The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Intel will soon bake anti-malware defenses directly into its CPUs (Ars Technica, Jun 15 2020)
Control-Flow Enforcement Technology will debut in Tiger Lake microarchitecture.
2. Ryuk Continues to Dominate Ransomware Response Cases (Dark Reading, Jun 15 2020)
Analysis reveals how Ryuk’s operators are changing their techniques and using new means to break in.
3. Bundlore adware brings a new nest of risks to Mac users (Naked Security – Sophos, Jun 18 2020)
As the name suggests, Bundlore isn’t really one item of adware, but what SophosLabs likes to call bundleware – a software installer that lures you in, for example with promises of enabling you to “download, play and organise third party files, video, audio and other content.”
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. How I Accidentally Hijacked Someone’s WhatsApp (VICE, Jun 18 2020)
Because of phone number reuse, I ended up receiving a load of a stranger’s personal WhatsApp messages.
5. VirusTotal Adds Cynet’s Artificial Intelligence-Based Malware Detection (Hacker News, Jun 23 2020)
VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm.
6. More ad fraud apps found hiding on Google Play Store (Naked Security – Sophos, Jun 17 2020)
Fraudulent Android app developers have been discovered trying to manipulate Google’s Play Store security by removing suspicious code before adding it back in to see what trips detection systems.
*Cloud Security, DevOps, AppSec*
7. Inside the Mind of the Hacker 2019 (Bugcrowd, Jun 23 2020)
A comprehensive overview of Bugcrowd’s security researcher community, the motivations for bug hunting and the economics of whitehat hacking.
8. Web skimming with Google Analytics (Securelist, Jun 22 2020)
Web skimming is a common class of attacks generally aimed at online shoppers. The principle is quite simple: malicious code is injected into the compromised site, which collects and sends user-entered data to a cybercriminal resource.
9. 3 Big Amazon S3 Vulnerabilities You May Be Missing (Cloud Security Alliance, Jun 18 2020)
When there’s a data breach involving Amazon Web Services (AWS), more often than not it involves the Amazon S3 object storage service. The service is incredibly popular. Introduced way back in 2006 when few knew what the cloud was, S3 is highly scalable, reliable, and easy to use. But getting the security of S3 right—and making sure it stays that way—continues to confound many AWS customers.
*Identity Mgt & Web Fraud*
10. Turn on MFA Before Crooks Do It For You (Krebs on Security, Jun 19 2020)
“Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident.
11. Identifying a Person Based on a Photo, LinkedIn and Etsy Profiles, and Other Internet Bread Crumbs (Schneier on Security, Jun 22 2020)
“Interesting story of how the police can identify someone by following the evidence chain from website to website. According to filings in Blumenthal’s case, FBI agents had little more to go on when they started their investigation than the news helicopter footage of the woman setting the police car ablaze as it was broadcast live May 30.”
12. FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy (Krebs on Security, Jun 18 2020)
An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.
13. ‘BlueLeaks’ Exposes Files from Hundreds of Police Departments (Krebs on Security, Jun 22 2020)
“Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals.”
14. Spyware by Israel’s NSO Used Against Journalist: Amnesty (SecurityWeek, Jun 22 2020)
Amnesty International said Monday that software developed by Israeli security firm NSO Group was used to attack a Moroccan journalist, the latest in a series of allegations against the company.
15. Data Security in the SaaS Age: Thinking Small (Securosis Blog, Jun 22 2020)
The typical enterprise has hundreds, if not thousands, of SaaS services. So what’s the best approach to secure those applications? Any answer requires gratuitous use of many platitudes, including both “How do you eat an elephant? One bite at a time.” and that other old favorite, “You can’t boil the ocean.” Whichever pithy analogy you favor for providing data security for SaaS, you need to think small, by setting policies to protect one application or service at a time.