Clickfraud and third-parties (both SDKs and stores). Trojanized TOR browser steals from Russian users. WiFi bugs. Sketchy jailbreak. Big Tech on free speech. Cooperation against terrorism.
Clickfraud arrives via a third-party SDK, and the app developers who used it say they didn’t know nuthin’. Maybe they didn’t. A Trojanized TOR browser warns its bro’s that, whoa, you’re out of date and the police might see...
Podcast: Insider Attacks May Soon Cost Less Than Malware-based Equivalent
At what point will infiltrating companies via the "insider threat model" become less costly and difficult than using malware? Threatpost discusses with a SolarWind expert.
Container Flow – ESW #157
This week, In our first segment, we talk Enterprise News, discussing how Okta is launching offerings for threat detection and remediation, Tenable extends Lumin to all platform customers, Signal Sciences announces integration with Pivotal Container Service, and how Thoma...
Weekly Update 161
NDC Sydney; Removing the Padlock Icon from Chrome; Hack to the Future; Project Svalbard is Still in Progress; Sponsored by Varonis
https://www.troyhunt.com/weekly-update-161/
ISC StormCast for Friday, October 18th 2019
Phishing E-Mail Spoofing SPF Protected Domain https://isc.sans.edu/forums/diary/Phishing+email+spoofing+SPFenabled+domain/25426/Purchased Domain Arrives with
Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.
Cozy Bear isn’t back--Cozy Bear never really left at all. Iran says the Americans are dreaming: there was no cyberattack in retaliation for Iran’s implausibly deniable missile strikes on Saudi oil fields last month. Malicious audio files are dropping...
S2 Ep13.5 All about social media: Growing up online, parent advice and social shaming
In light of National Cybersecurity Awareness Month, we're giving you a special splinter episode all about social media.
Harry McMullin shares insights into what it was like growing up with social media from as early as ten, Mark Stockley...
Code Rush, DevOps and Google: Software in the Fast Line
Shortly after watching the documentary, Code Rush, I met with Tara Hernandez, the hockey stick carrying lead of the Netscape project that was being documented. We sat down at the Jenkins World Conference in San Francisco to talk about...
2019-037-Lee Holmes, Powershell logging, and why there’s an ‘execution bypass’
Derbycon9 talk - PowerShell Security Looking Back from the Inside - https://www.youtube.com/watch?v=DYWPtt7qszY&list=PLNhlcxQZJSm_ZDJBksg97I5q1XsdQcyN5&index=27&t=0s Encarta - https://en.wikipedia.org/wiki/Encarta Scott Hanselman’s twitter thread about Encarta: https://twitter.com/shanselman/status/1158780839464849409 Congrats on the black badge :) I like that you bring up...
ISC StormCast for Thursday, October 17th 2019
Oracle CPU https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlJackson-Databind Vulnerablity https://github.com/FasterXML/jackson-databind/issues/2387VMWare Cloud Foundation and VMware Harbor
150: Liverpool WAGs, Facebook politics, and a selfie stalker
Footballers' wives go to war over Instagram leaks, it turns out fake news is fine on Facebook (just so long as it's in a political ad), and things take a horrific turn in Japan, as a stalker uses a...
Cyber retaliation for a kinetic attack, again. Industrial espionage from China. Botnet does sextortion. Typosquatting the other candidate. A poor approach to reputation management.
The US may have retaliated in cyberspace for Iran’s strikes against Saudi oil fields. China’s new C919 airliner seems to have benefited greatly from industrial espionage. An old botnet learns new tricks. Typosquatting as an election influence trick. A...
The Nirvana Case – BSW #147
This week, it's our quarterly security money segment! In the first segment, we'll review the Security Weekly 25 index! In our second segment, we'll share the results of our Security Weekly 25 Index Survey, which we completed earlier this...
The Unicorn Project w/ Gene Kim
Edwards Deming went to post-war Japan in the late 1940s to help with the census. While there, he built relationships with some of the main manufacturers in the region, helping them understand the value of building quality into a...
Podcast: Departing Employees Could Mean Departing Data
Threatpost talks to Digital Guardian's Tim Bandos about the top insider threats that enterprises are facing today.
SN 736: CheckM8
This week's storiesA sobering reminder about supply chain attacksFacebook's stance on end-to-end encryption raises official protestsUNIX's Co-Creator Ken Thompson's BSD UNIX Password Has Finally Been CrackedJapanese stalker finds idol using reflections in her eyesAmericans and Digital KnowledgeOpenPGP being built...
ISC StormCast for Wednesday, October 16th 2019
Adobe Updates https://helpx.adobe.com/security.htmlSymantec BSOD https://support.symantec.com/us/en/article.TECH256643.htmlOSX/Shlayer Bypasses Gatekeeper/XProtect https://blog.confiant.com/osx-shlayer-new-shurprise-unveiling-osx-tarmac-f965a32de887Fake iOS Jailbreak
Ransomware hits US, French companies. ISPs as combat support arms. Lawful intercept gone rogue? Lazarus Group is back and in GitHub. China’s security laws and security risks.
Ransomware hits companies in France and the US. A Finnish energy company sustains a suspicious IT incident. Turkey jams social media as it rolls tanks against the Kurds. Pegasus spyware said to be in use against Moroccan activists. Silent...
DtSR Episode 366 – D I Why and How
Welcome Down the Security Rabbithole, to the DtSR Podcast. This week, Zac Rosenbauer joins us to talk about what it's like to be "the IT guy" who also has to be vigilant of security in a fast-paced startup...based on...
S2 Ep 13 – Weird Android zero day and other tech fails
This week producer Alice Duckett steps in to host the show with Sophos experts Mark Stockley and Greg Iddon.
They discuss Twitter's two-factor authentication faux pas, the risks of copy and pasting code from Stack Overflow and an Android zero-day...
Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope’s Click to Pray eRosary app
Vatican coders exorcise API gremlins but, we must confess, they missed little monster.... Exclusive The technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information.…
Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets
Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions.
The developers behind the malicious browser have so far stolen at least $40,000 in...
UC Browser potentially endangers 500 million users
The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk.
UC Browser, which
is available from the Google Play store, was found by Zscaler ThreatLabZ...
US stopped using floppy disks to manage nuclear weapons arsenal
US Air Force switches to secure solid-state-based solution to replace antiquated floppy disks in SACCS nuclear weapons management system.
Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef
It's likely the diamondback squid. There's a video.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Read my blog posting guidelines here.
