Saturday, November 17, 2018
Internet Storm Center Infocon Status


SC Magazine

Instagram flaw exposes user passwords

A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users. The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users...
The Register

SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more

Plus, why is Kaspersky Lab getting into chess? Roundup  What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…

Is retaining a cybersecurity attorney a good idea for your business?

Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.
Security Weekly

PCI Piñata – Paul’s Security Weekly #583

This week, we welcome Jon Buhagiar, Network+ Review Course Instructor at Sybex for an interview to talk about Network Operations! In the Technical Segment, we welcome back John Moran, Senior Product Manager at DFLabs to talk about IncMan SOAR...
Have I Been Pwned

Elasticsearch Sales Leads – 5,788,169 breached accounts

In October 2018, security researcher Bob Diachenko identified multiple exposed databases with hundreds of millions of records. One of those datasets was an Elasticsearch instance on AWS containing sales lead data and 5.8M unique email addresses. The data contained...
We Live Security

Week in security with Tony Anscombe

GDPR-themed WordPress plugin flaw exploited. Google’s data charts path to avoiding malware on Android. Plus security researchers bypass encryption on self-encrypting drives The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Security Affairs

Japanese government’s cybersecurity strategy chief has never used a computer

The Japanese government’s cybersecurity strategy chief Yoshitaka Sakurada is in the middle of a heated debate due to his admission about his cyber capability. Yoshitaka Sakurada admitting he has never used a computer in his professional life, despite the Japanese Government,...
The CyberWire Podcast

Doubling down on Cobalt Group activity — Research Saturday

The NETSCOUT Arbor ASERT team has been tracking Cobalt Group campaigns targeting financial institutions. Richard Hummel is manager of threat intelligence with ASERT, and he joins us to share his team's findings.  The research can be found here:
Have I Been Pwned

KnownCircle – 1,957,600 breached accounts

In approximately April 2016, the "marketing automation for agents and professional service providers" company KnownCircle had a large volume of data obtained by an external party. The data belonging to the now defunct service appeared in JSON format and...

Russian APT comes back to life with new US spear-phishing campaign

Cozy Bear (APT29) makes a comeback after last year's Dutch and Norwegian hacking campaigns.

Could have sworn I deleted that photo from my phone! [PODCAST]

This week: hacking phones at Pwn2Own, the brand new SophosLabs Threat report, and squeezing Shakespeare into one tweet. Enjoy!
SC Magazine

Children’s smartwatches once again found vulnerable

China-based company MiSafe is once again making headlines with its unsecured products after a pen tester found that its child tracking smartwatches were found to be highly insecure. MiSafe previously made controversy after firm’s Mi-Cam baby monitors were found to...
SC Magazine

Privilege escalation bug patched in Accelerated Mobile Pages WordPress plug-in

A WordPress plug-in used to build faster-loading web pages was discovered to contain a privilege escalation vulnerability that allows unauthorized attackers to inject malicious HTML code into the main page. In a company blog post yesterday, researchers at WebARX disclosed...
SC Magazine

Change of stRATegy? Cybercrime group TA505 tests new tRAT malware

A newly discovered remote access trojan nicknamed tRAT has apparently attracted the interest of TA505, a cybercriminal group known for launching prolific banking malware and ransomware attacks. In a company blog post yesterday, researchers at Proofpoint reported observing  several phishing...
Bruce Schneier

Friday Squid Blogging: Squid Sculptures

Pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.

Ep. 009 – Competitive hacking, threat report and crazy tweets!

In the Naked Security Podcast this week: hacking phones at Pwn2Own, the brand new SophosLabs Threat report, and squeezing Shakespeare into one tweet. With Anna Brading, Paul Ducklin and Mark Stockley. (Music:

DHS Task Force Moves Forward on Playbooks for Supply Chain Security

The public/private task force takes early steps toward securing the end-to-end supply chain.

New Bluetooth Hack Affects Millions of Vehicles

Attack could expose the personal information of drivers who sync their mobile phone to a vehicle entertainment system.
SC Magazine

GSA looks to issue new rules for gov’t contractor data breach reporting

The General Services Administration (GSA) has issued a proposal for new guidelines on data breaches disclosure that government contractors must follow and give the government access to their system in the event of a breach. The GSA proposal will amend...
SC Magazine

Blackberry in $1.4 billion deal to buy Cylance

Blackberry has entered into a $1.4 billion cash deal to acquire Cylance with the intention of using the cybersecurity firm’s technology to accelerate Blackberry’s Enterprise of Things (EoT) project. The agreement will see Blackberry combine Cylance’s artificial intelligence, algorithmic science,...

Firefox adds in-browser notification of breached sites

Mozilla has added a data breach notification to Firefox that warns the browser's users when their email address and credentials may have been obtained by hackers.Dubbed Firefox Monitor, the free breach notification service debuted in September after some testing...
The CyberWire Podcast

GPS jamming. Bank phishing. Exposed server. Censorship, East, West, and South. Is there a sealed indictment of Julian Assange?

In today’s podcast, we ask a question: when does a military exercise become hybrid warfare? Answer: when it affects civilian safety. Like with GPS jamming. Russian banks are sustaining a major, and well-crafted, phishing campaign. An unprotected server exposes...

BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance

BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.
PC Mag

Firefox to Display Warning if You Visit a Site That’s Been Breached

The warnings will appear on Firefox's desktop browser as pop-up notifications that tell you how many accounts were compromised in a breach within the last year.

Smartphones: A Double-edged Sword for Terrorists

Bombs and guns aside, a smartphone can be a powerful weapon in the hands of a terrorist -- but it can also provide intelligence services with the tools to track them down. Three years ago to the day, the Paris...


Bruce Schneier

Friday Squid Blogging: Squid Sculptures

Pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.
Bruce Schneier

Mailing Tech Support a Bomb

I understand his frustration, but this is extreme: When police asked Cryptopay what could have motivated Salonen to send the company a pipe bomb ­ or, rather, two pipe bombs, which is what investigators found when they picked apart the...
Bruce Schneier

Hidden Cameras in Streetlights

Both the US Drug Enforcement Administration (DEA) and Immigration and Customs Enforcement (ICE) are hiding surveillance cameras in streetlights. According to government procurement data, the DEA has paid a Houston, Texas company called Cowboy Streetlight Concealments LLC roughly $22,000 since...

Weekly Update 113

Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.Bit of a change of scenery this week; I've gone to the other end of the house whilst...

Under attack! Should your company ever ‘hack back’?

Are targeted companies missing a trick? Could they not use their tech skills to penetrate their attacker’s own computer systems, and launch a counter-attack which might knock out their adversaries’ infrastructure? Read more in my article on the Bitdefender...