F61B 4059 1ED5 3B39 86FA F164 ECEF 6072 135F B7B7

Infosec bits for week 08/19

  1. Power Company Has Security Breach Due to Downloaded Game [Bleeping Computer]
    - as if load shedding’s not enough :-/
  2. The Evolution of Cyber Threat Intelligence (CTI): 2019 SANS CTI Survey [SANS]
  3. Facebook broad data collection ruled illegal by German anti-trust office [ZDNet]
  4. What Happens If Russia Cuts Itself Off From the Internet [Wired]
  5. Selecting the Right SOC Model for Your Organization [Gartner]
    - see also: The CIS Critical Security Controls for Effective Cyber Defense
  6. The great Equifax mystery: 17 months later, the stolen data has never been found, and experts are starting to suspect a spy scheme [CNBC]
    - see also: Where’s the Equifax Data? Does It Matter?
  7. Ransomware Attacks Target MSPs to Mass-Infect Customers [Bleeping Computer]
  8. BOV [Bank of Valletta] goes dark after hackers go after €13m [Times of Malta]
  9. Mitigations against Mimikatz Style Attacks [SANS ISC]
  10. How to Test Bro-Sysmon [Salesforce Engineering]
  11. Are airlines putting your data at risk? [Wandera]
  12. Many popular iPhone apps secretly record your screen without asking [Tech Crunch]
  13. Android Phones Can Get Hacked Just by Looking at a PNG Image [The Hacker News]
  14. Spying on Safari in Mojave [Jeff Johnson]

Advisories for week 06/19

  1. Microsoft Exchange 2013 and newer are vulnerable to NTLM relay attacks
    - MS advisory
  2. Google Chrome update contains 58 security fixes
  3. Firefox 65 Released with Updated Content Blocking, MSI Installers, and More
    - but: www.zdnet.com/article/windows-firefox-65-rollout-halted-by-mozilla-av-clash-stopped-users-browsing/
  4. Update for Windows Defender antimalware platform
    - oh wait, Windows 10 might not boot afterwards and the workarounds… hmm, really :-/

Infosec bits for week 06/19

  1. Team America tries to crash Little Rocket Man’s Joanap botnet from within, warns owners of infected boxes [The Register]
  2. Abusing Exchange: One API call away from Domain Admin [dirkjanm.io]
    - see also: You’re an admin! You’re an admin! You’re all admins, thanks to this Microsoft Exchange zero-day and exploit
    - and: Relaying Exchange’s NTLM authentication to domain admin
  3. Facebook pays teens to install VPN that spies on them [TechCrunch]
    - see also: Facebook Has Just Been Caught Spying On Users’ Private Messages And Data — Again
    - and: Why Facebook’s Banned ‘Research’ App Was So Invasive
    - lastly: Apple blocks Facebook from running its internal iOS apps
  4. FaceTime bug lets callers eavesdrop on recipients [SC Magazine]
    - see also: Apple says iOS fix for Group FaceTime bug now coming next week, issues apology
  5. ENISA: Updated network forensics training material [ENISA]
  6. The Cybersecurity Workforce Gap [CSIS]
  7. SpeakUp Linux Backdoor Sets Up for Major Attack [Threatpost]
  8. Unlocking God Mode on x86 Processors [Hackaday]
  9. Understanding Ubiquiti Discovery Service Exposures [Rapid7]
  10. Over 9,000 Cisco RV320/RV325 routers are vulnerable to CVE-2019-1653 [Bad Packets Report]
  11. Net neutrality: Federal judges had tough questions for the FCC [The Washington Post]
  12. I used to be a dull John Doe. Thanks to Huawei, I’m now James Bond! [The Register]