A Review of the Best News of the Week on Cyber Threats & Defense
Major Zcash Vulnerability Fixed (Schneier on Security, Feb 05 2019)
Zcash just fixed a vulnerability that would have allowed “infinite counterfeit” Zcash. Like all the other blockchain vulnerabilities and updates, this demonstrates the ridiculousness of the notion that code can replace people, that trust can be encompassed in the protocols, or that human governance is not ncessary.
Why vaporworms might be the scourge of 2019 (Help Net Security, Feb 05 2019)
Not too long ago, the WatchGuard Threat Lab predicted the emergence of vaporworms as a major new cyber threat that will affect organizations of all sizes in 2019. We coined the term to describe a new breed of fileless malware with self-propagating, wormlike properties. At the time of the initial prediction, our team was fairly sure this idea was more than conjecture, but now the advent of the vaporworm in 2019 seems to be an abject certainty.
KeySteal could allow someone to steal your Apple Keychain passwords (Naked Security – Sophos, Feb 07 2019)
The researcher says it works without root or administrator privileges and without password prompts. But he’s not revealing how it works to Apple because there’s no money for him in its invite-only/iOS-only bounties.
Compliance is necessary. Wasting money isn’t.
The Mosaic Security Research Market Intelligence Platform provides the tools you need for OWASP’s Cyber Defense Matrix. Build your threat defense systematically.
Ransomware Attack Via MSP Locks Customers Out of Systems (Dark Reading, Feb 07 2019)
Vulnerable plugin for a remote management tool gave attackers a way to encrypt systems belonging to all customers of a US-based MSP.
Ransomware Sees Further Decline, Banking Trojan Use Steps Up (Infosecurity Magazine, Feb 07 2019)
Ransomware message volumes dropped significantly from Q2 to Q4 “suggesting that ransomware campaigns did not generate sufficient returns for threat actors to continue distributing them at scale.”
Researchers Devise New Method of Intrusion Deception for SDN (Dark Reading, Feb 04 2019)
Team from University of Missouri take wraps off Dolus, a system ‘defense using pretense’ which they say will help defend software-defined networking (SDN) cloud infrastructure.
Speak Up Malware Targets Linux, Mac in New Campaign (Infosecurity Magazine, Feb 04 2019)
New malware injects backdoor Trojan by exploiting known vulnerabilities.
Shellbot Crimeware Re-Emerges in Monero Mining Campaign (Dark Reading, Feb 05 2019)
Team from University of Missouri take wraps off Dolus, a system ‘defense using pretense’ which they say will help defend software-defined networking (SDN) cloud infrastructure.
New Vulnerabilities Make RDP Risks Far From Remote (Dark Reading, Feb 05 2019)
More than two dozen vulnerabilities raise the risk of using RDP clients to remotely manage and configure systems.
IcedID banking trojan now used against online retailers (SC Magazine, Feb 06 2019)
The malicious actors behind the IcedID banking trojan have branched out and are now using the malware to steal payment card credentials from online retailers and may have even become malware-as-a-service dealers.
HelpSystems Buys Core Security Assets to Grow Infosec Portfolio (Dark Reading, Feb 06 2019)
Acquisition will enable it to provide threat detection, pen testing, and other security tools to customers.