The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Triton is the world’s most murderous malware, and it’s spreading (MIT Technology Review, Mar 06 2019)
The rogue code can disable safety systems designed to prevent catastrophic industrial accidents. It was discovered in the Middle East, but the hackers behind it are now targeting companies in North America and other parts of the world, too.
2. Google Reveals “BuggyCow,” a Rare MacOS Zero-Day Vulnerability (Wired, Mar 04 2019)
Google’s Project Zero researchers find a potentially powerful privilege escalation trick in how Macs manage memory.
3. #RSAC: The Most Dangerous New Attack Techniques & How to Counter Them (Infosecurity Magazine, Mar 11 2019)
According to Skoudis, there are two specific attack vectors that he’s seeing increasingly. First is the manipulation of the DNS infrastructure associated with specific enterprises. “Hackers are using credentials that they have compromised in the normal course of business,” he explained. “Bad guys are logging into DNS and name registrars and manipulating the DNS records there. Emails destined for your organizations are actually being redirected to them.”
8,000 Security News Articles
Since I started this curated newsletter in June 2017, I’ve clipped ~8,000 articles and narrowed them down into the best 20 per day. This is my favority way to stay abreast of the industry. Readers like you make this all worthwhile.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. Germany to Consult US Over Huawei Security Fears: Merkel (SecurityWeek, Mar 12 2019)
German Chancellor Angela Merkel said Tuesday Berlin would consult Washington over using technology made by China’s Huawei in future mobile phone networks, following reports of US threats to reduce intelligence cooperation.
5. Research Firm Offers $3 Million for iOS, Android 0-Days (SecurityWeek, Mar 11 2019)
Vulnerability research firm Crowdfense has launched a new 0-day acquisition program and is promising payouts of up to $3 million for full-chain, previously unreported exploits.
6. The Prototype iPhones That Hackers Use to Research Apple’s Most Sensitive Code (Motherboard, Mar 06 2019)
Very few people have heard of them, but “dev-fused” iPhones sold on the grey market are one of the most important tools for the best iOS hackers in the world.
*Cloud Security, DevOps, AppSec*
7. Companies are leaking sensitive files via Box accounts (ZDNet, Mar 12 2019)
Leaks discovered at Apple, the Discovery Channel, Herbalife, Schneider Electric, and even Box itself.
8. Gaming industry still in the scope of attackers in Asia (WeLiveSecurity, Mar 11 2019)
Asian game developers again targeted in supply-chain attacks distributing malware in legitimately signed software
9. Researchers Find Critical Backdoor in Swiss Online Voting System (Motherboard, Mar 12 2019)
Researchers have found a severe issue in the new Swiss internet voting system that they say would let someone alter votes undetected. They say it should put a halt to Switzerland’s plan to roll out the system in real elections this year.
*Identity Mgt & Web Fraud*
10. Judging Facebook’s Privacy Shift (Schneier on Security, Mar 13 2019)
“There is ample reason to question Zuckerberg’s pronouncement: The company has made — and broken — many privacy promises over the years. And if you read his 3,000-word post carefully, Zuckerberg says nothing about changing Facebook’s surveillance capitalism business model. All the post discusses is making private chats more central to the company, which seems to be a play for increased market dominance and to counter the Chinese company WeChat.”
11. MyEquifax.com Bypasses Credit Freeze PIN (Krebs on Security, Mar 08 2019)
“Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal, it may be simple for identity thieves to lift an existing credit freeze at Equifax and bypass the PIN armed with little more than your, name, Social Security number and birthday.”
12. T-Mobile Reveals More Location Data Abuse Following Questions from Senator Wyden (Motherboard, Mar 13 2019)
“It is now abundantly clear that you have failed to be good stewards of your customers’ private location information,” Senator Wyden wrote in a letter addressed to AT&T, T-Mobile, Sprint, and Verizon.
13. DARPA Is Building a $10 Million, Open Source, Secure Voting System (Motherboard, Mar 14 2019)
The system will be fully open source and designed with newly developed secure hardware to make the system not only impervious to certain kinds of hacking, but also allow voters to verify that their votes were recorded accurately.
14. Navy, Industry Partners Are ‘Under Cyber Siege’ by Chinese Hackers, Review Asserts (WSJ, Mar 12 2019)
The Navy and its contractors are “under cyber siege” by Chinese hackers who have stolen national security secrets in recent years, an internal review concluded.
15. Trump’s bold hack back strategy actually sounds pretty tame. (Washington Post, Mar 15 2019)
There’s still a lot of bureaucracy before the U.S. strikes back in cyberspace.