Never Trust a Platform to Put Privacy Ahead of Profit

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

“If you wanted to secure the phone numbers you’d just put them in a database table called ‘2FA numbers don’t sell to marketers,'” says Matthew Green, a cryptographer at Johns Hopkins University. “This stuff is like a bank leaving customers’ money lying around and then spending it on snacks. Obviously that could happen. We just try to prevent it from happening because, you know, ethics.”

Read more in the Wired article

Top 5 Security News

Almost 50% of Company Network Traffic Comes From Bots, Report Says

New Microsoft NTLM Flaws May Allow Full Domain Compromise

Breaches are now commonplace, but Reason Cybersecurity lets users guard their privacy

Father of Unix Ken Thompson checkmated as his old password has finally been cracked

Copy-and-paste sharing on Stack Overflow spreads insecure code

 

Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

 

An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored cross-site scripting (XSS) attacks.

Sites running the plugin are vulnerable to unauthenticated plugin option updates, which can be used to deliver malware payloads; and according to Wordfence, attacks are already happening in the wild.

Read more

 

Top 5 Security News

Microsoft rushes out fix for Internet Explorer zero-day

Magecart Group Continues Targeting E-Commerce Sites

iOS 13 Bug Lets 3rd-Party Keyboards Gain ‘Full Access’ — Even When You Deny

Why You Need to Think About API Security

HTTP/3: the past, the present, and the future

Millions of passenger data publicly accessible in cloud storage buckets

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

The breach, which reportedly exposed data on millions of passengers, is one of many that have resulted from organizations leaving data publicly accessible in cloud storage buckets.

Read more

 

Top 5 Security News

Robocalls now flooding US phones with 200m calls per day

Is Your Medical Data Safe? 16 Million Medical Scans Left Out in the Open

GitHub gobbles biz used by NASA, Google, etc to search code for bugs and security holes in Mars rovers, apps…

LastPass Fixes Bug That Leaks Credentials

Huawei suspended from the Forum of Incident Response and Security Teams

DNS-over-HTTPS, a curse or a blessing?

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

“Mozilla plans to enable support for the DNS-over-HTTPS (DoH) protocol by default inside the Firefox browser for a small number of US users starting later this month.

When DoH support is enabled in Firefox, the browser will ignore DNS settings set in the operating system, and use the browser-set DoH resolver.

By moving DNS server settings from the OS to the browser level, and by encrypting the DNS traffic, DoH effectively hides DNS traffic from internet service providers (ISPs), local parental control software, antivirus software, enterprise firewalls and traffic filters, and about any other third-party that tries to intercept and sniff a user’s traffic.” according to Catalin Cimpanu for Zero Day.

This is causing some controversy and might affect current mitigating measures in place at businesses.

Read more

Top 5 Security News

Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708)

18 months after indictment, Iranian phishers are still targeting universities

Instagram Confirms Security Issue Exposed User Accounts And Phone Numbers—Exclusive

Simjacker attack exploited in the wild to track users for at least two years

State-sponsored entities targeting Airline Industry (Part 1)

Diversity and Security. Why it is so important?

Being inspired of the event “Diversity & Security” organized by Microsoft Norway and Oda Network (Norwegian leading network for women in tech) I want to share some ideas about this topic with Basefarmers.

 

Why diversity is so important nowadays?

 

“Diversity is not just about the color of our skin, gender, religious or ethnic background, it is also about being surrounded by people whose varied experiences contribute new ideas to problem solving.” – Ann Johnson Corporate Vice President, Cybersecurity Solutions Group

Studies have shown the importance of diversity and inclusion in generating more creative solutions to business problems and enhancing performance and competitiveness. It’s particularly important in tech because it serves as a catalyst for success and a foundation for innovation in so many industries.

McKinsey report “Diversity Matters” shows how diversity impacts organizational performance and especially decisions making.

It’s quite impressive to see how many % of the time a better decision is made, based on what kind of people are around you. And I’m pretty sure that we in Basefarm do the right things moving into that direction.

 

While many organizations working on implementation of “diversity measures” to encourage more women and other underrepresented groups to explore careers in tech, it’s still remains a deficiency of women and minorities, especially in cybersecurity.

