The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. New Age Network Detection: Introduction (Securosis Blog, May 25 2021)
Like the rest of the technology stack, the enterprise network is undergoing a huge transition. With data stores increasingly in the cloud and connectivity to SaaS providers and applications running in Infrastructure as a Service (IaaS) platforms, a likely permanently remote workforce has new networking requirements. Latency and performance continue to be important, but also being able to protect employee devices in all locations…
2. CISA-FireEye: 16 malware families from China infect Pulse Secure VPN appliances (SC Media, May 28 2021)
FireEye Mandiant, working in in tandem with the Cybersecurity and Infrastructure Security Agency and Ivanti, reported details of 16 malware families exclusively designed to infect Ivanti Pulse Connect Secure VPN appliances, and used by several cyber espionage groups believed to be affiliated with the Chinese government.
3. The SolarWinds hackers aren’t back—they never went away (Ars Technica, May 30 2021)
A new phishing campaign is less an escalation than a regression to the mean.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. Most Mobile Apps Can Be Compromised in 15 Minutes or Less (Dark Reading, May 28 2021)
In the name of releasing apps quickly and delivering a smooth user experience, mobile app security is often given short shrift.
5. Amazon devices will soon automatically share your Internet with neighbors (Ars Technica, May 29 2021)
Amazon’s experiment wireless mesh networking turns users into guinea pigs.
6. I hacked my friend’s website after a SIM swap attack (WeLiveSecurity, May 27 2021)
Here’s how easily your phone number could be stolen, why a successful SIM swap scam is only the beginning of your problems, and how you can avoid becoming a victim of the attack
*Cloud Security, DevOps, AppSec*
7. Use the OWASP API Top 10 to Secure Your APIs (DevOps, Jun 02 2021)
The tools, languages, platforms, and methods used to build applications have changed drastically over the past decade. Application security practices have to change with them; otherwise, security professionals will be playing constant catch-up with attackers and cybercriminals. What Is the OWASP API Top 10?
8. Best practices for securing the CPaaS technology stack (Help Net Security, May 31 2021)
Like everything that’s connected to the cloud, Communications Platform-as-a-Service (CPaaS) solutions are vulnerable to hacking, which increased dramatically as workforces shifted to remote and hybrid models because of the pandemic. For this reason and others, such a platform must be built secure by design. This means taking the time necessary to examine and re-examine code and configuration, then make appropriate changes prior to deployment.
9. How to implement a hybrid PKI solution on AWS (AWS Security Blog, May 26 2021)
As customers migrate workloads into Amazon Web Services (AWS) they may be running a combination of on-premises and cloud infrastructure. When certificates are issued to this infrastructure, having a common root of trust to the certificate hierarchy allows for consistency and interoperability of the Public Key Infrastructure (PKI) solution.
*Identity Mgt & Web Fraud*
10. US Convicts “King of Fraud” (Infosecurity Magazine, Jun 01 2021)
Cyber-criminal who scammed US companies out of millions is convicted by federal jury
11. Using Fake Reviews to Find Dangerous Extensions (Krebs on Security, May 29 2021)
Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams. Here’s the story of how bogus reviews on a counterfeit Microsoft Authenticator browser extension exposed dozens of other extensions that siphoned personal and financial data.
12. Fraud and security departments converge on battle against ‘synthetic identities’ (SC Media, May 27 2021)
The Federal Reserve recently produced a formal definition for synthetic identity fraud, a process that involved a committee of a dozen outside experts convening over nine months. So what is it? And why should CISOs care?
13. Mandiant to Re-Emerge After $1.2 Billion FireEye Sale (Infosecurity Magazine, Jun 03 2021)
The deal will see STG acquire FireEye’s network, email, endpoint and cloud security products
14. Meat Is Latest Cyber Victim as Hackers Hit Top Supplier JBS (Yahoo, Jun 01 2021)
The world’s biggest meat supplier has become the latest casualty of a cybersecurity attack, posing a fresh threat to global food security already rattled by the Covid-19 pandemic.
15. CISA Issues MITRE ATT&CK Mapping Guide for Threat Intelligence Analysts (SecurityWeek, Jun 03 2021)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the availability of a new guide for cyber threat intelligence analysts on the use of the MITRE ATT&CK framework.