The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Colonial Pipeline Struggles to Restart After Ransomware Attack (SecurityWeek, May 09 2021)
Operators of the Colonial Pipeline are struggling to get fuel flowing at normal capacity after a cyberattack forced a shutdown of distribution system, the largest refined products pipeline in the United States.
2. Pipeline Hackers Say They’re ‘Apolitical,’ Will Choose Targets More Carefully Next Time (VICE, May 10 2021)
“Our goal is to make money, and not creating problems for society,” the statement continues.
3. FBI, NSA, CISA & NCSC Issue Joint Advisory on Russian SVR Activity (Dark Reading, May 07 2021)
The report provides additional details on tactics of Russia’s Foreign Intelligence Service following public attribution of the group to last year’s SolarWinds attack.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. Security researcher successfully jailbreaks an Apple AirTag (Ars Technica, May 10 2021)
Successful jailbreak increases existing AirTag security and privacy concerns.
5. Apple brass discussed disclosing 128-million iPhone hack, then decided not to (Ars Technica, May 08 2021)
Emails entered into Epic Games lawsuit show execs contradicting Apple talking points.
6. Apple Is Having a Really Bad Time With iPhone Security Bugs This Year (VICE, May 05 2021)
A week after iOS 14.5, there’s a new emergency update to fix two new serious vulnerabilities.
*Cloud Security, DevOps, AppSec*
7. Google Releases Open Source Tool for Verifying Containers (SecurityWeek, May 10 2021)
Google has released a new open-source tool called cosign to make it easier to manage the process of signing and verifying container images.
8. Researcher Claims Peloton APIs Exposed All Users Data (Infosecurity Magazine, May 06 2021)
Even those in privacy mode were affected, says Pen Test Partners
9. Emerging open cloud security framework has backing of Microsoft, Google and IBM (TechCrunch, May 05 2021)
Each of the big cloud platforms has its own methodology for passing on security information to logging and security platforms, leaving it to the vendors to find proprietary ways to translate that into a format that works for their tool. The Cloud Security Notification Framework (CSNF), a new working group that includes Microsoft, Google and…
*Identity Mgt & Web Fraud*
10. Hackers Leak Personal Data of Washington DC Police Officers (VICE, May 11 2021)
The ransomware gang Babuk released the personal details of several Metropolitan Police Department officers—essentially a full dox—in an attempt to extort the department into paying a ransom to stop further leaks.
11. Amazon: We Blocked 10 Billion Bad Listings in 2020 (Infosecurity Magazine, May 11 2021)
Retail giant reveals major counterfeit threat in new report
12. 13 best practices for user account, authentication, and password management, 2021 edition (Google Cloud Blog, May 06 2021)
Updated for 2021: This post includes updated best practices including the latest from Google’s Best Practices for Password Management whitepapers for both users and system designers.
Account management, authentication and password management can be tricky. Often, account management is a dark corner that isn’t a top priority for developers or product managers. The resulting experience often falls short of what some of your users would expect for data security and user experience.
13. A Closer Look at the DarkSide Ransomware Gang (Krebs on Security, May 11 2021)
The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. Here’s a closer look at the DarkSide cybercrime gang, as seen through their negotiations with a recent U.S. victim that earns $15 billion in annual revenue.
14. Colonial Pipeline resumes operations after ransomware prompted closure (Ars Technica, May 12 2021)
Closure prompted panic-buying, price hikes, and other disruptions in East Coast states.
15. New US Executive Order on Cybersecurity (Schneier on Security, May 13 2021)
“President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government.
For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of new cybersecurity standards. Although the companies would have to “self-certify,” violators would be removed from federal procurement lists…”