It’s easy to calculate the gender gap in cybersecurity. Women – who make up 11% of the industry – hold few leadership roles in security.

As recently predicted that by 2021, 3.5 million cybersecurity positions will go unfilled, so to gain the advantage in fighting cybercrime we are dependent on diverse talents and consciousness about this subject! 🙂

 

Sources:

https://www.mckinsey.com

https://www.forbes.com/diversity-inclusion

https://www.darkreading.com

https://news.microsoft.com

https://www.csoonline.com/article/3200024/cybersecurity-labor-crunch-to-hit-35-million-unfilled-jobs-by-2021.html

Crimeware

Crimeware in the Modern Era

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

“Crimeware is a cornerstone to financially motivated threat actors’ toolsets and sees consistent and continuous evolution in its operation. Crimeware developers have demonstrated resilience in the face of an evolving security landscape and law enforcement actions through constant shifts and updates to their tools, techniques, and procedures. This has resulted in a perennial back and forth between criminally-minded attackers and budget-constrained defenders.” according to Brandon Levene the Head of Applied Intelligence (Chronicle) at Google

Read more

Top 5 Security News

PowerShell Script with a builtin DLL

Google throws bug bounty bucks at mega-popular third-party apps

AI mimics CEO voice to scam UK energy firm out of £200k

Facebook loses control of key used to sign Android app

Exim – local or remote attacker can execute programs with root privileges (CVE-2019-15846)

 

 

Backdoor Found in Utility for Linux, Unix Servers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Backdoor was intentionally planted in 2018 and found during the DEF CON 2019 security conference when researchers stumbled upon malicious code.

In an unnerving twist, when a critical zero-day vulnerability was reported in a Unix administration tool, called Webmin, it was revealed the flaw was no accident. According to researchers, the vulnerability was a secret backdoor planted in the popular utility nearly a year before its discovery.

Read more

Top 5 Security News

A Telegram bug that disclose phone numbers of any users in public groups

GitHub supports Web Authentication (WebAuthn) for security keys

I Visited 47 Sites. Hundreds of Trackers Followed Me.

Forced Password Reset? Check Your Assumptions

Bumper Cisco patches fix four new ‘critical’ vulnerabilities

Don’t let encrypted messaging become a hollow promise

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Why do we care about encryption? Why was it a big deal, at least in theory, when Mark Zuckerberg announced earlier this year that Facebook would move to end-to-end encryption on all three of its messaging platforms? We don’t just support encryption for its own sake. We fight for it because encryption is one of the most powerful tools individuals have for maintaining their digital privacy and security in an increasingly insecure world.

Read more

Top 5 Security News

Your Android Phone Can Get Hacked Just By Playing This Video

Apple bleee. Everyone knows What Happens on Your iPhone

EvilGnome – Linux malware aimed at your laptop, not your servers

Citrix Confirms Password-Spraying Heist of Reams of Internal IP

New IPS Architecture Uses Network Flow Data for Analysis

OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

In recent years, several groups of cybersecurity researchers have disclosed dozens of memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre, and Meltdown.

Have you ever noticed they all had at least one thing in common?

That’s OpenSSH.

Read more

Top 5 Security News

How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today

VLC media player gets biggest security update ever

Newly-Discovered Malware Targets Unpatched MacOS Flaw

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Tracing the Supply Chain Attack on Android

image showing kernel panic text

SACK Panic kernel bug discovered by Netflix

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Engineers at Netflix discovered three new vulnerabilities in Linux and FreeBSD kernels specific to its TCP networking implementation.

The Vulnerabilities can be used by an adversary to perform a Denial Of Service (DOS) attack against Linux and FreeBSD machines, and Redhat classifies one of them as Important and the rest as moderate. CVE-2019-11477 is the most critical of the four, and has been dubbed SACK panic since the bug is located in the way Linux kernel Selective Acknowledgment (SACK) capabilities. This vulnerability can lead to a Linux host ending in a complete kernel panic, effectively stopping all services running on that host. This vulnerability affects all Linux kernel versions from 2.6.29 and up.
All major Linux vendors have released patches for the Vulnerabilities and we strongly urge people to apply the patches as soon as they can. There are also workaround for those systems where patching is not an option, but these can lead to loss in performance.
You can read a more detailed explanation here.

 

Top 5 Security News