The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products? (Help Net Security, Jan 25 2021)
On Friday evening, SonicWall announced that it “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.” The network security company said that several of its products are impacted, but the day after let everyone know that some of those were not affected, after all.
2. Injecting a Backdoor into SolarWinds Orion (Schneier on Security, Jan 19 2021)
Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process:
SUNSPOT is StellarParticle’s malware used to insert the SUNBURST backdoor into software builds of the SolarWinds Orion IT management product.
SUNSPOT monitors running processes for those involved in compilation of the Orion product and replaces one of the source files to include the SUNBURST backdoor code.
Several safeguards were added to SUNSPOT to avoid the Orion builds from failing, potentially alerting developers to the adversary’s presence.
3. Chipmaker Intel Corp. Blames Internal Error on Data Leak (SecurityWeek, Jan 23 2021)
The computer chipmaker Intel Corp. on Friday blamed an internal error for a data leak that prompted it to release a quarterly earnings report early. It said its corporate network was not compromised.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. TikTok Bug Gave Access to Contacts’ Profile Details (Infosecurity Magazine, Jan 26 2021)
Check Point reveals now-fixed vulnerability
5. Bugs in Signal, other video chat apps allowed attackers to listen in on users (Help Net Security, Jan 21 2021)
Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed.
6. Humans wouldn’t be able to control a superintelligent AI, according to a new study (Business Insider, Jan 26 2021)
Humans wouldn’t be able to control a superintelligent AI, according to a new study – Business Insider Business Insider
*Cloud Security, DevOps, AppSec*
7. Google Says Chrome Cookie Replacement Plan Making Progress (SecurityWeek, Jan 26 2021)
Google says it’s making progress on plans to revamp Chrome user tracking technology aimed at improving privacy even as it faces challenges from regulators and officials.
8. Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits (SecurityWeek, Jan 27 2021)
Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8.
9. Bot Lets Hackers Easily Lookup Facebook Users’ Phone Numbers (VICE, Jan 25 2021)
The person selling access to the service claims it has data on 500 million Facebook users.
*Identity Mgt & Web Fraud*
10. Firefox Cracks Down on Supercookies to Improve User Privacy (SecurityWeek, Jan 26 2021)
Mozilla this week announced further improvements to user privacy in Firefox, through the isolation of network connections and caches, thus essentially cracking down on supercookies.
11. Military intelligence buys location data instead of getting warrants, memo shows (Ars Technica, Jan 22 2021)
A long and growing list of agencies are using money to bypass Carpenter ruling.
12. Google’s BeyondCorp Enterprise security platform is now generally available (TechCrunch, Jan 26 2021)
…modeled after how Google itself keeps its network safe without relying on a VPN, is now generally available. BeyondCorp Enterprise builds out Google’s existing BeyondCorp Remote Access offering with additional enterprise features. Google describes it as “a zero trust solution that enables secure access with integrated threat and data protection.”
13. More Security Vendors Admit to SolarWinds Attacks (Infosecurity Magazine, Jan 27 2021)
Several more cybersecurity vendors have revealed that they were attacked by the same threat actors that compromised SolarWinds, although there appears to have been minimal if any impact on customers.
14. UK Insurers Defend Covering Ransomware Payments (Infosecurity Magazine, Jan 27 2021)
Association of British Insurers said cyber-attacks could financially ruin companies
15. Microsoft Security Business Exceeds $10B in Revenue (Dark Reading, Jan 27 2021)
Microsoft’s security division has grown more than 40% year-over-year, the company reports alongside security product updates.