Security Snacks is a weekly digest of the most notable InfoSec news.
Its purpose is to provide a one-stop source for getting a high-level view of the state of security and hacking.
Between reports on 2020 attack trends and a new US Treasury policy on ransomware payments, this week’s security news were dominated by ransomware stories. That plus a new alarmingly creative phishing technique, and a couple of new tools to help increase your security posture.
Read on to know the details!
Notable Security News
Phishing with Worms – The Greatest Password Theft I’ve Ever Seen
This is the story of a phishing bot that quickly spread from one compromised email account like a worm. It looked at existing emails threads and replied with a link to a phishing page to capture credentials. If there is one takeaway from this read, it is the importance of using Multi-Factor Authentication in the enterprise.
Grindr fixed a bug allowing full takeover of any user account
A French researcher found a security flaw in Grindr that would’ve allowed attackers to easily hijack any Grindr account knowing only the user’s email address. After unsuccessful disclosure attempts, he reached out to Troy Hunt who helped convince Grindr to fix the issue. Now, Grindr is working on starting a new bug bounty program to make vulnerability reporting easier.
Ransomware 2020: Attack Trends Affecting Organizations Worldwide
IBM X-Force reports the latest ransomware trends: Ransomware demands are increasing exponentially, with one in three being caused by Sodinokibi ransomware. Attacks now blend data theft and extortion with ransomware. Also, schools and universities are amongst the most attractive targets.
GitHub: Now our built-in bug checker gets these third-party code-scanning tools
Github rolled out a new Code Scanning feature to help developers identify security issues in their code when submitting it. It works on top of CodeQL, a technology by Github, and also allows leveraging third-party static application security testing (SAST) tools.
Researchers Mixed on Sanctions for Ransomware Negotiators
US Treasury issued a warning that companies that facilitate ransomware payments to sanctioned cybercrime groups may face sanctions, while notifying law enforcement of such attacks will be considered a mitigating factor. Not everyone agrees this would discourage future ransomware payment demands.
Other Interesting News
A few years ago Red Bull realised that writing policies does not hinder anyone in attacking the company. As they have a large, heterogenous structured and fast changing environment, taking care about security of all their public facing assets is nearly impossible. That’s why Red Bull decided that it’s better to invite “Friendly Hackers” (this is how they call security researchers) to hack them and share afterwards how they were able to do this. The alternative is being hacked anyway without knowing.
The jury motivated their decision: “The emphasis in this category is on innovation, and Intigriti developed an innovative platform for ethical hackers. With Intigriti, the jury chose a Belgian company that manages to impress with that platform. The jury is of the opinion that it is not only about a very high-quality platform, but that the company can now also present good references. The recent funding round of more than 4 million euros proves that this young company is also ready for further growth. ”
Today it was announced that Inti de Ceukelaire (25), Head of Hackers at Intigriti, has been voted “IT Person of the Year” by Computable. He also has the honor of being the youngest winner ever. Inti has been selected from a long list of 55 Belgian candidates compiled by the magazine’s editors. The public votes were decisive for Computable to determine the final winner.
Intigriti Customer Story
“Intigriti offers an international platform, where ethical hackers have to register. That makes it more trustworthy for us as clients. They also offer a platform for ethical hackers to get recognition. There’s a hall of fame for where ethical hackers earn points for reporting issues and get a ranking accordingly.”
– Eric de Smedt, Manager Cyber Security, Telenet Group. Read more