A Review of the Best News of the Week on Cyber Threats & Defense

TrickBot Botnet Survives Takedown Attempt (SecurityWeek, Oct 15 2020)
The TrickBot botnet appears to have resumed normal operations days after Microsoft announced that it managed to take it down using legal means. 

US Cyber Command Urges Users to Patch New ‘Ping of Death’ Windows Flaw (SecurityWeek, Oct 15 2020)
The United States Cyber Command (USCYBERCOM) warns that users should apply the latest patches for Microsoft software to ensure they won’t fall victim to exploitation attempts.

Most US states show signs of a vulnerable election-related infrastructure (Help Net Security, Oct 19 2020)
75% of all 56 U.S. states and territories leading up to the presidential election, showed signs of a vulnerable IT infrastructure, a SecurityScorecard report reveals. Since most state websites offer access to voter and election information, these findings may indicate unforeseen issues leading up to, and following, the US election.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

State and local governments under siege from cyber threats (Help Net Security, Oct 14 2020)
With both security budgets and talent pools negatively affected by the ongoing pandemic, state and local governments are struggling to cope with the constant wave of cyber threats more than ever before, a Deloitte study reveals. The study is based on responses from 51 U.S. state and territory enterprise-level CISOs. Key themes COVID-19 has challenged continuity and amplified gaps in budget, talent and threats, and the need for partnerships.

A Trickbot Assault Shows US Military Hackers’ Growing Reach (Wired, Oct 14 2020)
Despite the operation’s short-term effects, it sets new precedents for the scope of Cyber Command’s mission.

Ransomware Tops 2020 Threat Rankings (Infosecurity Magazine, Oct 12 2020)
Global risk consulting firm names ransomware the most observed cyber-threat in 2020

Adobe Patches Critical Code Execution Vulnerability in Flash Player (SecurityWeek, Oct 13 2020)
Adobe has patched a critical arbitrary code execution vulnerability in Flash Player. This is the only flaw fixed by the software giant this Patch Tuesday.

Study Finds 400,000 Vulnerabilities Across 2,200 Virtual Appliances (SecurityWeek, Oct 13 2020)
Virtual appliances, even if they are provided by major software or cybersecurity vendors, can pose a serious risk to organizations, according to a report published on Tuesday by cloud visibility firm Orca Security.

Microsoft Fixes Critical Windows TCP/IP Flaw in Patch Rollout (Dark Reading, Oct 13 2020)
The October 2020 Patch Tuesday fixed 87 vulnerabilities, including 21 remote code execution flaws, in Microsoft products and services.

Cyber Warriors Sound Warning on Working From Home (SecurityWeek, Oct 14 2020)
Cyber warriors on NATO’s eastern edge are warning that the growing number of people working from home globally due to the pandemic is increasing vulnerability to cyber attacks.

Google and Intel warn of high-severity Bluetooth security bug in Linux (Ars Technica, Oct 14 2020)
Yes, it’s serious, but high severity doesn’t necessarily mean high risk.

Microsoft Office 365 Accounts a Big Target for Attackers (Dark Reading, Oct 15 2020)
Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity.

SMBs’ size doesn’t make them immune to cyberattacks (Help Net Security, Oct 14 2020)
78% of SMBs indicated that having a privileged access management (PAM) solution in place is important to a cybersecurity program – yet 76% of respondents said that they do not have one that is fully deployed, a Devolutions survey reveals.

Fancy Bear Imposters Are on a Hacking Extortion Spree (Wired, Oct 16 2020)
Nice looking website you’ve got there. It’d be a shame if someone DDoS’d it.

Expert Tips to Keep WordPress Safe (Dark Reading, Oct 19 2020)
The most widely used content management system on the Web relies heavily on plug-ins and add-on software — and that requires rigorous security measures at every level.

Twitter hackers lured employees to give up VPN credentials (SC Media, Oct 16 2020)
The attackers that hacked Twitter in July pretended to call from Twitter’s IT department about a VPN issue, then persuaded employees to enter their credentials into a website that looked identical to the real VPN login site. The claims by the hackers were credible – and successful – because Twitter’s employees were all using VPN…