A Review of the Best News of the Week on Cybersecurity Management & Strategy

How Jeff Bezos’ iPhone X Was Hacked (The New York Times, Jan 22 2020)
It most likely began with a tiny bit of code that implanted malware, which gave attackers access to Mr. Bezos’ photos and texts.

Apple dropped plan for encrypting backups after FBI complained (Reuters, Jan 24 2020)
Apple Inc dropped plans to let iPhone users fully encrypt backups of their devic…

Over half of organizations were successfully phished in 2019 (Help Net Security, Jan 24 2020)
Nearly 90 percent of global organizations were targeted with BEC and spear phishing attacks in 2019, reflecting cybercriminals’ continued focus on compromising individual end users, a Proofpoint survey reveals.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~13,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Researchers create OT honeypot, attract exploits and fraud (Help Net Security, Jan 21 2020)
Trend Micro announced the results of research featuring a honeypot imitating an industrial factory. The highly sophisticated Operational Technology (OT) honeypot attracted fraud and financially motivated exploits. Hardware equipment that ran the factory Complex investigation The six-month investigation revealed that unsecured industrial environments are primarily victims of common threats. The honeypot was compromised for cryptocurrency mining, targeted by two separate ransomware attacks, and us

China-Based Cyber Espionage Group Reportedly Behind Breach at Mitsubishi Electric (Dark Reading, Jan 21 2020)
Personal data on over 8,100 individuals and confidential business information likely exposed in June 2019 incident.

To Avoid Disruption, Ransomware Victims Continue to Pay Up (Dark Reading, Jan 22 2020)
For all the cautions against doing so, one-third of organizations in a Proofpoint survey said they paid their attackers after getting infected with ransomware.

Why automating network security policies is the missing link to digital transformation (SC Magazine, Jan 24 2020)
According to a Gartner study, 99 percent of all security breaches through 2023 will be caused by firewall misconfigurations due to mistakes made using outdated manual techniques to manage change processes.

Does Your Domain Have a Registry Lock? (Krebs on Security, Jan 24 2020)
“If you’re running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company’s domain name and doing whatever they wish with it. Even so, most major Web site owners aren’t taking full advantage of the security tools available to protect their domains from being hijacked. Here’s the story of one recent victim who was doing almost everything possible to avoid such a situation and still had a key domain stolen by scammers.”

For Mismanaged SOCs, The Price Is Not Right (Dark Reading, Jan 22 2020)
New research finds security operations centers suffer high turnover and yield mediocre results for the investment they require.

WeLeakInfo gets pwned by FBI; Dutch, N. Irish police arrest alleged breach brokers (Ars Technica, Jan 17 2020)
Site aggregated 12 billion usernames and passwords from over 10,000 breaches.

Apple Received Tens of Thousands of Government Requests in H1 2019 (SecurityWeek, Jan 20 2020)
Apple has published its latest transparency report, which provides details on the number of government requests the tech company received during the first half of 2019.

Data Awareness Is Key to Data Security (Dark Reading, Jan 21 2020)
Traditional data-leak prevention is not enough for businesses facing today’s dynamic threat landscape.

Elaborate Honeypot ‘Factory’ Network Hit with Ransomware, RAT, and Cryptojacking (Dark Reading, Jan 21 2020)
A fictitious industrial company with phony employees personas, website, and PLCs sitting on a simulated factory network fooled malicious hackers – and raised alarms for at least one white-hat researcher who stumbled upon it.

Possessing Ransomware Could Become Illegal in Maryland (Infosecurity Magazine, Jan 20 2020)
Maryland residents could be jailed and fined $10K for possessing ransomware

DDoS Mitigation Firm Founder Admits to DDoS (Krebs on Security, Jan 20 2020)
A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others.

Surge in Ships Seeking Cybersecurity Classification (Infosecurity Magazine, Jan 21 2020)
To be awarded a “Cyber Managed” class notation, ships must show that their design, construction, commissioning, and maintenance of onboard computer-based systems are in line with existing cybersecurity best practices and standards, such as IMO MSC-Fal 1-Circ3, NIST, and BIMCO.

The Helpful Hack That Started It All (Infosecurity Magazine, Jan 22 2020)
Attacks can be devastating, but can also provide unexpected silver linings in the form of increased security and safer communication

Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says (Dark Reading, Jan 23 2020)
Attackers ‘weaponized’ Active Directory to spread the ransomware.

Greece: Government Websites Hit by Cyberattack (SecurityWeek, Jan 24 2020)
The Greek government said Friday that the official state websites of the prime minister, the national police and fire service and several important ministries were briefly disabled by a cyberattack but have been restored.

Researchers Earn $280,000 for Hacking Industrial Systems at Pwn2Own Miami (SecurityWeek, Jan 24 2020)
Researchers who took part this week in the Zero Day Initiative’s Pwn2Own Miami hacking competition have earned a total of $280,000 for exploits targeting industrial control systems (ICS) and associated protocols.