F61B 4059 1ED5 3B39 86FA F164 ECEF 6072 135F B7B7

Infosec bits for week 36/19

  1. Every Computer Science Degree Should Require a Course in Cybersecurity [Jack Cable, Harvard Business Publishing]
  2. FinCEN Issues Advisory on Business Email Compromise Schemes and Names Colleges and Universities among Top Targets [Katie Branson, EDUCAUSE]
    - see also: Cyber Claims: GDPR and business email compromise drive greater frequencies
  3. When Ransomware Cripples a City, Who’s to Blame? This I.T. Chief Is Fighting Back [Frances Robles, New York Times]
    - see also: Rockville Center School District pays $88,000 ransom
  4. South Africa’s mass surveillance revealed [Tefo Mohapi, iAfrikan]
    - see also: South African authorities admit to mass surveillance (comments)
  5. Bitcoin Warning As Serious Security Vulnerabilities Uncovered [Billy Bambrough, Forbes]
    - see also: China In the Process of Rolling Out State-Backed Cryptocurrency
  6. Open Redirect: A Small But Very Common Vulnerability [Jan Kopriva, SANS ISC]
  7. Putting an end to Retadup: A malicious worm that infected hundreds of thousands [Jan Vojtěšek, Avast Software]

Infosec bits for week 35/19

  1. The Higher Ed Model for Cybersecurity Compliance [Colleen Johnson, EDUCAUSE Review]
  2. New HTTP/2 Flaws Expose Unpatched Web Servers to DoS Attacks [Ionut Ilascu, Bleeping Computer]
  3. Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs [Catalin Cimpanu, Zero Day]
  4. Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks [Jovi Umawing, Malwarebytes Labs]
    - see also: knobattack.com/
  5. The Difference Between Red, Blue, and Purple Teams [Daniel Miessler]
  6. FNB backs down on password decision after backlash [Duncan Mcleod, NewsCentral Media]
  7. Is this Crown Sterling press release from another planet? [Josh Bernoff]
  8. Employees connect nuclear plant to the internet so they can mine cryptocurrency [Catalin Cimpanu, Zero Day]

Infosec bits for week 33/19

  1. Cyberattack forces Houston County schools to postpone opening day [Doug Olenick, Haymarket Media]
  2. Fraudster Brought Back from Kenya to Face Jail Time for Stealing Almost $750,000 from UCSD through a Spear Phishing Campaign [Alexandra F. Foster, US DOJ]
  3. A Campus Culture of Cybersecurity [Julianne Basinger, The Chronicle of Higher Education]
  4. Windows Defender Gets Perfect Scores in Antivirus Test [Nathaniel Mott, Tom’s Hardware]
  5. Apple halts practice of contractors listening in to users on Siri [Alex Hern, The Guardian]
    - see also: Google: More information about our processes to safeguard speech data
  6. I Always Feel Like Somebody’s Watching Listening to Me (click on link to 29 July article) [Jacob Baines, Tenable TechBlog]
  7. Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V [Mohit Kumar, The Hacker News]
  8. Boffins hacked Siemens Simatic S7, most secure controllers in the industry [Pierluigi Paganini, SecurityAffairs]
  9. Extended Validation Certificates are (Really, Really) Dead [Troy Hunt]
  10. Clever Vanity License Plate Backfires On Man, Winds Up With Tons Of Tickets [Dave Basner, iHeartRadio]

Infosec bits for week 31/19

  1. Louisiana declares emergency over cyberattacks targeting schools [Benjamin Freed, Scoop News Group]
    - see also: Louisiana governor declares state emergency after local ransomware outbreak
    - and: Syracuse cyber attack: Experts say schools easy prey for ransomware
  2. Ed Dept: Hackers created thousands of fake student profiles [Natalie Schwartz, Industry Dive]
    - see also: Ellucian Banner System Vulnerability Update
    - and note: “Attackers are utilizing bots to submit fraudulent admissions applications and obtain institution email addresses through admission application portals. Ellucian recommends adding reCAPTCHA capabilities to the admission process to reduce the likelihood of experiencing fraudulent applications for admissions, even if institutions are not currently experiencing this issue.”
  3. Student data systems compromised in Hawaii, Tennessee [Ryan Johnston, Scoop News Group]
  4. Most City Power IT systems, networks restored following cyber attack [Alex Mitchley, 24.com]
    - see also: Ransomware incident leaves some Johannesburg residents without electricity
  5. Steps to Safeguard Against Ransomware Attacks [The Cybersecurity and Infrastructure Security Agency (CISA)]
  6. A BEAST and a POODLE celebrating SWEET32 [Bojan Zdrnja]
    - Overview: “In last couple of years we have witnessed many SSL/TLS vulnerabilities with various acronyms: POODLE, BEAST, BREACH, CRIME, DROWN, FREAK and SWEET32 – to name some. Almost every time, a snazzy logo and a lot of panic around the vulnerability made us believe that this is the end of secure communication on the Internet. However, we are yet to see any real hacks that actually exploited one of the above mentioned vulnerabilities. This presentation will explain how these vulnerabilities work and will comment on their viability for web, mobile and fat client applications. We will try to identify the SSL/TLS vulnerabilities who cried wolf, so we can concentrate on those that pose a serious threat (if such exist, that is).”
    - See also: Verifying SSL/TLS configuration
  7. Password Managers [Higher Education Information Security Council (HEISC)]
  8. Teenage hackers are offered a second chance under European experiment [Jeff Stone, Scoop News Group]
  9. The Encryption Debate Is Over – Dead At The Hands Of Facebook [Kalev Leetaru, Forbes Media LLC]
  10. How Cyber Weapons Are Changing the Landscape of Modern Warfare [Sue Halpern, The New Yorker]
    - see also: U.S. Cyber Command simulated a seaport cyberattack to test digital readiness

