Week in review: Windows 0day for sale, and lessons learned from 17 years as an infosec trainer

Here’s an overview of some of last week’s most interesting news, reviews and articles:

ICS-focused IRONGATE malware has some interesting tricks up its sleeve
FireEye researchers discovered a malware family that’s obviously meant to target ICS systems, but found no evidence that it was ever used in the wild.

What 17 years as an infosec trainer have taught me
July 2016 shall see Saumil Shah complete 17 years in the infosec training circuit. It has been an amazing journey, with humble beginnings.

Payment Application Data Security Standard 3.2 released
The PCI Security Standards Council (PCI SSC) published a new version of its data security standard for payment software, the Payment Application Data Security Standard (PA-DSS) version 3.2.

Review: Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own
If you are an infosec professional or a head of an IT department tasked with implementing ISO 27001 in a small or mid-sized company (i.e. up to 500 employees), this book is for you.

What is the actual value of a CISO?
With every hack, every data breach and every compromised employee, it becomes more abundantly clear how truly critical the CISO’s role is, no matter the industry.

GDPR: Essential glossary
GDPR is the acronym for General Data Protection Regulation, a European privacy legal framework directly applicable in all 28 EU countries and regulating personal data flows of individuals based in the European Union. Companies are expected to be fully compliant by May 25th 2018 and Help Net Security will be publishing updated guidance notes in the 24-month run up period.

How visibility can help detect and counter DDoS attacks
Can we stop DDoS attacks from happening? Unlikely. Can we mitigate the impact or head it off in the pass? Absolutely.

Malware devs scour GitHub for new ideas for bypassing Android security
Symantec researchers believe that the most recent variants of Bankosy (banking info stealer) and Cepsohord (click fraud) Android Trojans have been equipped with tricks based on performance features of two projects found on GitHub.

Lenovo tells users to uninstall vulnerable Accelerator app
Lenovo tells users to uninstall vulnerable Accelerator app
In the wake of Duo Security’s report on the critical vulnerabilities sported by Original Equipment Manufacturer (OEM) updaters loaded on popular laptop and desktop computers, Lenovo has advised users to uninstall its Accelerator Application.

Windows zero-day exploit offered for sale on underground market
Someone is selling an exploit for a Windows zero-day on an underground market for Russian-speaking cyber criminals, and the current price is set at $90,000.

Improving software security through a data-driven security model
The current software security models, policies, mechanisms, and means of assurance are a relic of the times when software began being developed, and have not evolved along with it, says Google researcher Úlfar Erlingsson.

KeePass update check MitM flaw can lead to malicious downloads
All versions of KeePass, including the latest, are vulnerable. The team developing the software is aware of the flaw (CVE-2016-5119), but they currently have no intention of fixing it.

Russian ransomware boss earns $90,000 per year
A recent report details one organized Russian ransomware campaign, and the guy at the top is pulling in an average monthly “salary” of $7,500 (that’s $90,000 per year).

FBI warns about email extortion attempts following data breaches
The contents of the emails, i.e. the threats, vary depending on what information was stolen and/or leaked following a specific breach.

Bug poachers target businesses, demand money for bug info
Businesses are being hit with an extortion attempt based on attackers penetrating their network or websites and stealing corporate or user data. The attackers don’t say explicitly that the data will be published online, but are trying to get the victims to pay up to get information about the hole they used to breach the network.

Five tips to avoid getting hit by ransomware
Ransomware has emerged as the predominant online security threat to home users and small businesses. But no one is immune.

Identity fears are holding back the sharing economy
Businesses operating in the sharing economy are being held back by consumer fears over trust in the identity of the other party in the transaction.

The future of Identity Management: Passwords and the cloud
Compromised credentials are still the cause of almost a quarter of all data breaches, according to the Cloud Security Alliance. With a surge in cybercrime, it’s no wonder that the global identity and access management (IAM) market is expected to reach USD 24.55 billion by 2022.

65 million Tumblr users’ email addresses, passwords sold on dark web
The account credentials stolen from Tumblr are also old – according to researcher Troy Hunt, they were stolen in the site’s February 2013 breach.

Global profiles of the typical fraudster
Technology is an important tool to help companies fight fraud, but many are not succeeding in using data analytics as a primary tool for fraud detection. Meanwhile, fraudsters are leveraging technology to perpetrate fraud.

Are you prepared for future information management requirements?
Iron Mountain conducted the study to identify the government’s information management priorities for the next 3-5 years, share agency respondents’ feedback on where gaps exist and deliver recommendations on how to improve on the necessary skillsets required to succeed.

Check Point finds dangerous vulnerabilities in LG mobile devices
Check Point found two vulnerabilities which can be used to elevate privileges on LG mobile devices to attack them remotely. These vulnerabilities are unique to LG devices, which account for over 20% of the Android OEM market in the US.

Hacker imprisoned for stealing Bitcoin, selling botnet on Darkode
A Louisiana man was sentenced to 12 months and one day in prison for using a computer to steal money, hacking computers to obtain passwords, and attempting to sell information on the online hacking forum known as Darkode.

Share this
You are reading
Abstract

Week in review: Windows 0day for sale, and lessons learned from 17 years as an infosec trainer