Friday, November 15, 2019
Internet Storm Center Infocon Status



LINE Launches Public Bug Bounty Program on HackerOne

Japan-based communications company LINE Corporation today announced the launch of a public bug bounty program on hacker-powered pentest and bug bounty platform HackerOne. Launched in 2011, LINE has grown to become one of the largest social platforms in the world,...
The Register

Try as they might, ransomware crooks can’t hide their tells when playing hands

Sophos sees common behavior across various infections Common behaviors shared across all families of ransomware are helping security vendors better spot and isolate attacks.…

Google Chrome experiment crashes browser tabs, impacts companies worldwide

In what looks to be the Chrome team's biggest misstep, companies report massive outages caused by unannounced Chrome experiment.
SC Magazine

Threat actor impersonates German, Italian and American gov’t agencies to spread malware

Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Business and...

ISC StormCast for Friday, November 15th 2019

LokiBot Update (November 2019) Packet-Fu with Zeek Leaks

GitHub launches ‘Security Lab’ to help secure open source ecosystem

Fourteen companies unite get together to search, find, and fix security flaws in GitHub-hosted open source projects.

Symantec, McAfee Patch Privilege Escalation Bugs

All versions of endpoint protection software from both vendors were susceptible to near identical issue, SafeBreach says.
PC Mag

iOS App Tries to Warn You of iPhone Hacking Attempts

iVerify will periodically scan your iPhone to sniff out certain 'side effects' that exploited iOS vulnerabilities tend to generate.

I’m Setting Up My Company’s First Bug-Bounty Program. What Should I Be Thinking About?

Here are some important points to factor into your vulnerability disclosure policy.

I’m Setting Up a Bug-Bounty Program. What Should I be Thinking About?

Here are some important points to factor into your vulnerability disclosure policy.

How to use per-host SSH configuration

Learn how to make your SSH use more efficient and convenient with per-host configurations.
SC Magazine

AnteFrigus ransomware leaves C alone, goes after other drives

Security researchers have come across and analyzed an oddly behaving ransomware variant that bypasses the victim’s C drive instead targeting the device’s other drives. An analyst who tweets under Mol69 and Bleeping Computer took a look at the odd behavior presented by AnteFrigus ransomware....

Web payment card skimmers add anti-forensics capabilities

Researchers have detected compromises on ecommerce sites with a new JavaScript-based payment card skimmer that uses anti-forensics techniques, including the ability to remove itself from the web page’s code after execution. Dubbed Pipka, the malicious script was found by...
The Register

What a pair of Massholes! New England duo cuffed over SIM-swapping cryptocoin charges

Account takeovers allegedly used to plunder digital wallets Two men from Massachusetts have been arrested and charged with 11 criminal counts stemming from a string of account takeovers and cryptocurrency thefts.…

How to manage site settings in Vivaldi for Android

Find out how to enable or disable permissions on a site-by-site basis in the Vivaldi browser.

Corellium: Apple Sued Us After Failed Acquisition Attempt

Florida-based virtualization company Corellium claims that the copyright infringement lawsuit filed by Apple comes in response to a failed acquisition attempt. read more

Balancing patient security with healthcare innovation | TECH(talk)

Healthcare organizations are one of the most targeted verticals when it comes to cyberattacks. While those organizations must work to secure patients' sensitive data, it can also be helpful to analyze that data to improve patient outcomes. Jason James,...

BSIMM10 Shows Industry Vertical Maturity

The Building Security In Maturity Model is the only detailed measuring stick for software security initiatives, and it continues to evolve.
SC Magazine

Open database exposes 93M files on patients of substance abuse facilities

A misconfigured AWS s3 storage bucket reportedly exposed roughly 93 million billing files that contain information on patients of three drug and alcohol addiction facilities operated by San Juan Capistrano, California-based Sunshine Behavioral Health, LLC. Patients at SBH’s Monarch Shores...

Do You Need To Marie Kondo Your Security Infrastructure?

Implementing cybersecurity can be a lot like the cluttered homes Marie Kondo has turned from messy to ones that inspire joy. Whether you’re a Marie Kondo fan or not, she makes you realize that at some point the ‘stuff’...
The CyberWire Podcast

PureLocker ransomware. APT33 update. Hong Kong and information war, in the courts and on PornHub. Facebook content takedowns. Alleged criminals prepare to face the court.

PureLocker is a new ransomware strain available in the black market. APT33 is showing a surge of activity. Lawfare and information operations in and around Hong Kong. Facebook takes down content for violating its Community Standards. And two alleged...

The Pursuit Of API-ness

Ray Pompon, Principal Threat Research Evangelist at F5 Networks, examines the ongoing challenge of API visibility and security The word is out. Organisations across the world are finally waking up to the potential of application program interfaces (APIs) transforming business...

Officials warn about the dangers of using public USB charging stations

Travelers should use only AC charging ports, use USB no-data cables, or "USB condom" devices.

Capture the Flag Planned to Find Missing Persons Information

The competition, launched by SANS and Trace Labs, will put to use open source information in search of new clues.
SC Magazine

Arkansas AG reiterates need to report medical data breaches

Arkansas Attorney General (AG) Leslie Rutledge has advised the state’s medical practitioners of their responsibilities regarding when to report a data breach under the federal state’s Personal Information Protection Act (PIPA). Meanwhile, in neighboring Tennessee the state-run medical service TennCare...


Bruce Schneier

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking on "Securing a World of Physically Capable Computers" at the Indian Institute of Science in Bangalore, India on December 12, 2019.The list is maintained...
Graham Cluley

Only after running out of hard disk space did firm realise hacker had stolen one million users’ details

Yet another company has been found woefully lacking when it comes to securing consumers’ data. Read more in my article on the Tripwire State of Security blog.
Bruce Schneier

Technology and Policymakers

Technologists and policymakers largely inhabit two separate worlds. It's an old problem, one that the British scientist CP Snow identified in a 1959 essay entitled The Two Cultures. He called them sciences and humanities, and pointed to the split...
Graham Cluley

About the “easy to hack” EU Exit: ID Document Check app

The British Home Office’s app for EU citizens applying to live and work in the UK post-Brexit “could allow hackers to steal phone numbers, addresses and passport details.” But is this something worth losing any sleep over?
Graham Cluley

Smashing Security #154: A buttock of biometrics

The UK’s Labour Party kicks off its election campaign with claims that it has suffered a sophisticated cyber-attack, Apple’s credit card is accused of being sexist, and what is Google up to with Project Nightingale? All this and much more...