Tuesday, May 21, 2019
Internet Storm Center Infocon Status

LATEST

Tripwire

HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider

A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...

Washington Issues Temporary License to Huawei

Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August. Despite reports emerging over the weekend of various chipmakers...
isBuzz

GDPR: The Best Strategy For International Businesses

The EU’s General Data Protection Regulation (GDPR) was created with the aim of homogenising data privacy laws across the EU. GDPR also applies to organisations outside the EU, if they monitor EU data subjects, or offer goods and services...
IBM Security

How Cyber-Secure Are Business Travelers? New Report Says Not Very

I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of...

Haas F1 team leans on service providers as security force multipliers

If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...

How to implement and use the MITRE ATT&CK framework

Mitigating security vulnerabilities is difficult. Attackers need to exploit just one vulnerability to breach your network, but defenders have to secure everything. That’s why security programs have been shifting resources toward detection and response: detecting when the bad guys...

WordPress plugin sees second serious security bug in six weeks

Researchers have uncovered another serious bug in WP Live Chat that could lead to the mass compromise of websites.
SecurityWeek

From APES to Bespoke Security Automated as a Service

Many of the most innovative security start-ups I come across share a common heritage - their core product evolved from a need to automate the delivery of an advanced service that had begun as a boutique or specialized consulting...

Aussie Government IT Worker Arrested for Cryptomining

Aussie Government IT Worker Arrested for CryptominingAn Australian government IT contractor has been arrested on suspicion of making thousands from an illegal cryptocurrency mining operation at work. The 33-year-old New South Wales man appeared in court today after allegedly earning...
SecurityWeek

Industrial Robotics – Are You Increasing Your Cybersecurity Risk?

There’s nothing fundamentally novel about the use of robots in industrial environments. For nearly half a century, they’ve been changing the way that we manufacture products and deal with risk in hazardous environments. From automotive assembly lines to mines,...

Fifth of Docker Containers Have No Root Passwords

Fifth of Docker Containers Have No Root PasswordsA fifth of the world’s most popular Docker containers contain a security issue which could make them vulnerable to attack in some circumstances, a researcher has discovered. Kenna Security principal security engineer, Jerry...
Security Weekly

Third Degree Sunburns – Application Security Weekly #62

This week, we welcome Cody Wood, AppSec Product Support Engineer at Signal Sciences! In the AppSec News, Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches...

KnowBe4 Announces Acquisition of CLTRe

KnowBe4 Announces Acquisition of CLTReKnowBe4 has announced the acquisition of CLTRe, adding the capability to measure security culture into its portfolio. Led by Kai Roer, CLTRe is a Norwegian company focused on helping organizations assess, build, maintain and measure a...
SecurityWeek

LeakedSource Operator Pleads Guilty in Canada

Canadian authorities announced last week that Defiant Tech Inc., the company that ran LeakedSource, pleaded guilty to trafficking identity information and possession of property obtained through crime. read more

Think Data Security, Not Endpoint Security

A strong data protection strategy is essential to protect information as it moves across endpoints and in the cloud.
ZDNet

Some Elasticsearch security features are now free for everyone

Company makes TLS support and fine-grained user/role management free for everyone.
Security Affairs

US Commerce Department delays Huawei ban for 90 Days

US Commerce Department will delay 90 days before to apply the announced Huawei ban to avoid huge disruption of the operations. During the weekend, the Reuters agency revealed in exclusive that Alphabet Inc’s Google has suspended some business with Huawei...
ZDNet

Root account misconfigurations found in 20% of top 1,000 Docker containers

Issue similar to Alpine Linux's CVE-2019-5021 impacts 201 other Docker images.
DtSR Podcast

DtSR Episode 347 – Inside the RH-ISAC

This week, Tommy McDowell who is the Vice President at the Retail and Hospitality Information Sharing and Analysis Center, joins Rafal in person, in Dallas. Highlights from this week's show include... Tommy gives us a background on himself, and the RH-ISAC...
SANS ISC

ISC StormCast for Tuesday, May 21st 2019

MSFT RDP Vulnerability (#BlueKeep) Update https://twitter.com/search?q=%23bluekeepSharepoint Exploited https://isc.sans.edu/forums/diary/CVE20190604+Attack/24952/Risks of JWT
SecurityWeek

US Delays Huawei Ban for 90 Days

US officials Monday delayed a ban on American technology exports to Chinese tech giant Huawei until mid-August, saying the time was needed to allow for software updates and other contractual obligations. read more
ZDNet

Google research: Most hacker-for-hire services are frauds

Survey of 27 hacker-for-hire services found that only five launched attacks against victims.

IT services giant HCL left employee passwords, other sensitive data exposed online

IT services giant HCL left employee passwords exposed online, as well as customer project details, and other sensitive information, all without any form of authentication, research by security consultancy UpGuard reveals.An HCL human resources portal published new employee names,...

TeamViewer Admits Breach from 2016

The company says it stopped the attack launched by a Chinese hacking group.
SC Magazine

Linux variant of Winnti malware spotted in wild

Google’s Chronicle Security team discovered a Linux version of the Winnti malware was used in the 2015 hack of a Vietnamese gaming company. The malware has proved to be a popular tool used by Beijing hackers over the last...
563FollowersFollow

LEADERS

Bruce Schneier

The Concept of "Return on Data"

This law review article by Noam Kolt, titled "Return on Data," proposes an interesting new way of thinking of privacy law. Abstract: Consumers routinely supply personal data to technology companies in exchange for services. Yet, the relationship between the utility...

Don’t have your account hijacked. Secure your online accounts with more than a password, says Google

Research published at the end of last week argues that the typical user can significantly harden the security of their online accounts by linking a recovery phone number that can send an alert if there is suspicious activity on...

Firms, stop sending out automated emails that look suspicious as hell!

Guest contributor Bob Covello isn’t happy about automated emails being sent out by a legal firm.

Weekly Update 139

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackPer the beginning of the video, it's out late, I'm jet lagged, all my clothes are dirty and I've had to raid...
Brian Krebs

Account Hijacking Forum OGusers Hacked

Oguserscom — a forum popular among people involved in hijacking online accounts and conducting SIM swapping attacks to seize control over victims’ phone numbers — has itself been hacked, exposing the email addresses, hashed passwords, IP addresses and private...