A Review of the Best News of the Week on Cyber Threats & Defense

Disrupting Ransomware by Disrupting Bitcoin (Schneier on Security, Jul 26 2021)
In this light, banning cryptocurrencies like bitcoin is an obvious solution. But while the solution is conceptually simple, it’s also impossible because — despite its overwhelming problems — there are so many legitimate interests using cryptocurrencies, albeit largely for speculation and not for legal payments.

We suggest an easier alternative: merely disrupt the cryptocurrency markets. Making them harder to use will have the effect of making them less useful as a ransomware payment vehicle, and not just because victims will have more difficulty figuring out how to pay. The reason requires understanding how criminals collect their profits.

Biden Administration Responds to Geopolitical Cyber Threats (Dark Reading, Jul 23 2021)
In response to growing concerns regarding the recent uptick in large-scale, nation-state-backed ransomware attacks on critical infrastructure, the Biden administration is taking new action to tackle the evolving challenges posed by ransomware attacks.

Ignore API security at your peril (Help Net Security, Jul 26 2021)
Application programming interfaces (APIs) are at the core of nearly every digital experience – whether that is the delivery of mobile apps that enable consumers to monitor and personalize their exercise routines using an IoT connected device, or making it easy for car owners to track and share their in-vehicle driving behaviors with an insurer, or enabling remote monitoring services that allow patients with chronic conditions to record and report their daily stats and receive …

Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~20,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Easily exploitable, unpatched Windows privilege escalation flaw revealed (CVE-2021-36934) (Help Net Security, Jul 21 2021)
A researcher that goes by the Twitter handle @jonasLyk has unearthed an easily exploitable vulnerability (CVE-2021-36934) in Windows 10 that may allow local non-administrative users to gain administrative-level privileges.

China-Linked APT31 Abuses Hacked Routers in Attacks, France Warns (SecurityWeek, Jul 22 2021)
The French National Agency for the Security of Information Systems (ANSSI) on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks.

The knowledge gap around runtime security and the associated risks (Help Net Security, Jul 26 2021)
According to Aqua Security’s 2021 Cloud Native Security Practitioner study, only 3% recognize that a container, in and of itself, is not a security boundary, indicating that the default security capabilities of containers are overestimated. This result is especially alarming in conjunction with the fact that only 24% of respondents have plans in place to deploy the necessary building blocks for runtime security.

Enterprises Warned of New PetitPotam Attack Exposing Windows Domains (SecurityWeek, Jul 26 2021)
Enterprises have been warned of a new attack method that can be used by malicious actors to take complete control of a Windows domain.