15 Bullet Friday – The Best Security News of the Week – 2019.09.20

The Top 15 Security Posts – Vetted & Curated

*Threats & Defense*
1. Malware Linked to Ryuk Targets Financial & Military Data (Dark Reading, Sep 13 2019)
A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information.

2. Intel: SSH-stealing NetCAT bug not really a problem (Naked Security – Sophos, Sep 13 2019)
There’s another vulnerability in Intel chips, with another catchy name: NetCAT.

3. North Korean Hackers Use New Tricks in Attacks on U.S. (SecurityWeek, Sep 12 2019)
Hackers linked to North Korea have been targeting entities in the United States using evasion techniques that involve an uncommon file format, U.S.-based business compromise intelligence startup Prevailion reported on Wednesday.


One of My Favorite Things
Since I started this curated newsletter in June 2017, I’ve clipped ~10,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share on Twitter Facebook LinkedIn


*AI, IoT, & Mobile Security*
4. Simjacker silent phone hack could affect a billion users (Naked Security-Sophos, Sep 16 2019)
The shadowy world of phone-surveillance-for-hire became a little clearer last week following the discovery of a phone exploit called Simjacker.

5. T-Mobile Has a Secret Setting to Protect Your Account From Hackers That It Refuses to Talk About (VICE, Sep 13 2019)
T-Mobile’s little known NOPORT setting can protect your phone number from SIM swapping.

6. How Artificial Intelligence Is Changing Cyber Security Landscape and Preventing Cyber Attacks (Entrepreneur, Sep 14 2019)
The world is going digital at an unprecedentedly fast pace, and the change is only going to go even faster. The digitalization means everything is moving at lightning speed – business, entertainment, trends, new products, etc. The consumer gets what he or she wants instantly because the service provider has the means to deliver it.

*Cloud Security, DevOps, AppSec*
7. MITRE Releases 2019 List of Top 25 Software Weaknesses (Dark Reading, Sep 17 2019)
The list includes the most frequent and critical weaknesses that can lead to serious software vulnerabilities.

8. Leaky database spills data on 20 million Ecuadorians and businesses (Naked Security – Sophos, Sep 18 2019)
Included are deep details on 7 million minors, one grownup named Julian Assange, and perhaps a few million deceased Ecuadorians.

9. The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite (Wired, Sep 17 2019)
At the Defcon hacking conference next year, the Air Force will bring a satellite for fun and glory.

*Identity Mgt & Web Fraud*
10. Banks, Arbitrary Password Restrictions and Why They Don’t Matter (Troy Hunt, Sep 17 2019)
Allow me to be controversial for a moment: arbitrary password restrictions on banks such as short max lengths and disallowed characters don’t matter. Also, allow me to argue with myself for a moment: banks shouldn’t have these restrictions in place anyway.

11. Barclaycard: So Far, So Good for Strong Customer Authentication (Infosecurity Magazine, Sep 18 2019)
Barclaycard has reported no negative impact from introducing Strong Customer Authentication (SCA) last weekend. The new user authentication rules mandated by the European Union’s revised Payment Services Directive (PSD2) were introduced by the UK’s leading acquirer on Saturday, September 14.

12. Millions of Americans’ Medical Images and Data Are Available on the Internet. Anyone Can Take a Peek (ProPublica, Sep 19 2019)
Hundreds of computer servers worldwide that store patient X-rays and MRIs are so insecure that anyone with a web browser or a few lines of computer code can view patient records. One expert warned about it for years.

*CISO View*
13. WannaCry – the worm that just won’t die (Naked Security – Sophos, Sep 18 2019)
WannaCry never went away – it just became less obvious. Remember WannaCry? That’s the infamous self-spreading ransomware attack that stormed the world in May 2017. WannaCry was an unusual strain of ransomware for two main reasons.

14. U.S. sanctions North Korea hacking groups, says attacks funded missile program (SC Magazine, Sep 13 2019)
The U.S. Office of Foreign Assets Control (OFAC) sanctioned North Korea Friday for ransomware attacks on the Swift interbank messaging system and other critical infrastructure targets that generated funding for the nation-state’s weapons and missile programs. The Treasury Department targeted three state-sponsored hacking groups – the Lazarus Group, whose WannaCry attacks wreaked havoc…

15. Advanced hackers are infecting IT providers in hopes of hitting their customers (Ars Technica, Sep 18 2019)
Previously undocumented Tortoiseshell is skilled, but by no means perfect.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn