C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F

Infosec bits for week 10/20

- Roderick Mooi

  1. Personal information of students, faculty at B.C. university exposed in recent data breach [Carly Yoshida-Butryn, CTV News / Bell Media]
    - see also: Names, birthdays, email addresses of thousands potentially exposed in SFU data breach
  2. Sodinokibi Ransomware May Tip NASDAQ on Attacks to Hurt Stock Prices [Lawrence Abrams, Bleeping Computer]
    - see also: DoppelPaymer Ransomware Launches Site to Post Victim’s Data
    - and: Ransomware victims are paying out millions a month. One particular version has cost them the most
  3. Ransomware Response: Mature Cybersecurity Must Involve Data Analytics [James Stanger, CompTIA]
  4. Hackers are actively exploiting zero-days in several WordPress plugins [Catalin Cimpanu, Zero Day]
    - see also: Critical Bugs in WordPress Plugins Let Hackers Take Over Sites
  5. Hackers Use Windows 10 RDP ActiveX Control to Run TrickBot Dropper [Ionut Ilascu, Bleeping Computer]
  6. ‘Cloud Snooper’ Attack Bypasses Firewall Security Measures [Sergei Shevchenko, Sophos]
  7. Educating Educators: Microsoft’s Tips for Security Awareness Training [Kelly Sheridan, Dark Reading]
  8. CWE list now includes hardware security weaknesses [Zeljka Zorz, Help Net Security]
    - find it here: cwe.mitre.org/
  9. Your phone wakes up. Its assistant starts reading out your text messages. To everyone around. You panic. How? Ultrasonic waves [Katyanna Quach, The Register]
  10. Introducing Dispatch [Kevin Glisson, Marc Vilanova and Forest Monsen, Netflix]
  11. Chrome 80 update cripples top cybercrime marketplace [Catalin Cimpanu, Zero Day]
    - see also: New Deep-Linking Feature in Google Chrome 80 Sparks Privacy Concerns
    - and: Web Browser Privacy: What Do Browsers Say When They Phone Home?
  12. Russian spies are attempting to tap transatlantic undersea cables [Pierluigi Paganini, Security Affairs]
  13. How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer [Lily Hay Newman, WIRED / Condé Nast]