The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Pay-or-Get-Breached Ransomware Schemes Take Off (Dark Reading, Jan 26 2021)
In 2020, ransomware attackers moved quickly to adopt so-called “double extortion” schemes, with more than 550 incidents in the fourth quarter alone.
2. #RSAC365: #COVID19 Fundamentally Altered Global Attack Surface (Infosecurity Magazine, Jan 27 2021)
How adversaries have levied tactics specifically designed to exploit the pandemic
3. The Taxman Cometh for ID Theft Victims (Krebs on Security, Jan 29 2021)
The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn’t abated, although news coverage of the issue has largely been pushed off the front pages by other events. But the ID theft problem is coming to the fore once again: Countless Americans will soon be receiving notices from state regulators saying they owe thousands of dollars in taxes on benefits they never received last year.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. UScellular Breach Allowed Hackers to Port Customer Phone Numbers (SecurityWeek, Jan 29 2021)
Chicago-based wireless carrier UScellular started informing customers last week that their personal information may have been accessed and their phone numbers ported as a result of a data breach.
5. Wormable Android malware spreads via WhatsApp messages (WeLiveSecurity, Jan 26 2021)
“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app
6. Apple Patches Three iOS Zero-Day Vulnerabilities (Dark Reading, Jan 27 2021)
New iOS 14.4 update available for iPhones and iPads.
*Cloud Security, DevOps, AppSec*
7. 1/3 of businesses have cloud budget overruns of up to 40% (Help Net Security, Feb 02 2021)
More than one-third of businesses have cloud budget overruns of up to 40 percent, and one in 12 companies exceed this number, a Pepperdata survey of 750 senior enterprise IT professionals in industries ranging from finance to healthcare, automotive, advertising and other data-intensive businesses reveals.
8. Flaws in open source library used by DoD, IC for satellite imagery could lead to system takeovers (SC Media, Jan 29 2021)
Two vulnerabilities discovered could lead to remote code execution, while another could lead to denial of service attacks.
9. Beyond Corp Enterprise: True zero trust architecture for the multicloud (Google Cloud Blog, Feb 03 2021)
“We recognize the complexities that come with a zero trust journey and understand that most customers host resources across different cloud providers. With this in mind, BeyondCorp Enterprise was purpose-built as a multicloud solution, enabling customers to securely access resources hosted not only on Google Cloud or on-premises, but also across other clouds such as Azure and Amazon Web Services (AWS). “
*Identity Mgt & Web Fraud*
10. Barclays: 2020 the Highest Year on Record for Scams (Infosecurity Magazine, Feb 02 2021)
Over half of Brits are too embarrassed to report falling victim to scams
11. U.K. Arrest in ‘SMS Bandits’ Phishing Service (Krebs on Security, Feb 01 2021)
Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. The service, marketed in the underground under the name “SMS Bandits” has been responsible for blasting out huge volumes of phishing lures spoofing everything from COVID-19 pandemic relief efforts to PayPal, telecommunications providers and tax revenue agencies.
12. China Steals Personal Data of 80% of US Adults (Infosecurity Magazine, Feb 01 2021)
CBS report warns PRC government may have stolen personal info of 80% of adult Americans
13. Another SolarWinds Orion Hack (Schneier on Security, Feb 04 2021)
“At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using an already existing vulnerability in Orion to penetrate networks:
Two people briefed on the case said FBI investigators recently found that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among the affected organizations, raising fears that data on thousands of government…”
14. More SolarWinds News (Schneier on Security, Feb 03 2021)
“Microsoft analyzed details of the SolarWinds attack:
Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot, was deployed in September 2019, at the time hackers breached SolarWinds’ internal network. Other related malware includes Teardrop aka Raindrop.
Details are in the Microsoft blog:
We have published our in-depth analysis of the Solorigate backdoor malware (also referred to as…”
15. Trucking Giant Says Ransomware Attack Had $7.5M Impact (SecurityWeek, Feb 04 2021)
In a filing with the Securities and Exchange Commission (SEC) this week, North American trucking and freight transportation logistics giant Forward Air Corporation said a December 2020 ransomware attack had an impact on its fourth quarter financial results.