Week in review: Leaking LastPass extensions, 300+ hackable Cisco switches

Here’s an overview of some of last week’s most interesting news, podcasts and articles:

Malware posing as Siemens PLC software is hitting industrial environments
Variants of the same malware disguised as software for Siemens programmable logic controllers (PLCs) has been flagged 10 times over the last 4 years, and the latest occurrence was early this month.

Cyber insurance: What and why?
The primary aim of cyber insurance is to protect individuals and organisations against the financial fallout from the loss of electronically stored information.

300+ Cisco switches affected by critical bug found in Vault 7 data dump
While combing through WikiLeaks’ Vault 7 data dump, Cisco has unearthed a critical vulnerability affecting 300+ of its switches and one gateway that could be exploited to take over the devices.

LastPass extensions can be made to cough up passwords, deliver malware
LastPass Chrome and Firefox extensions contain flaws that could allow malicious websites to steal victims’ passwords or execute commands on their computer.

DoubleAgent attack uses built-in Windows tool to hijack applications
Security researchers from computer and network security outfit Cybellum have revealed a new zero-day code injection and persistence technique that can be used by attackers to take over applications and entire Windows machines.

Deception security doesn’t have to be onerous or expensive
When talking about deception security, most infosec pros’ mind turns to honeypots and decoy systems – additional solutions that companies have to buy, deploy, and manage. But there are other ways to use deception to thwart attackers, and they do not require additional tools, pricy subscriptions, or the hiring of additional employees.

Java and Flash top list of most outdated programs on users’ PCs
52% of the most popular PC applications, including Flash and Java, are out-of-date. People are exposing their PC and their personal data to risks, as malware targets older versions of software to exploit vulnerabilities.

Burglars can easily make Google Nest security cameras stop recording
Google Nest’s Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that’s in their Bluetooth range, a security researcher has found.

US to ban electronic devices from airplane cabins on some US-bound flights
Air travellers to the US from several Middle Eastern and African countries will be forced to stow all electronic devices in the airplane’s cargo hold.

Even a cybersecurity firm can fall for a W-2 phishing scam
As a testament of how easy it is for unprepared employees to fall for this trick comes the news that even a cybersecurity firm can be victimized: Defense Point Security sent out an email to affected employees (current and former) on Thursday, notifying them that their name, Social Security Number, address, compensation, tax withholding amounts were unfortunately sent to scammers.

Hijacking Windows user sessions with built-in command line tools
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in Windows user without knowing that user’s password?

Software development teams embrace DevSecOps automation
Mature development organizations ensure automated security is woven into their DevOps practice, early, everywhere, and at scale, according to Sonatype.

3 sour notes interrupting security operations harmony
The SIEM does an excellent job gathering all the different types of security data and identifying correlations according the pre-set rules, but relying on the SIEM alone to orchestrate security operations leaves the security operations center flooded with alerts and no efficient way to address them.

Cybersecurity today: Turning positive with new thinking and innovation
In this podcast recorded at RSA Conference 2017, Melanie Ensign, Co-Chair for WISP and Head of Security & Privacy Communications at Uber, and Ajay Arora, CEO and founder of Vera Security, talk about how information security is changing on several levels and how modern security teams are now looking at their responsibility in their companies as enabling new business opportunities.

Healthcare IT pros believe data is safer in the cloud
The survey also revealed a preference for private over public clouds with about 60 percent preferring private cloud infrastructure over public clouds for data security.

Google to sanction Symantec for misissuing security certificates
In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates, and push for their replacement with new, fully revalidated certificates that will be compliant to the current baseline requirements.

How the Necurs botnet influences the stock market
After a three-months-long partial hiatus, the Necurs botnet is back to flinging spam emails left and right.

New infosec products of the week​: March 24, 2017
A rundown of infosec products released last week.




Share this