By Anna Hammond
October 30, 2020
Security Snacks is a weekly digest of the most notable InfoSec news.
Its purpose is to provide a one-stop source for getting a high-level view of the state of security and hacking.
What a weird week! Ransoms taking cyber crime to a new low, Trump making foes with both black hat and white hat hackers, a privacy advocate who sold encrypted phones to criminals… But it’s not all bad news, Vulnerability Disclosure Programs are becoming mainstream!
A Finnish psychotherapy clinic was hacked and the data of more than 40.000 patients was stolen. The attacker is blackmailing patients, threatening to publish their therapist notes if they do not pay a €200 ransom. What a new low for cybercrime!
German armed forces launch security vulnerability disclosure program
The German armed forces have launched a responsible disclosure program, providing an official process for reporting security vulnerabilities. These are excellent news as only a handful government agencies in the world maintain similar disclosure programs.
‘Compromised credentials’ most likely vector in Trump re-election site defacement & Hacker says he correctly guessed Trump’s Twitter password—it was “maga2020!”
“Nobody gets hacked. To get hacked, you need somebody with a 197 IQ and he needs about 15 percent of your password.”. What happened after this statement by Trump was not surprising. Attackers defaced his re-election campaign website, and a hacker also claims to have guessed his Twitter password at the fifth attempt. Claims of being “unhackable” always end badly.
Microsoft launches machine learning cyber-attack threat matrix
The Adversarial ML Threat Matrix is a new framework by Microsoft (inspired by the ATT&CK framework) to help detect and remedy threats against Machine Learning systems. This is a timely tool considering the increasing number of attacks against commercial ML systems.
Majority of Microsoft 365 Admins Don’t Enable MFA
CoreView Research analyzed how more than five million enterprise workers use Microsoft 365. Their findings are troubling… 97% of users do not use Multi-Factor Authentication, 78% of administrators do not either, and 57% of organizations have admins with excess permissions. This report highlights exactly what not to do security-wise!
Sophisticated botnet feasts on old vulnerability to exploit content management systems
Tech giants among those affected by breach at PDF signature software maker Nitro
Data breach at Swedish security company leaks 38,000 sensitive documents
Warnings raised after Nano Adblocker modified to slurp up user data
FBI: Hackers stole government source code via SonarQube instances
FBI, CISA: Russian hackers breached US government networks, exfiltrated data
How much does Oracle love you? Thiiiis much: Latest patch bundle has 402 fixes
WordPress deploys forced security update for dangerous bug in popular plugin
Ruckus IoT controllers vulnerable to remote takeover via ‘trivial’ chained exploit
HTTP/3: Everything you need to know about the next-generation web protocol
Apple provides technical steer on Face ID, Touch ID authentication for websites
Snyk to automatically check Docker Official Images for security problems
The Network: How a Secretive Phone Company Helped the Crime World Go Dark
Angry YouTube-dl users flood GitHub with new repos after takedown
EU slaps extra sanctions on Russian spy chief and APT28 malware dev over 2015 Bundestag hack
US Treasury sanctions Russian research institute behind Triton malware
Intigriti is named a Deloitte fast 50 rising star finalist! We’re incredibly proud of this achievement, and want to thank our amazing network of change and decision makers embracing innovation! Read more….
“We wanted to come as close as possible to a bullet-proof IT- Security situation and therefore decided to call upon intigriti’s ethical hackers who found a critical vulnerability that we then mitigated.”
– Jean-François Simons, CISO & Data Privacy Officer, Brussels Airlines. Read more