Week in review: macOS security, Segway vulns, and the SOC of the future

HITBSecConf2019 - The 10the annual HITB Security Conference in The Netherlands - Trainings, Conference track and Haxpo exhibition. Register now.

Here’s an overview of some of last week’s most interesting news and articles:

The future of macOS security: Baked-in protection and third-party tools
Anyone in the information security industry who’s interested in Mac security probably knows who Patrick Wardle is. Apart from being Chief Security Researcher at Synack, he’s also the creator of a number of security tools for macOS, which he makes available for free on his Objective-See project site.

Attackers are taking over NAS devices via SambaCry flaw
A Samba remote code execution flaw patched in May is being exploited to compromise IoT devices running on different architectures (MIPS, ARM, PowerPC, etc.)

Creating the security operations center of the future with Siemplify
Security operations teams are engaged in a constant struggle to keep up with the volume of security alerts, maintain the right skills, and manage incident response processes.

Decrypting DEF CON badge challenges
While most Black Hat and DEF CON attendees spend their week watching briefings and visiting vendor booths, some choose to instead team up and tackle the different puzzle challenges that go on behind the scenes. Here’s an introduction into the secret world of cryptography, device modding and hidden clues that happens at the world’s largest hacker gathering.

Apple patches critical Broadpwn vulnerability in its various OSes
Apple has shipped a patch for a critical flaw in some Broadcom Wi-Fi chipsets, which could be exploited by attackers to execute arbitrary code on the Wi-Fi chip included in vulnerable macOS, iOS, watchOS and tvOS devices.

Hacker grabs $30 million in ether through Parity multisig wallet flaw
The zero-day vulnerability that allowed the theft is actually present in Parity Wallet’s variant of the standard multi-sig (multi-signature) contract.

Critical security vulnerabilities enable full control of the Segway miniPRO electric scooter
New IOActive research exposes critical security vulnerabilities found in the Segway miniPRO electric scooter.

Surprisingly stealthy botnet has been targeting users for years
ESET researchers have unearthed a botnet of some 500,000 infected machines engaged mostly in ad-related fraud by using malicious Chrome extensions, but also Facebook fraud and brute-forcing Joomla and WordPress websites.

Launch your own cybersecurity sprint: 30 days to improved security
What if you had to start your own cybersecurity sprint – rapidly implementing proactive security measures gleaned from the hard luck of others? Where would you start as an organization?

Destruction of Service attacks could shut down organizations for good
The Cisco 2017 Midyear Cybersecurity Report (MCR) uncovers the rapid evolution of threats and the increasing magnitude of attacks, and forecasts potential Destruction of Service attacks, which could eliminate organizations’ backups and safety nets.

Dark web Hansa Market shut down after being run for a month by law enforcement
After Alpha Bay’s shutdown, many users flocked to Hansa Market, which was touted as the most secure on the dark web.

Android backdoor GhostCtrl can do many unusual things
There is no shortage of Android malware, but it’s not often that one encounters an Android threat that can do as much as the GhostCtrl backdoor.

Bluetooth now supports mesh networking, ideally suited for building automation
The new mesh capability enables many-to-many (m:m) device communications and is optimized for creating large-scale device networks. It is ideally suited for building automation, sensor networks and other IoT solutions where tens, hundreds, or thousands of devices need to reliably and securely communicate with one another.

AI technologies will be in almost every new software product by 2020
Market hype and growing interest in artificial intelligence (AI) are pushing established software vendors to introduce AI into their product strategy, creating considerable confusion in the process.

US Border Patrol isn’t allowed to search travelers’ data stored in the cloud
When searching travelers’ mobile phones at the border, US Customs and Border Protection (CBP) officers do not have the authority to rifle through data stored solely on remote servers (“in the cloud”).

Qualys at Black Hat USA 2017: Best practices and case study presentations
There will be no lack of interesting content from Qualys at Black Hat next week. Depending on you interests, you might want to make time for some of these talks and presentations at booth #899.

IBM reboots iconic mainframe: Encrypt data all the time, at any scale
IBM unveiled IBM Z, the next generation of a transaction system capable of running more than 12 billion encrypted transactions per day. The new system also introduces an encryption engine that, for the first time, makes it possible to pervasively encrypt data associated with any application, cloud service or database all the time.

eBook: Full Stack Web Performance
Full Stack Web Performance is written for anyone grappling with the challenges of performance in a DevOps environment. Whether you’re a web developer, a DevOps engineer, an engineering manager or an architect, you’ll glean something useful from this practical how-to by Tom Barker.

New infosec products of the week​: July 21, 2017
A rundown of infosec products released last week.