C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F

  1. A look into the global ‘drive-by cryptocurrency mining’ phenomenon
  2. New Amazon S3 Encryption & Security Features
    - including Default Encryption, Permission Checks, Cross-Region Replication ACL Overwrite, Cross-Region Replication with KMS and Detailed Inventory Report
  3. Google releases KRACK patches for Android
  4. Microsoft Provides Guidance on Mitigating DDE Attacks
    - technet.microsoft.com/library/security/4053440
    - Note A: “Disabling this feature could prevent Excel spreadsheets from updating dynamically if disabled in the registry”
    - Note B: “Users of the Windows 10 Fall Creator Update can leverage Windows Defender Exploit Guard to block DDE-based malware with Attack Surface Reduction (ASR). Attack Surface Reduction is a component within Windows Defender Exploit Guard that provides enterprises with a set of built-in intelligence that can block the underlying behaviors used by malicious documents to execute attacks without hindering product operation. By blocking malicious behaviors independent of what the threat or exploit is, ASR can protect enterprises from never-before-seen zero-day attacks like these recently discovered vulnerabilities: CVE-2017-8759, CVE-2017-11292, and CVE-2017-11826.”
  5. Half of people plug in USB drives they find in the parking lot
    - scary, but a nice (safe and non-intrusive) way to test how many get plugged in
  6. Stop relying on file extensions
  7. Honey Accounts
    - an interesting (and easy to implement) approach for early detection of malicious activity utilising AD
  8. Factsheet Post-quantum cryptography – start planning today!
    - TL;DR : use min 256 bit keys for AES; RSA, ECDSA and DH not secure when quantum comes into play; use SPHINCS-256/XMSS for stateless/stateful digital signatures