The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Chinese Hackers Bypassing Two-Factor Authentication (Schneier on Security, Dec 26 2019)
On December 18th, DeepInstinct put out a great article outlining the latest Legion Loader campaign. Whether a parent, or organization, this served as a great example to demonstrate the effectiveness of DNS in mitigating this type of attack. Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid one-time codes and bypass 2FA…
2. Ransomware at IT Services Provider Synoptek (Krebs on Security, Dec 27 2019)
“Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customers nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as quickly as possible.”
3. Mitigating Web Threats with CleanBrowsing DNS (PerezBox, Dec 24 2019)
I encourage you to read DeepInstincts article if you want to better understand how it works. What I’ll focus in this article is how DNS can function as a highly effective security control to help you protect your network.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~12,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. AI can protect old equipment from cyberattack (Houston Chronicle, Dec 30 2019)
“The energy vertical really faces what I would call the perfect storm,” said Leo Simonovich, global head of industrial cyber and digital security for Siemens.
“On the one hand, there’s a vast brownfield of assets that were never designed with security in mind,” he told me on the sidelines of Time Machine 2019, an artificial intelligence conference. “On the other hand, the energy vertical is undergoing a massive transformation with the introduction of renewables through digitalization and connectivity.”
5. 2020 Predictions: Mobile Security (SC Magazine, Dec 26 2019)
2020 will be the year of 5G, bringing with it not only faster speeds and bandwidth capabilities to our mobile devices, but also making them highly coveted targets by DDoS attackers. While mobile devices have always been targeted by financial or personal data thieves, 5G’s increased bandwidth allows attackers to take control over a relatively small number of mobile handsets and unleash a tremendous amount of damage.
6. Popular Mideast App Pulled After Report it Was Spying Tool (SecurityWeek, Dec 24 2019)
A popular mobile application developed in the United Arab Emirates has been removed from both Apple and Google’s online marketplaces following a report it was used for widespread government spying.
*Cloud Security, DevOps, AppSec*
7. Predictions 2020: Infrastructure and Ops Trends to Watch in 2020 (DevOps, Dec 24 2019)
Today, modernizing systems is more than simply moving technology to a new location. It requires an IT stack of a new generation of technologies and tools to work.
8. School software vendor Active Network suffers data breach (SC Magazine, Dec 30 2019)
Acitve Network’s Blue Bear Software platform reported that unauthorized activity in its network earlier this year resulted in customer PII being exposed. The company reported the issue to the California Attorney General’s office stating it recently became aware that between Oct. 1, 2019 and Nov. 13, 2019 there was illegal activity taking place…
9. Top 6 Software Testing Trends to Look Out in 2020 (DZone DevOps Zone, Dec 24 2019)
Some of the growing software testing trends that will continue to dominate in 2020, like AI and IoT in testing and increased automation testing in teams.
*Identity Mgt & Web Fraud*
10. Say Hello to SASE (Secure Access Service Edge) (Gartner Blog Network, Dec 23 2019)
So by now, most networking folks know about SDWAN. And of course, just when everyone is aware and comfortable with a technology, and it is (relatively) stable with over 25,000 paying customers, and we can start to absorb it…then Boom. Things change. And we are absolutely seeing the market evolve. And the new “thing” is SASE – Secure Access Service Edge, pronounced “sassy”.
11. Identity access management – An auditor’s view (SC Magazine, Dec 26 2019)
12 Best Practices from an Auditor’s view…
12. The 2019 State of the Auth Report: Has 2FA Hit Mainstream Yet? (The Duo Blog, Dec 09 2019)
The Study Results Show That 2FA Is Catching On
Awareness in 2FA shot up from 44% of respondents in 2017 to 77% in 2019. That’s a 33% gain over a two year period.
More Users Are Adopting 2FA Security for Protection
In 2017, a mere 28% of respondents were using 2FA compared to 53% in 2019. That is a solid 25% gain in user security.
13. UN backs Russia on internet convention, alarming rights advocates (Yahoo News, Dec 28 2019)
The United Nations on Friday approved a Russian-led bid that aims to create a new convention on cybercrime, alarming rights groups and Western powers that fear a bid to restrict online freedom. The General Assembly approved the resolution sponsored by Russia and backed by China, which would set up a
14. Wawa Facing Lawsuits Over Data Breach at All of its Stores (SecurityWeek, Dec 28 2019)
The Wawa convenience store chain is facing a wave of lawsuits over a data breach that affected its 850 locations along the East Coast.
15. 2020 Predictions: Technology (SC Magazine, Dec 30 2019)
MITRE ATT&CK will become the go-to framework and common vocabulary for every SOC. For organizations required to have the most aggressive stances on security, such as financial services and healthcare, ATT&CK is already the go-to framework. In 2020, it will become a basis of conversation for security operations center (SOC) teams in other industries, including retail and manufacturing, as they mature their security postures.