Wednesday, December 11, 2019
Internet Storm Center Infocon Status


SC Magazine

Pensacola confirms ransomware attack

Pensacola officials confirmed that an ongoing cyberattack that began early Saturday morning is a ransomware attack. While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...

Trickbot Operators Now Selling Attack Tools to APT Actors

North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
Brian Krebs

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...

Intel Issues Fix for ‘Plundervolt’ SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.

How to stop spam calls right now

Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.

SAP Releases 5 Security Notes on December 2019 Patch Day

SAP issued five new Security Notes this week as part of its December 2019 Security Patch Day, to which it also added 2 updates for previously released Security Notes. All of the new Security Notes released this month are rated...

Plundervolt Attack Uses Voltage Changes to Steal Secrets From Intel Chips

A newly disclosed attack method targeting Intel processors employs voltage modifications to expose data protected using Intel's Software Guard Extensions (SGX). read more

What it takes to become a CISO

The chief information security officer (CISO) role has been steadily rising in importance and visibility. CISOs now carry the burden of responsibility for securing some of a company’s most valuable resources.

Plundervolt Attack Uses Voltage to Steal Data From Intel Chips

A newly disclosed attack targeting Intel processors utilizes CPU voltage modifications to expose data stored using Intel's Secure Guard Extensions (SGX).  read more

The Next Security Silicon Valley: Coming to a City Near You?

The high cost of doing business in California's San Francisco Bay Area is just one factor driving infosec companies - established and and startups, alike - to pursue their fortunes elsewhere. Here's where many are going.
The CyberWire Podcast

Hacking in Iran? The Lazarus Group hires Trickbot. Election influence ops. Cryptowars updata. Ransomware in municipal and tribal governments. Patch Tuesday notes. Do it for State.

Iran says it’s stopped a cyber attack, and that an insider was responsible for a major paycard exposure. Trickbot is now working for the Lazarus Group. Influence operations both foreign and domestic concern British voters on the eve of...
SC Magazine

Real-time phishing alerts and stolen password warnings added to Chrome

Google yesterday announced that its latest Chrome release adds real-time phishing alerts and password breach warning capabilities to the browser. The real-time anti-phishing capabilities represents an upgrade to Google’s Safe Browsing service, which compiles an ever-changing blacklist of dangerous websites...

Microsoft details the most clever phishing techniques it saw in 2019

This year's most clever phishing tricks include hijacking Google search results and abusing 404 error pages.

Apple Patches Over 50 Vulnerabilities in macOS Catalina

Security updates released by Apple this week address numerous vulnerabilities in macOS Catalina, iOS and iPadOS, Safari, and other software products. read more

Chrome 79 Patches Critical Vulnerabilities

Google this week released Chrome 79 to the stable channel with a total of 51 security fixes, including 37 reported by external researchers, two of which are considered critical severity. read more

5 Tips for Keeping Your Security Team on Target

In nearly every security environment, competing priorities are a constant battleground. Here's how to keep the focus on what's important.

How Commercial Bug Hunting Changed the Boutique Security Consultancy Landscape

It’s been almost a decade since the first commercial “for-profit” bug bounty companies launched leveraging crowdsourced intelligence to uncover security vulnerabilities and simultaneously creating uncertainty for boutique security companies around the globe. read more

Iran Says Repelled a ‘Highly Organized Cyber Attack’

An Iranian minster said Wednesday the Islamic republic had recently thwarted a "highly organiz ed cyber attack" targeting its e-government infrastructure. read more

Google Chrome Now Automatically Alerts Users on Compromised Passwords

A series of security enhancements seek to protect users from phishing and warn them when credentials have been compromised.

Younger Generations Drive Bulk of 2FA Adoption

Use of two-factor authentication has nearly doubled in the past two years , pointing to a new wave of acceptance.

Analysts find connection between North Korean military and crimeware organization TrickBot

Researchers with SentinelLabs say they have found one of "the first known links between cybercrime groups and nation-state actors."

Healthcare Provider Agrees to Cough Up $6M to Settle Data Breach Lawsuit

Healthcare Provider Agrees to Cough Up $6M to Settle Data Breach Lawsuit American healthcare provider Banner Health has agreed to pay the alleged victims of a 2016 data breach $6 million.  Banner Health operates 28 hospitals and specialized facilities across six states,...

Best antivirus software: 12 top tools

The AV-TEST Institute recently tested the most popular Windows 10 client antivirus products on three primary criteria: protection, performance, and usability. Five of the 16 products tested earned a perfect rating of 6 for each of those criteria:Bitdefender Endpoint...

FBI shares security advice for online shopping

FBI: Use credit cards rather than debit cards, don't use public WiFi, keep your devices updated, and more.

US Software Testing Giant Buys AI Firm

US Software Testing Giant Buys AI Firm Software testing and quality assurance company Qualitest has announced the acquisition of an Israeli firm specializing in the creation of automated machine learning tools.  AlgoTrace, which is based in Tel Aviv, uses artificial intelligence (AI)...


Brian Krebs

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...
Graham Cluley

Web-hosting firm 1&1 hit by almost €10 million GDPR fine over poor security at call centre

Web-hosting company 1&1 has been hit with one of the largest fines dished out so far under European GDPR legislation, Germany’s federal privacy watchdog has announced. Read more in my article on the Hot for Security blog.
Bruce Schneier

Extracting Data from Smartphones

Privacy International has published a detailed, technical examination of how data is extracted from smartphones.
Graham Cluley

49% of workers, when forced to update their password, reuse the same one with just a minor change

A new survey has revealed some alarming news about the way users are choosing their passwords in their homes and workplace.
Brian Krebs

Patch Tuesday, December 2019 Edition

Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control...