A Review of the Best News of the Week on Cyber Threats & Defense
USCYBERCOM Shares More North Korean Malware Samples (SecurityWeek, Feb 15 2020)
The U.S. Cyber Command (USCYBERCOM) has uploaded new malware samples to VirusTotal, all of which the Command has attributed to the North Korea-linked threat group Lazarus.
Emotet: Crimeware you need to be aware of (Help Net Security, Feb 12 2020)
According to the U.S. Department of Homeland Security, Emotet continues to be among the most costly and destructive malware threats affecting state, local, and territorial governments and its impact is felt across both the private and public sectors.
Mac Adware Infections Increased by 400% in 2019 (VICE, Feb 14 2020)
According to a report by an anti-malware software vendor Malwarebytes, Mac adware infections rose by 400 percent year-over-year.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~13,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Ryuk: Defending Against This Increasingly Busy Ransomware Family (Infosecurity Magazine, Feb 12 2020)
The incident at the MTSA-regulated facility is just one of the latest attacks to involve Ryuk.
The 2020 Census could be the next big hacking and disinformation target (Washington Post, Feb 13 2020)
Lawmakers are growing increasingly alarmed about hacking dangers targeting the 2020 Census after a watchdog detailed dozens of high-risk cybersecurity problems that should have been fixed a long time ago.
5 Common Errors That Allow Attackers to Go Undetected (Dark Reading, Feb 12 2020)
Make these mistakes and invaders might linger in your systems for years.
Firefox 74 Will Disable TLS 1.0 and TLS 1.1 by Default (SecurityWeek, Feb 11 2020)
Beginning March, when Firefox 74 is set to arrive in the release channel, Mozilla will disable older Transport Layer Security (TLS) protocol versions as default options for secure connections.
Echobot Malware Drives Significant Increase in OT Attacks (SecurityWeek, Feb 11 2020)
Attacks targeting operational technology (OT) infrastructure increased by over 2000 percent in 2019 compared to the previous year, and the piece of malware most commonly seen in these attacks was the Mirai variant named Echobot, IBM revealed on Tuesday.
What Are Some Foundational Ways to Protect My Global Supply Chain? (Dark Reading, Feb 11 2020)
Assessing supply chains is one of the more challenging third-party risk management endeavors organizations can take on.
How cyber attackers hide malware on your network (Network World Security, Feb 12 2020)
Knowing where to look for malware lurking on your network gives you a better chance to prevent damage from it.
A closer look at the global threat landscape (Help Net Security, Feb 13 2020)
60% of initial entries into victims’ networks leveraged either previously stolen credentials or known software vulnerabilities, allowing attackers to rely less on deception to gain access, according to a new IBM report exploring the global threat landscape.
Cookie-nabbing app could have served users side helping of XSS (Naked Security – Sophos, Feb 14 2020)
A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks.
WordPress GDPR Cookie Consent plugin patched (SC Media, Feb 13 2020)
MIT Researchers Find Vulnerabilities in Voatz Voting App (SecurityWeek, Feb 14 2020)
Vulnerabilities in the Voatz Internet voting app could allow adversaries to alter, stop, or expose a user’s vote, security researchers from the Massachusetts Institute of Technology (MIT) have discovered. The vendor, however, has disputed their findings.
Threat From Spoofed Emails Grows, While DMARC Implementation Lags (SecurityWeek, Feb 13 2020)
Email remains the biggest single cyber threat to business. Phishing can introduce malware either directly or later via stolen credentials, while BEC scam emails can lead to direct financial loss.
Three API security risks in the wake of the Facebook breach (Help Net Security, Feb 17 2020)
Facebook recently pledged to improve its security following a lawsuit that resulted from a 2018 data breach. The breach, which was left open for more than 20 months, resulted in the theft of 30 million authentication tokens and almost as much personally identifiable information. A “View As” feature that enabled developers to render user pages also let attackers obtain the user’s access token.
Bluetooth bugs – researchers find 10 “Sweyntooth” security holes (Naked Security – Sophos, Feb 14 2020)
More trouble in the Internet of Things – Bluetooth firmware code in many devices is found to have numerous bugs.