15 Bullet Friday – The Best Security News of the Week – 2019.07.26

The Top 15 Security Posts – Vetted & Curated

*Threats & Defense*
1. Critical RCE Vulnerability Found in Palo Alto Networks VPN Product (SecurityWeek, Jul 22 2019)
A critical remote code execution vulnerability has been found and patched in Palo Alto Networks’ GlobalProtect product.

2. Is ‘REvil’ the New GandCrab Ransomware? (Krebs on Security, Jul 15 2019)
The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program

3. Microsoft demos vote verification tool, warns of ongoing foreign meddling (SC Magazine, Jul 18 2019)
Microsoft Corporation yesterday began publicly demonstrating its free and open-source secure electronic voting solution, ElectionGuard, warning that such innovations are necessary as adversarial nations continue to target the American people and U.S. businesses.


One of My Favorite Things
Since I started this curated newsletter in June 2017, I’ve clipped ~10,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share on Twitter Facebook LinkedIn


*AI, IoT, & Mobile Security*
4. Researchers Claim They Bypassed Cylance’s AI-Based Antivirus (SecurityWeek, Jul 19 2019)
Researchers at Australia-based cybersecurity firm Skylight claim to have found a way to trick Cylance’s AI-based antivirus engine into classifying malicious files as benign.

5. Hackers Access Sprint Accounts via Samsung Website (SecurityWeek, Jul 17 2019)
US telecoms company Sprint has informed some customers that their Sprint accounts have been accessed by hackers via a Samsung website.

6. Huawei’s Czech Unit Secretly Collected Data: Report (SecurityWeek, Jul 22 2019)
The Czech unit of telecoms giant Huawei secretly collected personal data of customers, officials and business partners, Czech public radio reported Monday, fanning concerns about security risks linked to the Chinese group.

*Cloud Security, DevOps, AppSec*
7. Google increases bounties for Chrome, Google Play bugs (Help Net Security, Jul 22 2019)
Bug hunters searching for security flaws in Google’s offerings are now vying for higher bounties. Microsoft has launched a new bug bounty program. Google’s changes Since 2010, when Google started the Chrome Vulnerability Reward Program to reward security researchers who invest their time and effort to discover bugs in Chrome and Chrome OS, the company has raised the offered bounty amounts a number of times.

8. Google Chrome is ditching its XSS detection tool (Naked Security – Sophos, Jul 18 2019)
Google’s throwing in the towel on XSS Auditor and putting its trust in Trusted Types instead.

9. QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack (Krebs on Security, Jul 19 2019)
“Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.”

*Identity Mgt & Web Fraud*
10. Facebook Privacy Overhaul Following Fine (Infosecurity Magazine, Jul 25 2019)
In a blog post on Wednesday, general counsel Colin Stretch outlined the steps Facebook is taking to build a security and privacy-by-design culture “on a different scale than anything we’ve done in the past” – with transparency and accountability front-and-center.

11. Worried About Insider Threats? Here’s How You Build an Effective Insider Threat Program (PingTalk, Jul 24 2019)
Here are the top 5 things you need to know when developing your own insider threat program.

12. Stock Trading Firm Robinhood Stored User Passwords in Plaintext (SecurityWeek, Jul 25 2019)
Robinhood, a California-based financial services company that provides a popular commission-free stock trading app, informed some users that their passwords were stored in plaintext.

*CISO View*
13. The Unsexy Threat to Election Security (Krebs on Security, Jul 25 2019)
Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.

14. NSA to establish a defense-minded division named the Cybersecurity Directorate (ZDNet, Jul 23 2019)
The National Security Agency announced today plans to establish a new defense-minded cyber-security division that will focus on defending the US against foreign cyber-threats. This new division, which will be named the Cybersecurity Directorate, will become operational on October 1, later this year.

15. What You Should Know About the Equifax Data Breach Settlement (Krebs on Security, Jul 22 2019)
Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn