Week in review: Deloitte hack, insecure Mac firmware, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles:

XPCTRA financial malware leaves no stone unturned
A Trojan that has previously been only stealing users’ banking credentials has been modified to do much more than that.

Is this the year SIEM goes over the cliff?
Initially, SIEM solutions sought to solve the collection, monitoring, analyzing, and identification of threats in the cybersecurity environment. Bogged by time intensive needs and requiring large data infrastructure to house massive amounts of information, the downward spiral of SIEM may be stayed with new security analytic enhancements boosting network visibilities and efficiencies—at least for the time being.

Is your Mac software secure but firmware vulnerable?
Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought.

How Apple’s Face ID works, learns, and protects
Apple has unveiled a new version of its privacy page and a paper throwing more light on how Face ID, its newest biometric authentication option, works on iPhone X (“Ten”).

(IN)SECURE Magazine issue 55 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics.

Sophisticated threats? It’s usually the basic ones that get you
Losing sleep over zero-day cyber APTs launched by nation states? You shouldn’t be.

Cybercriminals increasingly focusing on credential theft
Criminal tactics used to access user credentials are growing in prevelance, and that a record 47 percent of all malware is new or zero day, and thus able to evade signature-based antivirus solutions, according to WatchGuard.

Laying the foundation for a proactive SOC
Most companies are trying to shift their Security Operations Center (SOC) from a reactive to a proactive posture. To do that, the analysts’ reaction to security events must become swift, and investigation of security alerts and incidents must become more efficient.

After hack, security researchers probe Deloitte’s security posture
Increased scrutiny after the public revelation of the breach shows that Deloitte is not listening to its own advice and doing the housekeeping it advises others to do. Here are some of theindustry’s reactions to the hack.

Cyber threat analysis in complex adaptive systems
The complex adaptive systems (CAS) is a constantly changing, self-revising, feedback-incorporating concept that is typical in modern urban warfare.

How to keep your cryptocoins safe?
Intrigued by the many possibilities of cryptocurrencies – not least by the prospect to “earn” serious money while doing nothing – you’ve decided to take the plunge and invest in some. But do you know how to keep your investments safe in the Wild West that is currently the cryptocurrency market?

ATM hackers switch to network-based attacks
As banks have ramped up efforts to protect the machines from physical attacks, criminals have begun switching infection vectors.

Inadequate IT processes continue to create major security and compliance risks
Common security best practices – such as timely removal of access to corporate data and applications, dormant account identification, and role administration – continue to be a challenge and concern for organizations worldwide.

Which security investments make a difference?
Among the most effective categories in reducing losses from cyber crime are security intelligence systems.

Showtime’s Web sites roped visitors’ CPU into mining cryptocurrency
Here’s the latest good reason for users to block JavaScript: if you don’t, your computer’s CPU power could be used to mine cryptocurrency without your knowledge or consent.

Android unlock patterns are a boon for shoulder surfing attackers
The “swiping” unlock patterns typical for Android devices are considerably easier for attackers to discern than PIN combinations.

Large DDoS attacks over 50 Gbps have quadrupled between 2015 and 2017
Even as DDoS attacks are increasingly impacting other areas of the stack such as the application layer, attacks at the network layer are still the most prevalent.

Standard cloud migration models are insufficient when moving mission critical workloads
Enterprises have found that standard cloud migration models are insufficient when moving mission critical workloads and require a specialized approach, according to a study conducted by Forrester Consulting.

New infosec products of the week​: September 29, 2017
A rundown of infosec products released last week.