The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Detection capabilities improve, but ransomware surges on (Help Net Security, Apr 14 2021)
A FireEye report outlines critical details on trending attacker techniques and malware, the proliferation of multifaceted extortion and ransomware, preparing for expected UNC2452 / SUNBURST copycat threat actors, growing insider threats, plus pandemic and industry targeting trends. Global median dwell time drops below one month for first time
2. CISA Urges Caution for Security Researchers Targeted in Attack Campaign (Dark Reading, Apr 14 2021)
The agency urges researchers to take precautions amid an ongoing targeted threat campaign.
3. NSA Discloses Vulnerabilities in Microsoft Exchange (Schneier on Security, Apr 16 2021)
Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. How the FBI Got Into the San Bernardino Shooter’s iPhone (Wired, Apr 17 2021)
This week, The Washington Post revealed that the company that sold the tool isn’t one of the better-known players, but instead a small Australian company known as Azimuth that is now owned by the US defense contractor L3Harris. The news provides a helpful detail as companies weigh resisting other such orders that may come from the US Justice Department or other governments in the future.
5. WhatsApp flaw lets anyone lock you out of your account (WeLiveSecurity, Apr 13 2021)
An attacker can lock you out of the app using just your phone number and without requiring any action on your part
6. Google Trumpets New Mobile App Security Standard (Infosecurity Magazine, Apr 19 2021)
Tech giant encourages developers to get on board
*Cloud Security, DevOps, AppSec*
7. Auto Insurance Giant GEICO Discloses Data Breach (SecurityWeek, Apr 20 2021)
American auto insurance provider GEICO has disclosed a cyber-incident that resulted in driver’s license numbers being compromised.
8. Infection Monkey: Open source tool allows zero trust assessment of AWS environments (Help Net Security, Apr 16 2021)
Guardicore unveiled new zero trust assessment capabilities in Infection Monkey, its open source breach and attack simulation tool. Available immediately, security professionals will now be able to conduct zero trust assessments of AWS environments to help identify the potential gaps in an organization’s AWS security posture that can put data at risk.
9. Backdoor Found in Codecov Bash Uploader (Schneier on Security, Apr 21 2021)
“Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there.
Codecov said the breach allowed the attackers to export information stored in its users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure,” the company warned.”
*Identity Mgt & Web Fraud*
10. A New Facebook Bug Exposes Millions of Email Addresses (Wired, Apr 22 2021)
A recently discovered vulnerability discloses user email addresses even when they’re set to private.
11. Account protections – A Google Perspective (Elie on Internet Security and Privacy., Apr 16 2021)
This talk provides an overview of how accounts get compromised and the defenses we found effective at Google to reduce accounts hijacking risks.
12. Mastercard Acquires Digital Identity Verification Firm Ekata for $850 Million (SecurityWeek, Apr 20 2021)
Mastercard on Monday announced that it’s acquiring digital identity verification company Ekata for $850 million.
13. Business Email Compromise Costs Businesses More Than Ransomware (Dark Reading, Apr 21 2021)
Ransomware gets the headlines, but business paid out $1.8 billion last year to resolve BEC issues, according to an FBI report.
14. REvil seeks to extort Apple and hits supplier with $50 million ransom (SC Media, Apr 21 2021)
REvil – which has been on a tear the past several weeks – wants Apple to pay an undisclosed ransom by May 1 to “buy back” 15 stolen schematics of unreleased MacBooks and gigabytes of personal data on several major Apple brands they obtained from Quanta.
15. The Incredible Rise of North Korea’s Hacking Army (The New Yorker, Apr 19 2021)
The country’s cyber forces have raked in billions of dollars for the regime by pulling off schemes ranging from A.T.M. heists to cryptocurrency thefts. Can they be stopped?