The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. CISA Issues Advisory on Home Routers (Dark Reading, Jun 30 2020)
The increase in work-from-home employees raises the importance of home router security.
2. ThiefQuest Ransomware for the Mac (Schneier on Security, Jul 06 2020)
“There’s a new ransomware for the Mac called ThiefQuest or EvilQuest. It’s hard to get infected:
For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it. It’s a good reminder to get your software from trustworthy sources, like developers whose code is “signed” by Apple to prove its legitimacy, or from Apple’s App Store itself. But if you’re someone who already torrents programs and is used to ignoring Apple’s flags, ThiefQuest illustrates the risks of that approach.”
3. NSA Issues VPN Security Guidance (Infosecurity Magazine, Jul 03 2020)
Be careful which pre-configured policies you leave on your IPsec VPN, warns the US government
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~15,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. How Police Secretly Took Over a Global Phone Network for Organized Crime (VICE, Jul 02 2020)
Unbeknownst to Mark, or the tens of thousands of other alleged Encrochat users, their messages weren’t really secure. French authorities had penetrated the Encrochat network, leveraged that access to install a technical tool in what appears to be a mass hacking operation, and had been quietly reading the users’ communications for months. Investigators then shared those messages with agencies around Europe.
5. Android Apps Stealing Facebook Credentials (Schneier on Security, Jun 30 2020)
Google has removed 25 Android apps from its store because they steal Facebook credentials: Before being taken down, the 25 apps were collectively downloaded more than 2.34 million times. The malicious apps were developed by the same threat group and despite offering different features, under the hood, all the apps worked the same. According to a report from French cyber-security…
6. Early Covid-19 tracking apps easy prey for hackers, and it might get worse before it gets better (Politico, Jul 07 2020)
The apps could prove vital to curtailing the virus’s spread as states reopen, but security fears may make them unpopular with users.
*Cloud Security, DevOps, AppSec*
7. How Cloud DLP can help with compliance, security, and privacy (Google Cloud, Jul 05 2020)
A look back at the history of DLP before discussing how DLP is useful in today’s environment, including compliance, security, and privacy use cases.
8. FTC Guidance – Six Steps Toward More Secure Cloud Computing (Cloud Security Alliance, Jul 06 2020)
The June 15, 2020 FTC Blogpost, titled Six Steps Towards More Secure Cloud Computing provides a concise, valuable checklist for businesses that use or intend to use cloud services, so that they make their use of cloud services safer. The document is a reminder of the basic golden rules concerning data security when using a third-party service provider.
9. Chinese Software Company Aisino Uninstalls GoldenSpy Malware (Dark Reading, Jul 01 2020)
Follow-up sandbox research confirms Aisino knew about the malware in its tax software, though it’s still unclear whether it was culpable.
*Identity Mgt & Web Fraud*
10. 15B credentials available on dark web; average price below $16 (SC Media, Jul 08 2020)
There are more than 15 billion stolen account credentials being sold or even shared for free on the dark web, with individual entries selling for an average of $15.43, a new research report states. Roughly one-third of the credentials, or about 5 billion, are unique, according to Digital Shadows…
11. E-Verify’s “SSN Lock” is Nothing of the Sort (Krebs on Security, Jul 04 2020)
“One of the most-read advice columns on this site is a 2018 piece called “Plant Your Flag, Mark Your Territory,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration, the IRS and others before crooks do it for you. A key concept here is that these services only allow one account per Social Security number — which for better or worse is the de facto national identifier in the United States. But KrebsOnSecurity recently discovered that this is not the case with all federal government sites built to help you manage your identity online.”
12. The Fed shares insight on how to combat synthetic identity fraud (WeLiveSecurity, Jul 06 2020)
The Federal Reserve looks at ways to counter what is thought to be the fastest-growing type of financial crime in the country
13. Three major gaps in the Cyberspace Solarium Commission’s report that need to be addressed (Help Net Security, Jul 09 2020)
Released in March 2020, the Cyberspace Solarium Commission’s report urges for the U.S. government and private sector to adopt a “new, strategic approach to cybersecurity,” namely layered cyber deterrence. Among the Commission’s lengthy 182-page report’s recommendations are that security vendors must be responsible for providing security updates for their products or services as long as they are providing usability updates and bug fixes.
14. Report: Israeli cyberattack caused Iran nuclear site fire, F35s hit missile base (The Times of Israel, Jul 03 2020)
Kuwaiti newspaper cites unnamed senior source as saying Jerusalem behind recent incidents in Iran, following an alleged attempt by Tehran to hack Israel’s water infrastructure
15. Manufacturing Sector Paid Out 62% of Total Ransomware Payments in 2019 (Infosecurity Magazine, Jul 07 2020)
The manufacturing sector made 62% of ransomware payments last year