Week in review: PKI and IoT, Facebook’s trust crisis, understanding email fraud

Here’s an overview of some of last week’s most interesting news and articles:

Top cybersecurity evasion and exfiltration techniques used by attackers
SS8 released its 2018 Threat Rewind Report, which reveals the top cybersecurity evasion and exfiltration techniques used by attackers and malicious insiders.

Malware leverages web injects to empty users’ cryptocurrency accounts
Criminals trying to get their hands on victims’ cryptocurrency stashes are trying out various approaches. The latest one includes equipping malware with Man-in-the-Browser capabilities so they can hijack online accounts and perform fraudulent transactions on the fly.

Excessive alerts, outdated metrics, lead to over-taxed security operations centers
A new study, conducted by 360Velocity and Dr. Chenxi Wang, found that excessive alerts, outdated metrics, and limited integration lead to over-taxed security operations centers (SOCs). The study was conducted over the span of three months, interviewing security practitioners from enterprise companies in a cross-section of industries: Software-as-a-Service (SaaS), retail, financial services, healthcare, consumer services, and high tech.

Why PKI will secure the Internet of Things for years to come
Dispelling some common myths about PKI as they relate to the IoT.

Atlanta government systems hit by rasomware
The city of Atlanta has suffered a ransomware attack on Thursday, which resulted in outages of some of its customer facing applications, including some that customers may use to pay bills or access court-related information.

Netflix, Dropbox promise not to sue security researchers, with caveats
Netflix and Dropbox have both noted recently that they won’t sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the researchers must conduct the research in line with their vulnerability disclosure policy and bug bounty program guidelines.

RSA Conference 2018 USA: What you can expect at this year’s event
With RSA Conference 2018 USA less than a month away, we asked Britta Glade, Director, Content and Curation for RSA Conference, to tell us more about this year’s event.

AMD confirms processor flaws found by CTS Labs, firmware fixes are coming
Chipmaker AMD has confirmed that the vulnerabilities discovered by CTS Labs researchers earlier this month do affect a variety of its products, and that firmware patches mitigating them will be released “in the coming weeks.”

880,000 payment cards, user info hit in Orbitz data breach
Expedia subsidiary Orbitz has revealed that a legacy Orbitz travel booking platform had been compromised and personal user information and payment card data might have been accessed by unauthorized parties.

1 in 10 targeted attack groups use malware designed to disrupt
Cyber criminals are rapidly adding cryptojacking to their arsenal and creating a highly profitable new revenue stream, as the ransomware market becomes overpriced and overcrowded.

Flaws in ManageEngine apps opens enterprise systems to compromise
Researchers have discovered multiple severe vulnerabilities in ManageEngine’s line of tools for internal IT support teams, which are used by over half of Fortune 500 companies.

Facebook’s trust crisis: Has it harmed democracy?
Barraged by accusations of spreading divisive fake news and amid new allegations that it handed over personal information on up to 50 million users without their consent, Facebook is losing the faith of the Americans people, according to the Digital Citizens Alliance.

Understanding email fraud: Do you have visibility into email threats?
Email fraud is highly pervasive and deceptively simple; hackers don’t need to include attachments or URLs, emails are distributed in fewer volumes, and typically impersonate people in authority for maximum impact.

Nmap 7.70 released: Better service and OS detection, 9 new NSE scripts, and more!
Nmap is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

Privilege escalation on Unix machines via plugins for text editors
Several of the most popular extensible text editors for Unix environments could be misused by attackers to escalate privileges on targeted systems, SafeBreach researchers have found.

A look inside the big business of cybercrime
For three months, Armor’s Threat Resistance Unit (TRU) research team compiled and analyzed data from the black market to shed light on the type of activity threat actors are participating in and how underground forums operate in the burgeoning industry.

New Intel processors to have hardware-based protections against Meltdown, Spectre 2
Intel has officially pushed out microcode updates with Spectre and Meltdown mitigations for all of the processors it launched in the past five years. In addition to this, the company’s CEO announced new, redesigned processor lines.

Have you evaluated the cost of a cloud outage?
New findings from a study by Veritas Technologies, indicate that 60 percent of respondents have not fully evaluated the cost of a cloud outage to their business and are therefore ill prepared to deal with the impact of an outage.

New infosec products of the week​: March 23, 2018
A rundown of infosec products released last week.




Share this