Infosec bits for week 29/19

  1. Monroe College hacked, $2 million in Bitcoin demanded as ransom [Rocco Parascandola (interesting name!) and Thomas Tracy, New York Daily News ]
    - see also: Monroe College Hit With Ransomware, $2 Million Demanded – with interesting note that “The United States Conference of Mayors to make a non-binding agreement to not pay ransomware demands going forward”
  2. Microsoft Office 365: Banned in German schools over privacy fears [Cathrin Schaer, Zero Day]
    - see also: Increasing transparency and customer control over data
    - see also: Microsoft Office brings you new privacy controls
  3. British Airways faces record £183m fine for data breach [BBC News]
  4. HTTP Security Headers – A Complete Guide [Carlie Belmer, Null Sweep]
  5. GnuPG 2.2.17 released to mitigate attacks on keyservers [Werner Koch, GnuPG]
    - with ref from last week: SKS Keyserver Network Under Attack
  6. Samba Project tells us “What’s New” – SMBv1 Disabled by Default [Rob VandenBrink, SANS Internet Storm Center]
  7. How to securely erase the data off your iPhone or iPad, Android device, Windows PC, hard drives, SSDs, and flash drives [Adrian Kingsley-Hughes, Zero Day]
  8. Adventures building a Self Driving RC Car [Rahul]
    - I know, not directly security-related but it’s cool (and we’re allowed to end our list with something a bit off-topic ;))

Infosec bits for week 28/19

  1. I was 7 words away from being spear-phished [Robert Heaton]
  2. Introducing Elastic SIEM [Mike Paquette, Elasticsearch B.V.]
  3. SKS Keyserver Network Under Attack [Robert J. Hansen]
    - OpenPGP users take note
  4. Women in Security [Various, SC Magazine]
  5. Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers [Brian Krebs]
  6. Florida city fires IT employee after paying ransom demand last week [Catalin Cimpanu, Zero Day]
  7. Virtual Private Networks (VPNs) – Ouch! Newsletter [Phil Johnsey, Palm Beach County]
  8. Deconstructing Apple Card: A Hacker’s Perspective [Ryan McKamie and Swapnil Deshmukh, Certus Cybersecurity Solutions LLC]

Infosec bits for week 26/19

  1. Security Operations Center (SOC) Case Study [Higher Education Information Security Council (HEISC)]
  2. Evidence obtained unlawfully from Facebook – Does it infringe the right to privacy? [Brian Kahn Inc Attorneys, Go Legal]
  3. Awesome Web Security [@qazbnm456] – Curated list of Web Security materials and resources
  4. The Clouds Are Out to Get Me! [John Strand, SANS Pen Test HackFest Summit 2018]
  5. Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework [NIST CSRC]
  6. How spammers use Google services [Maria Vergelis, Kaspersky Daily]
  7. Cryptocurrency startup hacks itself before hacker gets a chance to steal users funds [Catalin Cimpanu, Zero Day]
    - Primary advisory: Update Regarding Vulnerability Recently Discovered In Komodo’s Agama Wallet
  8. Google open sources Private Join and Compute, a tool for sharing confidential data sets [Natalie Gagliordi, Zero Day]
  9. Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness [Mark Simos, Kristina Laidler and John Dellinger; Microsoft Security]
  10. Microsoft warns about email spam campaign abusing Office vulnerability [Catalin Cimpanu, Zero Day]
  11. TCP SACK PANIC – Kernel vulnerabilities – CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479 [Red Hat]
    - CVE-2019-11477
  12. The catch-22 that broke the Internet [Brian Barrett, Wired]