InfoSec News 20190927
Top News
-
iOS 13 Bug Lets 3rd-Party Keyboards Gain 'Full Access' — Even When You Deny
"Following the release of iOS 13 and iPadOS earlier this week, Apple has issued an advisory warning iPhone and iPad users of an unpatched security bug impacting third-party keyboard apps."
TLP1 : Green
-
Hearing aid manufacturer hit by cyber attack slashes profits by $95 million
"Demant, the manufacturer of Oticon hearing aids, has said that it expects losses of up to 650 million kroner (approximately $95 million) following a cyber attack earlier this month."
TLP1 : Green
-
Phish Uses Google’s URL Decoding to Swim Past Defenses
"Percentage-based URL encoding plus Google domain trickery is helping malicious emails to evade filters."
TLP1 : Green
-
On Chinese "Spy Trains"
"The trade war with China has reached a new industry: subway cars. Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States."
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Why Cybersecurity Pros Need to Be Good Storytellers
"Like storytelling, data visualization can be used to provide a narrative about your organization’s cybersecurity posture. Cybersecurity is never a single thing; it is an amalgamation of an often growing list of issues that never seem to end. So in order to make some sense of what it means for the health of your organization, I am combining several metrics to define a singular one—cybersecurity posture—in a visual manner."
TLP1 : Green
-
WordPress sites hacked through defunct Rich Reviews plugin
"An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and–worst of all–malware designed to infect users’ computers."
TLP1 : Green
-
Cisco Security Supporting NATO’s Largest Cybersecurity Conference
"NIAS is NATO’s largest cyber security conference and provides an opportunity for NATO and government leaders, defence and cybersecurity specialists to discuss needs and priorities and effective cyber security solutions."
TLP1 : Green
-
How Analysts Connect Threat Intelligence Sources to Make Investigations More Efficient
"I remember it like it was yesterday. I was supporting a counterterrorism task force and sitting in the heart of a joint operations center, targeting a very senior leader of a prominent terrorist group. We had intelligence leads coming in from multiple sources that we had to investigate to ensure we had the right person in the right place at the right time and take action accordingly. This was a very tedious and labor-intensive process, and we didn’t have time to spare. "
TLP1 : Green
Breaches: Data Breaches and Hacks
-
DoorDash Data Breach exposes data of approximately 5 million users
"DoorDash is a San Francisco–based on-demand food delivery service, the company confirmed it has suffered a data breach that exposed roughly 5 million users."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Cisco Patches 13 High-Severity Router and Switch Bugs
"One Cisco bug impacting its 800 and 1000 series routers had a CVSS severity score of 9.9."
TLP1 : Green
-
CVE-2019-11279 Detail
"CF UAA versions prior to 74.1.0 can request scopes for a client that shouldn't be allowed by submitting an array of requested scopes. A remote malicious user can escalate their own privileges to any scope, allowing them to take control of UAA and the resources it controls."
TLP1 : Green
-
CVE-2015-9417 Detail
"The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Texas Prepares to Implement Mandatory Cybersecurity Training for Government Employees
"Preparations are underway in Texas to introduce mandatory annual cybersecurity training for nearly all government employees."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
The State of Malware Analysis: Advice from the Trenches
"What malware analysis approaches work well? Which don't? How are the tools and methodologies evolving? The following discussion—captured as an MP3 audio file—offers friendly advice from 5 malware analysts. These are some of the practitioners who teach the reverse-engineering malware course (FOR610) at SANS Institute:"
TLP1 : Green
-
Russian pleads guilty in massive JPMorgan hacking scheme
"Preet Bharara – former US attorney for the Southern District of New York – has called the 2012-2015 cyberattacks that targeted a dozen American companies, including JPMorgan Chase, “securities fraud on cybersteroids.”"
TLP1 : Green
-
Vimeo sued for storing faceprints of people without their say-so
"You didn’t tell me that you’re collecting and storing my faceprint, you didn’t tell me why or for how long, you didn’t get my written OK to do it, and you haven’t told us how long you’re retaining our biometrics or how we can get you to nuke them, another Illinois resident has said in yet another proposed facial recognition class action lawsuit based on the state’s we’re-not-kidding-around biometrics law."
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.