A Review of the Best News of the Week on Cyber Threats & Defense
The biggest cyber threats organizations deal with today (Help Net Security, Sep 30 2020)
Microsoft has released a new report outlining enterprise cyberattack trends in the past year (July 2019 – June 2020) and offering advice on how organizations can protect themselves. Based on over 8 trillion daily security signals and observations from the company’s security and threat intelligence experts, the Microsoft Digital Defense Report 2020 draws a distinction between attacks mounted by cybercriminals and those by nation-state attackers.
Truncated URLs Look to Make Big Dent in Phishing (Dark Reading, Oct 02 2020)
The approach is a long time in coming and will test the premise that users can more easily detect a suspicious domain from the name alone.
Attacks Aimed at Disrupting the Trickbot Botnet (Krebs on Security, Oct 02 2020)
“Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.”
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Fast and stealthy malware attempts to steal public data from government organization (Darktrace Blog, Sep 22 2020)
Darktrace’s Immune System recently detected Glupteba malware attempting to steal sensitive information from a government organization. This blog post details how targeted and autonomous actions from Darktrace Antigena would have contained the attack.
Critical Vulnerabilities Found in Remote Access Software (Infosecurity Magazine, Sep 30 2020)
Otorio discovers serious flaws in leading industrial remote access software solutions
New Toolkit Secures US Teleworkers (Infosecurity Magazine, Sep 30 2020)
Cyber Readiness Institute and CISA collaborate on new telework cybersecurity toolkit
UN Shipping Agency Forced Offline After Cyber-Attack (Infosecurity Magazine, Oct 05 2020)
International Maritime Organization appears to have recovered swiftly
Visa Warns of Attack Involving Mix of POS Malware (SecurityWeek, Oct 05 2020)
A North American merchant’s point-of-sale (POS) terminals were infected with a mix of POS malware earlier this year, Visa reports.
Multiple Wireless Router Chipsets Affected by Authentication Bypass Vulnerability (Infosecurity Magazine, Sep 29 2020)
Synopsys publishes advisory detailing vulnerabilities in a number of router chipsets
China-Linked ‘BlackTech’ Hackers Start Targeting U.S. (SecurityWeek, Sep 29 2020)
The China-linked BlackTech cyber-spies have adopted new malicious tools in recent attacks, and they have started targeting the United States, Symantec security researchers revealed on Tuesday.
Ransomware Attack on Shipping Giant (Infosecurity Magazine, Sep 29 2020)
Major French shipping firm’s servers sunk by ransomware attack
Cryptojacking: The Unseen Threat (Dark Reading, Oct 01 2020)
Mining malware ebbs and flows with the price of cryptocurrencies, and given the momentum on price is upward, cryptojacking is a very present threat.
Three immediate steps to take to protect your APIs from security risks (Help Net Security, Oct 01 2020)
In one form or another, APIs have been around for years, bringing the benefits of ease of use, efficiency and flexibility to the developer community. The advantage of using APIs for mobile and web apps is that developers can build and deploy functionality and data integrations quickly. API security posture But there is a huge downside to this approach.
Facebook Details Malware Campaign Targeting Its Ad Platform (SecurityWeek, Oct 02 2020)
Facebook on Thursday released a detailed technical report on a malware campaign that targeted its ad platform for years.
Common Ways Attackers Are Stealing Credentials (Wordfence, Oct 03 2020)
A few weeks ago, we reviewed some of the worst website hacks we’ve ever seen. Every one of them started with poor password choices and escalated into a disastrous event for the site owner. Strong passwords and good password hygiene are often the first line of defense.
HMRC Hit by Multiple Phishing and Spam Emails (Infosecurity Magazine, Oct 05 2020)
More than 15,000 emails with malware were sent to HMRC this year
China-Linked Hackers Used UEFI Malware in North Korea-Themed Attacks (SecurityWeek, Oct 05 2020)
A threat actor linked to China has used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea, Kaspersky reported on Monday.
XDSpy: Stealing government secrets since 2011 (WeLiveSecurity, Oct 03 2020)
ESET researchers uncover a new APT group that has been stealing sensitive documents from several governments in Eastern Europe and the Balkans since 2011