The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Microsoft’s Making a Secure PC Chip—With Intel and AMD’s Help (Wired, Nov 17 2020)
The Pluton security processor will give the software giant an even more prominent role in locking down Windows hardware.
2. Symantec Reports on Cicada APT Attacks against Japan (Schneier on Security, Nov 20 2020)
“Symantec is reporting on an APT group linked to China, named Cicada. They have been attacking organizations in Japan and elsewhere.
Cicada has historically been known to target Japan-linked organizations, and has also targeted MSPs in the past. The group is using living-off-the-land tools as well as custom malware in this attack campaign, including a custom malware — Backdoor.Hartip — that Symantec has not seen being used by the group before.”
3. How to Identify Cobalt Strike on Your Network (Dark Reading, Nov 18 2020)
Common antivirus systems frequently miss Cobalt Strike, a stealthy threat emulation toolkit admired by red teams and attackers alike.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. Security Researchers Sound Alarm on Smart Doorbells (Dark Reading, Nov 23 2020)
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.
5. Fake Minecraft mods installed on over one million Android devices (Graham Cluley, Nov 24 2020)
If you or your kids are fans of Minecraft then take care before installing apps that modify the immensely popular game. Security researchers say that they have discovered over 20 fake ‘modpack’ apps that are actually designed to bombard users with adverts in such an intrusive and aggressive fashion that using the phone becomes virtually impossible.
6. Apple to Press Ahead on Mobile Privacy, Despite Facebook Protests (SecurityWeek, Nov 20 2020)
Apple confirmed Thursday it would press ahead with mobile software changes that limit tracking for targeted advertising — a move that has prompted complaints from Facebook and others.
*Cloud Security, DevOps, AppSec*
7. Zero Trust architectures: An AWS perspective (AWS Security Blog, Nov 23 2020)
Our mission at Amazon Web Services (AWS) is to innovate on behalf of our customers so they have less and less work to do when building, deploying, and rapidly iterating on secure systems. From a security perspective, our customers seek answers to the ongoing question…
8. A Security Engineer’s Quest to Find 365 Bugs in Microsoft Office 365 (VICE, Nov 24 2020)
He’s almost there, too, with about 310 bugs found so far.
9. Facebook Paid Out $11.7 Million in Bug Bounties Since 2011 (SecurityWeek, Nov 20 2020)
Social media giant Facebook this week announced that it has paid out more than $11.7 million in bug bounties since 2011. To date, more than 50,000 researchers signed up for the company’s bug bounty program, and approximately 1,500 of them, from 107 countries, have received a bug bounty reward, the company says.
*Identity Mgt & Web Fraud*
10. Home Depot Settles with US States Over 2014 Data Breach (Infosecurity Magazine, Nov 25 2020)
11. ‘Fraud’ Is a Banned Word in U.S. Aid Program Overwhelmed by It (Bloomberg, Nov 20 2020)
A U.S. agency facing mounting scrutiny over how it doled out checks from a $212 billion pandemic relief program has privately directed employees not to use the word “fraud” in writing if they spot suspicious applications.
12. Apple’s Head of Global Security Facing Bribery Charges (Infosecurity Magazine, Nov 24 2020)
Thomas Moyer is accused of offering $70,000 worth of iPads to police officers
13. More on the Security of the 2020 US Election (Schneier on Security, Nov 23 2020)
“Last week I signed on to two joint letters about the security of the 2020 election. The first was as one of 59 election security experts, basically saying that while the election seems to have been both secure and accurate (voter suppression notwithstanding), we still need to work to secure our election systems…”
14. Financial Impact of Ransomware Attack on Sopra Steria Could Reach €50 Million (SecurityWeek, Nov 27 2020)
European IT services provider Sopra Steria estimates that a recent ransomware attack will have a financial impact ranging between €40 million ($48 million) and €50 million ($60 million).
15. On That Dusseldorf Hospital Ransomware Attack and the Resultant Death (Schneier on Security, Nov 24 2020)
“Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital and the patient dying. The police wanted to prosecute the ransomware attackers for negligent homicide, but the details were more complicated:
After a detailed investigation involving consultations with medical professionals, an autopsy, and a minute-by-minute breakdown of events, Hartmann believes that the severity of the victim’s medical diagnosis at the time she was picked up was such that she would have died regardless of which hospital she had been admitted to.”