15 Bullet Friday – The Best Security News of the Week – 2019.06.14
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Apple’s ‘Find My’ Feature Uses Some Clever Cryptography (Wired, Jun 05 2019) Apple says an elaborate rotating key scheme will soon let you track down your stolen laptop, but not let anyone track you. Not even Apple. 2. Warnings of world-wide worm […]
15 Bullet Friday – The Best Security News of the Week – 2019.06.07
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. The top 10 cyber hygiene issues that lead to a breach: A perimeter in ruins (Darktrace Blog, May 15 2019) And whereas there is no silver bullet when it comes to securing the enterprise online, patching these holes in the perimeter is […]
15 Bullet Friday – The Best Security News of the Week – 2019.05.31
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Thangrycat: A Serious Cisco Vulnerability (Schneier on Security, May 23 2019) Thrangrycat only works once you have administrative access to the device. You need a two-step attack in order to get Thrangrycat working. Attack #1 gets you remote administrative access, Attack #2 […]
15 Bullet Friday – The Best Security News of the Week – 2019.05.24
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. More Attacks against Computer Automatic Update Systems (Schneier on Security, May 16 2019) Last month, Kaspersky discovered that Asus’s live update system was infected with malware, an operation it called Operation Shadowhammer. Now we learn that six other companies were targeted in […]
15 Bullet Friday – The Best Security News of the Week – 2019.05.17
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Hackers breached 3 US antivirus companies, researchers reveal (Ars Technica, May 09 2019) In a report published Thursday, researchers at the threat-research company Advanced Intelligence (AdvIntel) revealed that a collective of Russian and English-speaking hackers are actively marketing the spoils of data […]
15 Bullet Friday – The Best Security News of the Week – 2019.05.10
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Defending Democracies Against Information Attacks (Schneier on Security, Apr 30 2019) “In this short paper, we undertake a more modest task: providing policy advice to improve the resilience of democracy against these attacks. Specifically, we can show how policy makers not only […]
15 Bullet Friday – The Best Security News of the Week – 2019.05.03
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. A ‘Blockchain Bandit’ Is Guessing Private Keys and Scoring Millions (Wired, Apr 23 2019) The larger lesson of an ongoing Ethereum crime spree: Be careful with who’s generating your cryptocurrency keys. 2. Legacy infrastructures and unmanaged devices top security risks in the […]
15 Bullet Friday – The Best Security News of the Week – 2019.04.26
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. ‘Brazen’ nation-state actors behind ‘Sea Turtle’ DNS hijacking campaign (SC Magazine, Apr 18 2019) Primarily targeting the Middle East and North Africa, the attackers are looking to harvest credentials that grant them access to sensitive networks belonging to national institutions such as […]
15 Bullet Friday – The Best Security News of the Week – 2019.04.19
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. TRITON Actor TTP Profile, Custom Attack Tools, Detections, and ATT&CK Mapping (Fire Eye Threat Research , Apr 10 2019) FireEye can now confirm that we have uncovered and are responding to an additional intrusion by the attacker behind TRITON at a different […]
15 Bullet Friday – The Best Security News of the Week – 2019.04.12
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. NSA Releases Reverse Engineering Tool’s Source Code (SecurityWeek, Apr 08 2019) The National Security Agency (NSA) has made the source code for its “Ghidra” reverse engineering tool available for everyone. 2. Half of Cyber-Attacks Involve the Supply Chain (Infosecurity Magazine, Apr 02 […]