The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. FBI warns of threat actors spoofing Bureau domains, email accounts (WeLiveSecurity, Nov 27 2020)
The U.S. law enforcement agency shares a sampling of more than 90 spoofed FBI-related domains registered recently
2. Latest Version of TrickBot Employs Clever New Obfuscation Trick (Dark Reading, Nov 24 2020)
The malware takes advantage of how the Windows command line interpreter works to try and slip past anti-detection tools, Huntress Labs says.
3. Experts say restoring Baltimore County school network may take weeks, with classes potentially back in days (Baltimore Sun, Nov 30 2020)
School officials issued a statement on Friday saying the district continues to address the “catastrophic attack on our technology system” but gave no specifics on when online learning might be back up and running.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. IoT Unravelled with Scott Helme (Troy Hunt, Nov 28 2020)
“What. A. Week. Blog post every day, massive uptick in comments, DMs, newsletter subscribers, followers and especially, blog traffic. More than 200,000 unique visitors dropped by this week, mostly to read about IoT things. This has been a fascinating experience for me and I’ve enjoyed sharing the journey….”
5. Popular apps in Google store leak data that adversaries could use to spy on targets (SC Media, Nov 24 2020)
Two popular Baidu apps collect data that can surreptitiously track a user’s location through Stingray devices or intercept phone calls and text messages.
6. US Air Force deploys robot security dogs to guard base (The Register, Nov 30 2020)
Do they byte?
*Cloud Security, DevOps, AppSec*
7. Half of Docker Hub Images Feature Critical Flaws (Infosecurity Magazine, Dec 02 2020)
New study of four million container images reveals major risks
8. Tesla Hacked and Stolen Again Using Key Fob (Threatpost, Nov 30 2020)
Belgian researchers demonstrate third attack on the car manufacturer’s keyless entry system, this time to break into a Model X within minutes.
9. re:Invent 2020 – Your guide to AWS Identity and Data Protection sessions (AWS Security Blog, Nov 30 2020)
AWS re:Invent will certainly be different in 2020! Instead of seeing you all in Las Vegas, this year re:Invent will be a free, three-week virtual conference. One thing that will remain the same is the variety of sessions, including many Security, Identity, and Compliance sessions.
*Identity Mgt & Web Fraud*
10. Researchers Find Powerful Cellphone Location Surveillance SS7 (VICE, Dec 01 2020)
Security researchers claim to have identified deployments of SS7 tracking technology in 25 countries, including Belgium, Denmark, Mexico, Thailand, and Australia. The deployments are linked to surveillance vendor Circles, which works with NSO Group.
11. Personal Info Available on Dark Web for as Little as 50 Cents (Infosecurity Magazine, Dec 01 2020)
Personal data is readily available for bad actors to purchase
12. Face recognition software making progress at recognizing masked faces (Help Net Security, Dec 03 2020)
A study of face recognition technology created after the onset of the COVID-19 pandemic shows that some software developers have made demonstrable progress at recognizing masked faces. The findings, produced by NIST, measure the performance of face recognition algorithms developed following the arrival of the pandemic.
13. Delaware County Pays $500,000 Ransom After Outages (Infosecurity Magazine, Nov 30 2020)
Cyber insurance reported to cover the costs
14. Bomb Threat, DDoS Purveyor Gets Eight Years (Krebs on Security, Dec 01 2020)
A 22-year-old North Carolina man has been sentenced to nearly eight years in prison for conducting bomb threats against thousands of schools in the U.S. and United Kingdom, launching distributed denial-of-service (DDoS) attacks…
15. Inside North Korea’s Rapid Evolution to Cyber Superpower (Dark Reading, Dec 01 2020)
Researchers examine North Korea’s rapid evolution from destructive campaigns to complex and efficient cyber operations.