15 Bullet Friday – The Best Security News of the Week – 2021.01.22

The Top 15 Security Posts – Vetted & Curated

*Threats & Defense*
1. Intel unveils ransomware-fighting CPUs (SC Media, Jan 15 2021)
The capability is an easy win for CISOs, which can benefit with limited tweaks to machines.

2. Hackers used 4 zero-days to infect Windows and Android devices (Ars Technica, Jan 13 2021)
Boobytrapped websites are used by attackers to infect people who visited them.

3. CISA says multiple attacks on cloud services bypassed multifactor authentication (SC Media, Jan 14 2021)
Threat actors have used a variety of tactics and techniques—including phishing, brute force login attempts, and possibly a so-called “pass-the-cookie” attack that bypassed multifactor authentication to exploit cloud security weaknesses.


Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share on Twitter Facebook LinkedIn


*AI, IoT, & Mobile Security*
4. WhatsApp Delays Data Sharing Change After Backlash (SecurityWeek, Jan 18 2021)
WhatsApp on Friday postponed a data-sharing change as users concerned about privacy fled the Facebook-owned messaging service and flocked to rivals Telegram and Signal.

5. TikTok Harvested MAC Addresses By Exploiting Android Loophole (SecurityWeek, Jan 14 2021)
The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google.

6. How Law Enforcement Gets Around Your Smartphone’s Encryption (Wired, Jan 13 2021)
New research has dug into the openings that iOS and Android security provide for anyone with the right tools.

*Cloud Security, DevOps, AppSec*
7. CISA Warns Organizations About Attacks on Cloud Services (SecurityWeek, Jan 14 2021)
In light of successful cyberattacks targeting organizations’ cloud services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a series of recommendations on how businesses can improve their cloud security.

8. Most containers are running as root, which increases runtime security risk (Help Net Security, Jan 14 2021)
While container usage reveals organizations are shifting left by scanning images during the build phase, DevOps teams are still leaving their environments open to attack, according to Sysdig. The report also looks at trends, finding a 310 percent growth in container density since 2017, and reveals how organizations of all sizes and across industries are using and securing container environments.

9. Apple pulls the plug on user-found method to sideload iOS apps on Mac (Ars Technica, Jan 18 2021)
The now-nonviable method involved fetching the IPA file via apps like iMazing.

*Identity Mgt & Web Fraud*
10. Technologists Use Facial Recognition on Parler Videos (VICE, Jan 20 2021)
It demonstrates the democratization of facial recognition, but comes littered with ethical issues.

11. Telegram-Based Automated Scam Service Helps Fraudsters Make Millions (SecurityWeek, Jan 15 2021)
More than 40 scammer groups are actively engaged in schemes leveraging a scam-as-a-service offering that provides users the tools and resources needed to conduct fraud, according to threat hunting and intelligence company Group-IB.

12. Amazon Sold Location Data from Controversial Broker X-Mode (VICE, Jan 19 2021)
X-Mode collected data from Muslim Pro and other apps.

*CISO View*
13. Human Error to Blame as Exposed Records Top 37 Billion in 2020 (Infosecurity Magazine, Jan 22 2021)
Breach volumes drop but ‘breached’ records surge 141%

14. FireEye Releases New Open Source Tool in Response to SolarWinds Hack (SecurityWeek, Jan 19 2021)
FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that attacked IT management company SolarWinds.

15. Biden Orders Intel Agencies to Provide Full Assessment of SolarWinds Hack (SecurityWeek, Jan 22 2021)
Just says into his leadership role, U.S. President Joe Biden has instructed U.S. intelligence agencies to provide him with a detailed assessment of the SolarWinds hack, which fueled a global cyber espionage campaign impacting many high-profile government agencies and businesses.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn