The Top 15 Security Posts – Vetted & Curated

*Threats & Defense*
1. Chrome will soon block drive-by-download malvertising (Naked Security – Sophos, Mar 13 2019)
A new Chrome feature hopes to choke off one of the most malicious forms of malware infection: drive-by advertising downloads.

2. Criminals Use One Line of Code to Steal Card Data from E-Commerce Sites (Dark Reading, Mar 14 2019)
New JavaScript sniffer is similar to malware used in the Magecart campaign last year that affected over 800 sites.

3. Stolen email credentials being used to pry into cloud accounts (SC Magazine, Mar 14 2019)
Malicious actors are using the massive supply of previously stolen login credentials to help brute force their way into high-profile cloud-based business systems that cannot easily use two-factor authentication for security.

8,000 Security News Articles
Since I started this curated newsletter in June 2017, I’ve clipped ~8,000 articles and narrowed them down into the best 20 per day. This is my favority way to stay abreast of the industry. Readers like you make this all worthwhile.
Thanks! – Lucas Samaras

Share on Twitter Facebook LinkedIn

*AI, IoT, & Mobile Security*
4. New Mirai Version Targets Business IoT Devices (Dark Reading, Mar 19 2019)
The notorious Internet of Things botnet is evolving to attack more types of devices – including those found in enterprises.

5. RSA 2019: Happily Not Over-AI’d (Gartner Blog Network, Mar 12 2019)
“My RSA Conference (#RSAC) this year was only a one day affair due to a new baby at home, but I cannot skip my ”duty” of writing this blog post with conference observations and impressions.”

6. Most Android Antivirus Apps Are Garbage (Wired, Mar 16 2019)
Fraudulent and ineffective antivirus apps persist on the Google Play Store, and it’s unclear whether they’ll ever totally go away.

*Cloud Security, DevOps, AppSec*
7. Apple, Google, GoDaddy misissued TLS certs with weak serial numbers (ZDNet, Mar 20 2019)
Multiple CAs have misissued over 1.2 million TLS certs with weak 63-bit serial numbers, instead of the standard of 64 bits.

8. Cloudflare Launches New HTTPS Interception Detection Tools (SecurityWeek, Mar 19 2019)
Security services provider Cloudflare on Monday announced the release of two new tools related to HTTPS interception detection. 

9. Thoughts on Cloud Security (TaoSecurity, Mar 13 2019)
“The book described how cloud security is a big change from enterprise security because it relies less on IP-address-centric controls and more on users and groups. The book talked about creating security groups, and adding users to those groups in order to control their access and capabilities. As I read that passage, it reminded me of a time long ago, in the late 1990s…”

*Identity Mgt & Web Fraud*
10. Why Phone Numbers Stink As Identity Proof (Krebs on Security, Mar 17 2019)
“Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on your phone bill payments — whoever inherits that number can then be you in a lot of places online.”

11. How Hackers Pulled Off a $20 Million Mexican Bank Heist (Wired, Mar 15 2019)
Welcome to the world of fake accounts, phantom funds, and money mules.

12. G Suite Admins Can Now Disable Phone 2-SV (SecurityWeek, Mar 15 2019)
Google is making G Suite accounts more secure by allowing administrators to remove phone-based 2-step verification (2-SV) from the available multi-factor verification options.

*CISO View*
13. Vladimir Putin signs sweeping Internet-censorship bills (Ars Technica, Mar 18 2019)
President Vladimir Putin has tightened his grip on the Russian Internet Monday, signing two censorship bills into law. One bans “fake news” while the other makes it illegal to insult public officials.

14. Improve cybersecurity program reporting with time-based metrics (SC Magazine, Mar 18 2019)
Since we know that security isn’t truly a zero-sum game, instead of focusing on the raw numbers or the volume of work being done, prioritize quickly addressing vulnerabilities as they’re discovered. The speed of attacks and compromises continues to increase as more computing resources become available to attackers, and strong defense-in-depth programs help in slowing down the attack chain and gives defenders more time to respond. How quickly your teams respond to threats is a powerful metric that can provide executives with a more realistic understanding of the progress of the security program’s efforts.

15. Norsk Hydro cyber attack: What happened? (Help Net Security, Mar 20 2019)
“Hydro subject to cyber-attack,” warned Oslo-headquartered Norsk Hydro ASA, one of the world’s biggest aluminum producers, on Tuesday. According to the company’s CFO Eivind Kallevik, the “root of the problem” is ransomware and the Norwegian National Security Authority confirmed the ransomware in question is LockerGoga.