Saturday, July 20, 2019
Internet Storm Center Infocon Status


Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
Security Weekly

Dirty Looks – Paul’s Security Weekly #612

This week, we welcome Katie Nickels, ATT&CK Threat Intelligence Lead at the MITRE Corporation, to talk about the MITRE ATT&CK Framework! In our second segment, a security roundtable discussion on Vulnerability Management, Patching, Hunt Teaming, Asset Management, and System...
Unsuperivsed Learning Podcast

Time Speeds Up When You’re Wasting It

An essay on why time can feel like it's speeding up when you get older, and how to slow it back down.Support the show.
Have I Been Pwned

Armor Games – 10,604,307 breached accounts

In January 2019, the game portal website website Armor Games suffered a data breach. A total of 10.6 million email addresses were impacted by the breach which also exposed usernames, IP addresses, birthdays of administrator accounts and passwords stored...
The CyberWire Podcast

Nansh0u not your normal cryptominer — Research Saturday

Researchers at Guardicore Labs have been tracking an unusual cryptominer that seems to be based in China and is targeting Windows MS-SQL and phpMyAdmin servers. Some elements of the exploit make use of sophisticated components previously associated with nation-state actors....
The Register

In the cooler for the next three years: Hacker of iCloud accounts used by athletes and rappers

Phishing led to shopping spree with victims' credit cards A man from the US state of Georgia who pleaded guilty in March to breaking into the Apple iCloud accounts of sports and entertainment figures was sentenced on Thursday to...
SC Magazine

Flaw allows attackers to alter media files sent via WhatsApp, Telegram, say researchers

Researchers have reported a vulnerability in the Android versions of WhatsApp and Telegram that could allow malicious actors to manipulate media files sent via the apps. This “media file-jacking” flaw could allow attackers to alter photographs, modify invoices (to aid...
Bruce Schneier

Friday Squid Blogging: Squid Mural

Large squid mural in the Bushwick neighborhood of Brooklyn. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.

Hackers breach 62 US colleges by exploiting ERP vulnerability

Hackers are breaching college networks and creating fake accounts that are used "almost immediately for criminal activity."
The Register

When Harry met celly: NSA hoarder thrown in the clink for 9 years – after taking classified work home for decades

Contractor Martin sentenced for squirreling away 50TB of hush-hush files, exploits An ex-NSA contractor who admitted stashing some 50TB of secret US government documents and exploit code at his home was today sentenced to nine years behind bars.…
Security Affairs

Israel surveillance firm NSO group can mine data from major social media

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is...
The Register

All very MoD-ern: RAF test pilot headed into space with Virgin, £30m small sat demo project

Defence ministry gets with the Apollo vibes Roundup  As the world celebrates the 50th anniversary of the Apollo 11 Moon mission, the UK's Ministry of Defence has gone a bit wacky – not only does it have fresh space...
The CyberWire Podcast

Following K3chang. Bulgaria’s tax agency breach. An alternative currency gets some incipient regulatory scrutiny. Why towns are hit with ransomware. A hair-care hack.

K3chang is out, about, and more evasive than ever. Data breached at Bulgaria’s National Revenue Agency has turned up online in at least one hacker forum. Facebook’s planned Libra cryptocurrency received close scrutiny and a tepid reception on Capitol...
PC Mag

Browser Extensions Siphon Private Data From 4M Users, Then Leak It

Eight browser extensions for Chrome and Firefox were recently shut down after a security researcher uncovered how they were sending users' private data, including links to sensitive online documents, to a marketing intelligence firm.
SC Magazine

Securing Energy Infrastructure Act passes House

The House Thursday passed the bipartisan Securing Energy Infrastructure Act, which aims to remove vulnerabilities that could allow hackers to access the energy grid. The bill was sponsored by Representatives Dutch Ruppersberger (D-Md.) and John Carter (R-Tex.) and mirrors the...
7 minute security

7MS #373: Tales of Pentest Fail #2 is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit for more details, and tell them 7 Minute Security sent you to get a 10% discount! Today's episode is a two-tale story...

Contractor who stole 50TB of NSA data gets nine years in prison

Prosecutors never proved former NSA contractor was the origin for the Shadow Brokers leak.

10 Most Neglected Data Security Best Practices

The 2018 Netwrix IT Risks Report explores how organizations are working to ensure compliance and beat cyber threats. Unfortunately, the results indicate that organizations aren’t doing enough to defeat the bad guys. Here are the 10 most neglected security best practices:  1. Classify data based...

Iranian Hackers Use New Malware in Recent Attacks

The Iran-linked cyber-espionage group OilRig has started using three new malware families in campaigns observed over the past month, FireEye reports. read more

Malware in PyPI Code Shows Supply Chain Risks

A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories.
SC Magazine

Ke3chang APT group linked to Okrum backdoor

ESET researchers linked the Ke3chang APT group to the newly discovered Okrum backdoor showing the group is still active and improving its code. Researchers have since discovered new versions of malware families linked to the Ke3chang group and believe the...


Bruce Schneier

Friday Squid Blogging: Squid Mural

Large squid mural in the Bushwick neighborhood of Brooklyn. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.
Brian Krebs

QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company...

Slack response. Passwords reset four years after data breach

Slack would have been wiser – in an abundance of caution – to reset all of its users’ passwords back in March 2015. After all, leaving it until four years later looks a little bit… slack.
Bruce Schneier

John Paul Stevens Was a Cryptographer

I didn't know that Supreme Court Justice John Paul Stevens "was also a cryptographer for the Navy during World War II." He was a proponent of individual privacy.