15 Bullet Friday – The Best Security News of the Week – 2021.03.05

The Top 15 Security Posts – Vetted & Curated

*Threats & Defense*
1. NSA Publishes Guidance on Adoption of Zero Trust Security (SecurityWeek, Mar 01 2021)
The U.S. National Security Agency (NSA) has published guidance on how security professionals can secure enterprise networks and sensitive data by adopting a Zero Trust security model.

2. Hackers Tied to Russia’s GRU Targeted the US Grid for Years (Wired, Feb 24 2021)
A Sandworm-adjacent group has successfully breached US critical infrastructure a handful of times, according to new findings from the security firm Dragos.

3. Chinese Threat Actor Uses Browser Extension to Hack Gmail Accounts (SecurityWeek, Feb 26 2021)
In early 2021, a Chinese threat actor tracked as TA413 attempted to hack into the Gmail accounts of Tibetan organizations using a malicious browser extension, researchers with cybersecurity firm Proofpoint have discovered.


Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share on Twitter Facebook LinkedIn


*AI, IoT, & Mobile Security*
4. US ‘unprepared’ to defend against new AI threats, report finds (The Hill, Mar 01 2021)
The federal government is “unprepared” to defend the nation against new threats posed by the increased adoption of artificial intelligence technologies, according to a report released Monday.

The report, compiled by the National Security Commission on Artificial Intelligence, recommended that the U.S. implement a “significant change” to keep up with countries such as China and Russia in the field of AI to address national security concerns.

5. Cybersecurity researchers build a better ‘canary trap’ (ScienceDaily, Mar 02 2021)
This new tool uses an artificial intelligence system to generate fake documents that foil IP theft by fooling adversaries.

6. New Jailbreak Tool Works on Most iPhones (Dark Reading, Mar 01 2021)
The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.

*Cloud Security, DevOps, AppSec*
7. Is Your Browser Extension a Botnet Backdoor? (Krebs on Security, Mar 01 2021)
A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, and why installing an extension can be such a risky proposition.

8. How to protect sensitive data for its entire lifecycle in AWS (AWS Security Blog, Feb 26 2021)
“Many Amazon Web Services (AWS) customer workflows require ingesting sensitive and regulated data such as Payments Card Industry (PCI) data, personally identifiable information (PII), and protected health information (PHI). In this post, I’ll show you a method designed to protect sensitive data for its entire lifecycle in AWS. This method can help enhance your data security posture and be useful for fulfilling the data privacy regulatory requirements applicable to your organization for data protection at-rest, in-transit, and in-use.”

9. Attackers Turn Struggling Software Projects Into Trojan Horses (Dark Reading, Feb 26 2021)
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.

*Identity Mgt & Web Fraud*
10. How $100M in Jobless Claims Went to Inmates (Krebs on Security, Feb 25 2021)
“The U.S. Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That’s a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To help reverse that trend, many states are now turning to a little-known private company called ID.me.”

11. Google Vows to Stop Tracking Individual Browsing for Ads (SecurityWeek, Mar 03 2021)
Google on Wednesday pledged to steer clear of tracking individual online activity when it begins implementing a new system for targeting ads without the use of so-called “cookies”

12. Okta says it’s buying security rival Auth0 for $6.5 billion, sending stock plunging (CNBC, Mar 04 2021)
Okta, whose software allows office workers to access their apps through a secure service, is buying one of its top competitors.

*CISO View*
13. Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails (Krebs on Security, Mar 02 2021)
Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.

14. National Security Risks of Late-Stage Capitalism (Schneier on Security, Mar 01 2021)
Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds’s customers, including US government agencies such as the Homeland Security Department and State Department, American nuclear research labs, government contractors, IT companies and nongovernmental agencies around the world.

15. Chinese Hackers Stole an NSA Windows Exploit in 2014 (Schneier on Security, Mar 04 2021)
“Check Point has evidence that (probably government affiliated) Chinese hackers stole and cloned an NSA Windows hacking tool years before (probably government affiliated) Russian hackers stole and then published the same tool. Here’s the timeline:

The timeline basically seems to be, according to Check Point…”

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn