Daily Archives: September 18, 2020

Weekly Update 209

Weekly Update 209

More IoT, more cyber and more Q&A so yeah, business as usual this week. More specifically, a lot of this week's update talks about VPNs and where they still make sense with so much HTTPS all over the place these days. As I say in the vid, blog posts like the VPN one I did this week are often done to help me get my thoughts on a topic straight and a lot of things became a lot clearer for me in doing that. The headline figure out of that post IMHO is that only 2.3% of websites are forcing all connections to be secure courtesy of HSTS preload and the fact that browsers still default to the insecure scheme. More on that (and much more) in this week's update.

Weekly Update 209
Weekly Update 209
Weekly Update 209
Weekly Update 209

References

  1. The whisky tasting put on by Hacktive was a pretty neat digital experience (pic there from the event)
  2. There's been what's reported as the first death as a result of ransomware (I find it hard to believe it hasn't happened before, and it'll definitely happen again)
  3. The "3Ps" of VPN value proposition (where do they still make sense in an increasingly "secure by default" web?)
  4. Sponsored by: safepass.me helps you quickly secure your AD passwords and reduce the risk of Credential Stuffing

This Week in Security News: AWS Outposts Ready Launches With 32 Validated Partners and Staples Hit by a Data Breach

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how solutions from 32 Amazon Web Services partners – including Trend Micro – are now available for AWS customers to use with their deployments of AWS Outposts. Also, read about a data breach at U.S. office-supply retailer Staples.

 

Read on:

Boosting Impact for Profit: Evolving Ransomware Techniques for Targeted Attacks

As described in Trend Micro’s 2020 Midyear Roundup, the numbers pertaining to ransomware no longer tell the full story. While the number of infections, company disclosures, and ransomware families has gone down, the estimated amount of money exchanged for the retrieval of encrypted data has steadily gone up. By going after institutions and companies with the urgent need to retrieve their data and get their systems running again, cybercriminals are able to demand exorbitant amounts of ransom.

AWS Outposts Ready Launches with 32 Validated Partners

Solutions from 32 Amazon Web Services partners, including Trend Micro, are available now for AWS customers to use with their deployments of AWS Outposts, the on-premises version of the industry’s leading public cloud.

Analysis of a Convoluted Attack Chain Involving Ngrok

The Trend Micro Managed XDR team recently handled an incident involving one of Trend Micro’s customers. The incident revealed how a malicious actor incorporated certain techniques into an attack, making it more difficult for blue teams and security researchers alike to analyze the chain of events in a clean and easily understandable manner. In this blog, Trend Micro further analyzes the attack.

39% of Employees Access Corporate Data on Personal Devices

A large proportion of employees are using their own devices to access data belonging to their company, according to a new study by Trend Micro. Researchers found that 39% of workers use personal smartphones, tablets, and laptops to access corporate data, often via services and applications hosted in the cloud.

A Blind Spot in ICS Security: The Protocol Gateway Part 2: Vulnerability Allowing Stealth Attacks on Industrial Control Systems

In this blog series, Trend Micro analyzes the impacts of the serious vulnerabilities detected in the protocol gateways and shares the security countermeasures that security administrators in smart factories must take. In the second part of this series, Trend Micro presents an overview of the verification methods, results of this research, and describes “flaws in the protocol conversion function,” one of the security risks revealed through Trend Micro’s experiments.

Staples Hit by Data Breach: What to Do Now

U.S. office-supply retailer Staples says its recent data breach affected fewer than 2,500 customers. Australian security researcher Troy Hunt, who runs the HaveIBeenPwned website, used his Twitter account to post a copy of an email message sent to an unknown number of Staples online customers.

“Zerologon” and the Value of Virtual Patching

A new CVE was released recently that has made quite a few headlines – CVE-2020-1472, also known as Zerologon. This CVE can allow an attacker to take advantage of the cryptographic algorithm used in the Netlogon authentication process and impersonate the identity of any computer when trying to authenticate against the domain controller.

Billions of Devices Vulnerable to New ‘BLESA’ Bluetooth Security Flaw

Billions of smartphones, tablets, laptops, and IoT devices are using Bluetooth software stacks that are vulnerable to a new security flaw disclosed this summer. Named BLESA (Bluetooth Low Energy Spoofing Attack), the vulnerability impacts devices running the Bluetooth Low Energy (BLE) protocol. BLE is a slimmer version of the original Bluetooth (Classic) standard but designed to conserve battery power while keeping Bluetooth connections alive as long as possible.

California Elementary Kids Kicked Off Online Learning by Ransomware

As students head back to the classroom, the wave of ransomware attacks against schools is continuing. The latest is a strike against a California school district that closed down remote learning for 6,000 elementary school students, according to city officials. The cyberattack, against the Newhall School District in Valencia, affected all distance learning across 10 different grade schools.

Mobile Messengers Expose Billions of Users to Privacy Attacks

When installing a mobile messenger like WhatsApp, new users can instantly start texting existing contacts based on the phone numbers stored on their device. For this to happen, users must grant the app permission to access and regularly upload their address book to company servers in a process called mobile contact discovery. A new research study shows that currently deployed contact discovery services severely threaten the privacy of billions of users.

Should employees be able to access company data via their personal devices? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: AWS Outposts Ready Launches With 32 Validated Partners and Staples Hit by a Data Breach appeared first on .