Security Snacks is a weekly digest of the most notable InfoSec news.
Its purpose is to provide a one-stop source for getting a high-level view of the state of security and hacking.

Click here to subscribe

What a weird week! Ransoms taking cyber crime to a new low, Trump making foes with both black hat and white hat hackers, a privacy advocate who sold encrypted phones to criminals… But it’s not all bad news, Vulnerability Disclosure Programs are becoming mainstream!

Notable Security News

Hackers rummaged about in Finnish psychotherapy clinic – now patients extorted with public data dump threats

A Finnish psychotherapy clinic was hacked and the data of more than 40.000 patients was stolen. The attacker is blackmailing patients, threatening to publish their therapist notes if they do not pay a €200 ransom. What a new low for cybercrime!

German armed forces launch security vulnerability disclosure program

The German armed forces have launched a responsible disclosure program, providing an official process for reporting security vulnerabilities. These are excellent news as only a handful government agencies in the world maintain similar disclosure programs.

‘Compromised credentials’ most likely vector in Trump re-election site defacement & Hacker says he correctly guessed Trump’s Twitter password—it was “maga2020!”

“Nobody gets hacked. To get hacked, you need somebody with a 197 IQ and he needs about 15 percent of your password.”. What happened after this statement by Trump was not surprising. Attackers defaced his re-election campaign website, and a hacker also claims to have guessed his Twitter password at the fifth attempt. Claims of being “unhackable” always end badly.

Microsoft launches machine learning cyber-attack threat matrix

The Adversarial ML Threat Matrix is a new framework by Microsoft (inspired by the ATT&CK framework) to help detect and remedy threats against Machine Learning systems. This is a timely tool considering the increasing number of attacks against commercial ML systems.

Majority of Microsoft 365 Admins Don’t Enable MFA

CoreView Research analyzed how more than five million enterprise workers use Microsoft 365. Their findings are troubling… 97% of users do not use Multi-Factor Authentication, 78% of administrators do not either, and 57% of organizations have admins with excess permissions. This report highlights exactly what not to do security-wise!

Other Interesting News

Cybercrime

• Sophisticated botnet feasts on old vulnerability to exploit content management systems

• Sopra Steria Hit by New Ryuk Variant

• Tech giants among those affected by breach at PDF signature software maker Nitro

• Data breach at Swedish security company leaks 38,000 sensitive documents

• Warnings raised after Nano Adblocker modified to slurp up user data

• FBI: Hackers stole government source code via SonarQube instances

• FBI, CISA: Russian hackers breached US government networks, exfiltrated data

• Iran sent threatening pro-Trump emails to American Democrats, Russia close behind, says US intelligence

Vulnerabilities

• How much does Oracle love you? Thiiiis much: Latest patch bundle has 402 fixes

• WordPress deploys forced security update for dangerous bug in popular plugin

• Ruckus IoT controllers vulnerable to remote takeover via ‘trivial’ chained exploit

• Symfony-based websites open to RCE attack, research finds

Reports

• Are You Still Running End-of-Life Windows Servers?

• Nokia Threat Intelligence Report 2020

Responsible disclosure

• IoT Security Foundation launches vulnerability disclosure platform for smart device vendors

Tech

• HTTP/3: Everything you need to know about the next-generation web protocol

• Microsoft begins to finally kill off Internet Explorer

• Apple provides technical steer on Face ID, Touch ID authentication for websites

• Snyk to automatically check Docker Official Images for security problems

Misc.

• The Network: How a Secretive Phone Company Helped the Crime World Go Dark

• Why Cybercriminals and Terrorists Keep Using Bitcoin

• Angry YouTube-dl users flood GitHub with new repos after takedown

• EU slaps extra sanctions on Russian spy chief and APT28 malware dev over 2015 Bundestag hack

• US Treasury sanctions Russian research institute behind Triton malware

Intigriti News

Intigriti is named a Deloitte fast 50 rising star finalist! We’re incredibly proud of this achievement, and want to thank our amazing network of change and decision makers embracing innovation! Read more….

Intigriti Customer Story

Brussels Airlines leverages the power of Bug Bounty through Intigriti platform to discover critical vulnerability not detected by pentests.

“We wanted to come as close as possible to a bullet-proof IT- Security situation and therefore decided to call upon intigriti’s ethical hackers who found a critical vulnerability that we then mitigated.”

– Jean-François Simons, CISO & Data Privacy Officer, Brussels Airlines. Read more