Saturday, October 20, 2018
Internet Storm Center Infocon Status

LATEST

Weekly Update 109

Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesLast one before home time! But it has been an epic trip and as I say in the...

NCSC Releases 2018 Annual Review

Original release date: October 19, 2018The United Kingdom's (UK) National Cyber Security Centre (NCSC) has released its Annual Review for 2018, which provides a snapshot of their work from September 1, 2017, to August 31, 2018. NCSC provides enhanced...
Errata Security

Election interference from Uber and Lyft

Almost nothing can escape the taint of election interference. A good example is the announcements by Uber and Lyft that they'll provide free rides to the polls on election day. This well-meaning gesture nonetheless calls into question how this...
PC Mag

US Charges Russian For Social Media Midterm Election Meddling

On Friday, the Department of Justice unsealed a criminal complaint that claims a 44-year-old woman has been overseeing a secret effort to help Russia exploit US social media to influence the midterm elections.

Facebook Portal isn’t designed to be as private as you might hope

Facebook has confirmed that its new Portal AI-powered video camera will collect data from you that could be used to target ads.

libssh Releases Security Updates

Original release date: October 19, 2018libssh has released security updates addressing a vulnerability affecting libssh versions 0.6 and above. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC encourages users and administrators to review...
SC Magazine

Securing Middle America: small towns more at risk of ransomware, phishing and more

Cybersecurity firms may be leaving money on the table chasing big fish in the form of large enterprise deals, while smaller local government entities go unprotected. While cyberattacks target entities of all sizes in both the public and private sector,...

Microsoft Releases Security Update for Yammer

Original release date: October 19, 2018Microsoft has released a security update to address a vulnerability in the Yammer desktop application. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC encourages users and administrators to...
Bruce Schneier

Friday Squid Blogging: Roasted Squid with Tomatillo Salsa

Recipe and commentary. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.
SC Magazine

It’s Ok, I’m verified; libssh flaw allows attacker bypass server authentication

A vulnerability in the libssh platform could allow an attacker to bypass authentication and gain full control over vulnerable servers. The vulnerability basically allows the attacker to simply tell the targeted system that the authentication is complete rather than the...
SC Magazine

VestaCP supply-chain attack installs DDoS malware

Hosting control panel solution VestaCP was compromised in a supply chain attack that installed malware used to carry out DDoS attacks. Earlier this week ESET researchers learned the official VestaCP distribution was compromised to install a malware dubbed Linux/ChachaDDoS onto...
The Register

Spotted: Miscreants use pilfered NSA hacking tools to pwn boxes in nuke, aerospace worlds

High-value servers targeted by cyber-weapons dumped online by Shadow Brokers Miscreants are using a trio of NSA hacking tools, leaked last year by the Shadow Brokers, to infect and spy on computer systems used in aerospace, nuclear energy, and...
SC Magazine

Justice unseals criminal complaint against Russian lawyer for 2018 midterms interference

The midterm elections have yielded their first criminal case – the Justice Department on Friday charged Russian accountant Elena Khusyaynora with conspiracy to defraud the U.S. for her role in a plan to spend more than $10 million on...
SC Magazine

West Haven, Indiana National Guard, Muscatine hit with ransomware attacks

Ransomware attacks have struck government entities across the nation this week with West Haven, Conn., the Indiana National Guard and Muscatine, Iowa being targeted. West Haven almost immediately succumbed to the cybercriminals threat and paying what city officials called a...
SC Magazine

Survey: Federal agencies slow to migrate to cloud, despite promise of security

Although a cloud-based architecture would offer cybersecurity benefits to federal agencies whose systems are in need of digital defense, many government entities are not yet ready to make the migration, based on the results of a new survey. Conducted by...
ZDNet

Audio recording is now disabled by default in OpenBSD

OpenBSD 6.4 also ships with Meltdown, Spectre v2, SpectreRSB, L1FT, and Lazy FPU mitigations.

Google Patch to Block Spectre Slowdown in Windows 10

Microsoft will incorporate Google's Retpoline patch to prevent Spectre Variant 2 from slowing down its operating system.

EU Takes Step Toward Cyberattack Sanctions

European leaders complete first step toward establishing a sanctions regime.
PC Mag

Tim Cook Demands Bloomberg Retract Chinese Spy Chip Story

Apple's CEO made the statement as the security community continues to cast doubt on a Bloomberg Businessweek piece that claims China secretly planted spy chips in US servers.
The CyberWire Podcast

Chinese supply-chain hack story gets vanishingly thin. Twitter downs pro-Saudi bots. SEO poisoning. OceanLotus evolves. Ransomware notes.

In today's podcast, we hear that no one but Bloomberg seems to retain much faith in Bloomberg's story about Chinese supply-chain seeding attacks. Twitter blocks bots retailing coordinated Saudi talking points about the disappearance of journalist Jamal Khashoggi. Latvia says it...

WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors

A report by the Wall Street Journal points finger at group that is know to Facebook Security.
SecurityWeek

NSA-Linked ‘DarkPulsar’ Exploit Tool Detailed

Kaspersky Lab security researchers have analyzed another exploit tool that was supposedly stolen from the National Security Agency-linked Equation Group. read more

Cybersecurity Trends – With Trend Micro

Last week, Trend Micro came to Boston for its annual Trend Insights industry analyst event.  The company provided an overview of its business, products, and strategy.  Here are a few of my take-aways:Trend is prepared for the next chapter...
SecurityWeek

0-Day in jQuery Plugin Impacts Thousands of Applications

Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild, a security researcher has discovered. read more
SC Magazine

Philippines orders Facebook to offer ID protections following breach

Among the 30 million accounts affected in the September 2018 Facebook data breach incident were 755,973 users in the Philippines, and now the Southeast Asian nation is demanding action from the social media company, according to a report from area news outlet...
542FollowersFollow

LEADERS

Weekly Update 109

Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesLast one before home time! But it has been an epic trip and as I say in the...

Facebook Portal isn’t designed to be as private as you might hope

Facebook has confirmed that its new Portal AI-powered video camera will collect data from you that could be used to target ads.
Bruce Schneier

Friday Squid Blogging: Roasted Squid with Tomatillo Salsa

Recipe and commentary. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.

Celebrating 100 episodes of the Smashing Security podcast

To celebrate 100 episodes of the “Smashing Security” podcast I co-host with Carole Theriault each week, we asked listeners to let us know some of their favourite moments from the show.

Manager who worked on Equifax’s breach website sentenced for insider trading

Sudhakar Reddy Bonthu wasn’t told he was working on Equifax’s breach notification website, but when he worked it out he used the information for his financial advantage. Read more in my article on the Hot for Security blog.