found that around 250 bounty hunters and related businesses had access to AT&T, T-Mobile, and Sprint customer location data.

12. A bank wants to recover the $81 million North Korea allegedly stole. It won’t be easy. (Washington Post, Feb 06 2019)
A complex lawsuit illustrates the challenges for cybercrime victims.

*CISO View*
13. Just two hacker groups are behind 60% of stolen cryptocurrency (Naked Security – Sophos, Feb 06 2019)
Chainalysis found that two groups, which it calls Alpha and Beta, are responsible for stealing around $1 billion in funds from exchanges.

14. RSA Conference 2019 USA: What you can expect at this year’s event (Help Net Security, Feb 04 2019)
It’s that time of year: RSA Conference 2019 USA is a little over a month away. To prepare, we asked Britta Glade, Director of Content and Curation for RSA Conference, to tell us more about this year’s event.

15. Chinese Hackers Spy on U.S. Law Firm, Major Norwegian MSP (SecurityWeek, Feb 06 2019)
China-linked cyber-espionage group APT10 has targeted companies in the United States and Europe to steal intellectual property or gain commercial advantage, Recorded Future security researchers say.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn