15 Bullet Friday – The Best Security News of the Week – 2019.09.06

The Top 15 Security Posts – Vetted & Curated

*Threats & Defense*
1. How Researchers Track Malware (VICE, Aug 29 2019)
What is malware, exactly? Well, ultimately just some lines of code.

2. WannaCry Remains No. 1 Ransomware Weapon (Dark Reading, Aug 27 2019)
Of all of the ransomware variants spotted targeting victims in the first half of 2019, the infamous WannaCry was by far the most prevalent, according to Trend Micro’s detection data.

3. New Credential-Theft Attack Weaponizes DNS (Dark Reading, Aug 30 2019)
The recently discovered campaign sends stolen data out of the network as part of a DNS query.


One of My Favorite Things
Since I started this curated newsletter in June 2017, I’ve clipped ~10,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share on Twitter Facebook LinkedIn


*AI, IoT, & Mobile Security*
4. Google discovers websites exploiting iPhones (Help Net Security, Aug 30 2019)
Unidentified attackers have been compromising websites for nearly three years, equipping them with exploits that would hack visiting iPhones without any user interaction and deliver a stealthy implant capable of collecting much of the sensitive information found on users’ iOS-powered devices.

5. TrickBot Comes to Cellular Carriers (Dark Reading, Aug 28 2019)
TrickBot is using its traditional techniques — a man-in-the-middle attack that captures a web session, routes it to a command-and-control server where code is injected to request user credentials, then sends the page to the victim — in requests to the websites run by the three cellular networks. According to the report, the PIN requested by the malicious form indicates that the criminals are interested in perpetrating SIM-swap fraud.

6. Why 5G requires new approaches to cybersecurity (Brookings Institute, Sep 03 2019)
There are five ways in which 5G networks are more vulnerable to cyberattacks than their predecessors…

*Cloud Security, DevOps, AppSec*
7. Google throws bug bounty bucks at 3rd-party apps (Naked Security – Sophos, Sep 02 2019)
If an app has more than 100 million installs, Google will pay for bugs, even if the app makers already have their own bounty programs.

8. Cloud Security Boom Creates New Crop of Tech Darlings (Bloomberg, Aug 28 2019)
Global security spending is expected to reach $103.1 billion in 2019, up 9.4% from 2018, according to IDC. And more of the software is running in the cloud as characteristics such as greater processing power and real-time updates combine for better protection. Cloud is expected to account for 38% of security budgets in 2020, up from 18% in 2018

9. Phishers are Angling for Your Cloud Providers (Krebs on Security, Aug 30 2019)
“Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals.”

*Identity Mgt & Web Fraud*
10. Our Face Recognition Nightmare Began Decades Ago. Now It’s Expanding (VICE, Sep 04 2019)
Biometric systems used by ICE to round up migrants and separate families didn’t come from nowhere. They’ve been built over decades by both parties.

11. Facial Recognition Becomes Opt-in Feature at Facebook (SecurityWeek, Sep 03 2019)
Facebook on Tuesday said facial recognition technology applied to photos at the social network will be an opt-in feature.

12. Firefox now blocks third-party tracking cookies, cryptomining scripts by default (Help Net Security, Sep 04 2019)
It took a lot of testing and tweaking, but Mozilla’s Firefox browser is finally being delivered with Enhanced Tracking Protection and a web-based cryptomining blocking feature on by default. The changes “Enhanced Tracking Protection works behind-the-scenes to keep a company from forming a profile of you based on their tracking of your browsing behavior across websites — often without your knowledge or consent.

*CISO View*
13. Pitfalls to Avoid in Ransomware Incident Response Plans (SecurityWeek, Sep 03 2019)
Unfortunately, these types of attacks show no signs of slowing down anytime soon, having an adequate incident response (IR) plan prepared is essential. Here are some common pitfalls to avoid when developing your ransomware IR plan

14. What is MITRE ATT&CK and how is it useful? (WeLiveSecurity, Sep 03 2019)
An introduction to the MITRE ATT&CK framework and how it can help organize and classify various types of threats and adversarial behaviors.

15. An Inside Look at How CISOs Prioritize Budgets & Evaluate Vendors (Dark Reading, Sep 04 2019)
In-depth interviews with four market-leading CISOs reveal how they prioritize budgets, measure ROI on security investments, and evaluate new vendors.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn