Week in review: SD-WAN deployment, security DevOps, a new taxonomy for SCADA attacks

Here’s an overview of some of last week’s most interesting news and articles:

Compromised ad company serves Magecart skimming code to hundreds of websites
The attackers managed to compromise Adverline, a French online advertising company with a European-focused clientele, and inject payment card skimming code into one of its JavaScript libraries for retargeting advertising.

Strategies for expertly protecting industrial control systems
Andrew Ginter is the Vice President of Industrial Security at Waterfall Security Solutions. We sat down with him to learn more about his new book, Secure Operations Technology, a collection of affordable and practical approaches that thoroughly defeat control system cyber attacks from the mundane to the arcane.

773 million records exposed in massive data breach
Someone has compiled a massive collection of email addresses and plain text passwords, apparently from 2000+ hacked databases, and has made the trove freely available for download via the MEGA cloud storage service.

Protecting privileged access in DevOps and cloud environments
Five key recommendations based on the real-world experiences of participating CISOs.

The costs of cyberattacks increased 52% to $1.1 million
The top impact of cyberattacks, as reported by respondents, is operational/productivity loss (54%), followed by negative customer experience (43%).

Fortnite vulnerabilities would have allowed attackers to intercept and steal login credentials
If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information, as well as enabling them to purchase virtual in-game currency using the victim’s payment card details. It would also have allowed attackers to listen to and record in-game chat as well as surrounding sounds and conversations within the victim’s home or other location of play.

A new taxonomy for SCADA attacks
Attacks aimed at SCADA networks are still much rarer than those targeting IT networks, but the number is slowly rising. And, according to Radiflow CTO Yehonatan Kfir, there’s no time like the present to start using a consistent, evidence-based taxonomy to analyze them and learn from them.

Mining malware evades agent-based cloud security solutions
Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining malware’s effect.

2019 cybersecurity workforce: Recruiting vs. re-skilling
It’s easy to point to how hard it is to train a cybersecurity expert. That is slowly being addressed by the uptick in higher education institutions starting to offer infosec programs and cybersecurity degrees. But the results of new educational programs are a long way off. And we really can’t afford to just sit around and wait.

BEC scammers add payroll diversion to their repertoire
All the attention the most typical BEC scams have been receiving in the last few years must have affected their effectiveness and forced scammers to come up with new ways for extracting money from companies.

Considering an SD-WAN deployment? The best solution may already be in your network
IT departments need to deliver high-quality, reliable links for all applications that are core to the company’s business operations. To meet this demand in a cost-effective way, businesses are looking to one of the hottest topics in networking right now – SD-WAN.

Cyber risk management and return on deception investment
This article is fifth in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of how deception fits into information risk management strategies and how organizations can answer C-level ROI questions for justifying deception.

Researcher releases PoC for Windows VCF file RCE vulnerability
A vulnerability that exists in the way Windows processes VCard files (.vcf) can be exploited by remote attackers to achieve execute arbitrary code on vulnerable systems.

Hack a Tesla Model 3, get cash and the car
For this year’s edition of the Pwn2Own hacking contest at CanSecWest, Trend Micro’s Zero Day Initiative has announced a new target category: Automotive.

Most Facebook users aren’t aware that Facebook tracks their interests
Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their traits and interests, which is then used by to target them with relevant ads.

New requirements for the secure design and development of modern payment software
The PCI Security Standards Council (PCI SSC) published new requirements for the secure design and development of modern payment software.

Radio frequency remote controller weaknesses have serious safety implications
The report’s findings cover RF remote controllers found in cranes, drills, mining machinery and other industrial devices produced by the seven most commonly deployed vendors.

How to build a better CISO
The CISO is a holistic position in terms of visibility and responsibility.

Criminals wielding Ryuk ransomware specialize in targeting enterprises
A cybercriminal group dubbed Grim Spider has been using the Ryuk ransomware to exclusively target enterprises and has managed to amass over 705 Bitcoins (around $3.7 million) from the victims in less than six months.

43% of businesses are still running Windows 7, security threats remain
With one year to go until Microsoft ends support for its ten-year-old operating system Windows 7, as many as 43% of enterprises are still running the outdated platform.

Why security by design and security DevOps are so critical to success
As companies begin the process, the role of the CISO becomes one of technical accuracy and governance – ensuring that security control mechanisms are embedded across the board, in processes, application designs, devices controls, systems and the fundamental architecture of each phase of transformation.

SmokeLoader malware downloader enters list of most wanted malware
Check Point has published its latest Global Threat Index for December 2018.

New infosec products of the week: January 18, 2019
A rundown of infosec products released last week.