The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Sealed U.S. Court Records Exposed in SolarWinds Breach (Krebs on Security, Jan 07 2021)
The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts.
2. Malware variant becomes world’s most popular, thanks to ransomware surge (SC Media, Jan 08 2021)
Ransomware actors are laundering hundreds of millions of dollars through pseudo-legitimate cryptocurrency exchanges, while early-stage malware that is often used to facilitate their attacks have become the most popular forms of malware in the world.
3. Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020 (Dark Reading, Jan 07 2021)
Research reveals APT groups and cybercriminals employ these offensive security tools as often as red teams.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. WhatsApp Has Shared Your Data With Facebook for Years (Wired, Jan 08 2021)
A pop-up notification has alerted the messaging app’s users to a practice that’s been in place since 2016.
5. Ubiquiti: Change Your Password, Enable 2FA (Krebs on Security, Jan 11 2021)
Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear.
6. The White House Launches the National Artificial Intelligence Initiative Office (Whitehouse, Jan 12 2021)
The White House Launches the National Artificial Intelligence Initiative Office Whitehouse.gov
*Cloud Security, DevOps, AppSec*
7. An Absurdly Basic Bug Let Anyone Grab All of Parler’s Data (Wired, Jan 12 2021)
The “free speech” social network also allowed unlimited access to every public post, image, and video.
8. The Hacker Who Archived Parler Explains How She Did It (and What Comes Next) (VICE, Jan 12 2021)
The hacker, donk_enby, explained that she only scraped what was publicly available: “I hope that it can be used to hold people accountable and to prevent more death.”
9. Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (The New York Times, Jan 12 2021)
Russian hackers may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic, to gain access to federal government and private sector systems in the United States.
*Identity Mgt & Web Fraud*
10. SolarWinds attackers suspected in Microsoft authN compromise (SC Media, Jan 12 2021)
Mimecast issued a new certificate and is urging affected customers to delete the old one after Microsoft warned of a compromise.
11. The FBI Is Using Baked Alaska’s Livestream to Track Down Capitol Hill Rioters (VICE, Jan 13 2021)
Baked Alaska was once an alt-right darling, now the FBI is using his live streamed video to track down capitol hill rioters. The riots at Capitol Hill were streamed live across the internet. Far-right personality Tim Gionet, known as Baked Alaska, was there and streamed the riot for an hour, starting outside of the capitol before moving inside the building and interviewing participants. “Happy, happy day,” Gionet said at the beginning of his stream while police sirens wailed in the background. Now, the FBI is using footage from his livestream to track down Capitol Hill rioters in a self-own for the ages.
12. The facial-recognition app Clearview sees a spike in use after Capitol attack. (The New York Times, Jan 13 2021)
After the Capitol riot, Clearview AI, a facial-recognition app used by law enforcement, has seen a spike in use, said the company’s chief executive, Hoan Ton-That.
13. Europol announces bust of “world’s biggest” dark web marketplace (Naked Security – Sophos, Jan 14 2021)
Dark web servers are hard to find – but not impossible.
14. Post-Riot, the Capitol Hill IT Staff Faces a Security Mess (Wired, Jan 11 2021)
Wednesday’s insurrection could have exposed congressional data and devices in ways that have yet to be appreciated.
15. On US Capitol Security — By Someone Who Manages Arena-Rock-Concert Security (Schneier on Security, Jan 13 2021)
“…I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S. Capitol using little more than those same mobile gates I had the ones that look like bike racks that can hook together to try to keep the crowds away from sensitive areas and, later, push back people intent on accessing the grounds. (A new fence that appears to be made of sturdier material was being erected on Thursday.) That’s the same equipment and approximately the same amount of force I was able to use when a group of fans got a little feisty and tried to get backstage at a Vanilla Ice show.”