Things I Hearted this Week, 23rd March 2018

March 23, 2018  |  Javvad Malik

This week has been dominated by the Cambridge Analytica – Facebook debacle. So, let’s just skip all of that and jump right into the security news that you may have missed.

Stealing IP

We often hear of intellectual property being stolen by competitors. However, it’s not too common to hear of IP being stolen from an IT Security vendor.

Malwarebytes suspected a company called CyberByte was using its IP to augment its AV engine. So, laid a subtle honey-trap to validate its theory.

What I like about this story is how honey words / tokens / pots can be used in a relative simple and low-tech manner to catch someone with their hand in the virtual cookie-jar.

Uber Self-Driving Car Strikes and Kills Arizona Woman

An Uber self-driving car has struck and killed a woman pedestrian in Tempe, Arizona, the company revealed.

Information Security Misconceptions

I thought I’d slip a self-promotional link in here for an article I wrote for CSO Online.

Channelling my inner Billy Bragg, isn't it fair to say that nobody knows nothing anymore? I'm not just talking about the press -- although sloppy security reporting is far too common, and unfailingly gets my goat. What about people in the inside of the industry?

AWS S3 leaky bucket of the week

This week's misconfigured AWS S3 bucket award goes to Walmart jewellery partner MBM for exposing 1.3m customers.

DNS Poisoning and how to prevent it

Much of what we know now about DNS, address protocol, and packet priority is being redefined with the recent 'Net Neutrality' legislation. Instead of becoming a party to the hoopla that is partisan politics surrounding THAT issue, let me assure you there are many different mitigation strategies for not only securing your own network against DNS poisoning, but also working towards a harmonious kum-by-ah solution that in the end, may end up resolving (pun intended) the DNS plight. So, let's silence the alerting system, and get down to what DNS poisoning is, why it's still around, and one of the best ways to solve it.

What a 100-year-old idea can teach us about cybersecurity

We are vulnerable not just because of the increasing sophistication of hackers, who are today as likely to be well-funded criminal organizations or governments as petty thieves or amateurs out for the thrill of defacing a Web site. Nor is the greatest threat the development of new offensive tools such as quantum computers, which might soon be powerful enough to crack today’s most widely used cryptographic ciphers. The biggest problem is that our basic approach to cyber security is flawed.

Romanian hacktivist GhostShell says computers on Indian infrastructure have security holes

The Romanian hacktivist, who goes by the name GhostShell, has shared a list of more than 46 vulnerable SCADA systems with their IP addresses and port numbers installed across India.

“The SCADA industry is facing a crisis all over the world nowadays because these types of systems don’t have any type of security implanted into them, meaning that anyone with a client for the respective protocol can login to the servers and either do espionage by logging the traffic or cause significant damage. For example the tools/clients can be found everywhere online,” said GhostShell who feels that such vulnerabilities should be fixed or patched to prevent them from being hacked.

The average SMB website is attacked 44 times per day

As the cyberthreat landscape continues to expand and grow more sophisticated, small and medium-sized businesses (SMBs) are at an increased risk of falling victim to cyber attacks, often due to a lack of resources to combat threats. In Q4 2017, the average SMB website was attacked 44 times per day, according to a new report from security firm SiteLock.

Orbitz says hacker stole two years' worth of customer data (about 880k payment cards)

Travel booking website Orbitz has been hacked, the company said.

The site, now owned by Expedia, confirmed in a statement that it "identified and remediated a data security incident affecting a legacy travel booking platform."

According to the statement, the company found evidence in March that an attacker had access to the company's legacy systems between October and December last year. It was during that time the hacker accessed customer data from the previous two years -- between January 2016 and December 2017 -- which included names, dates of birth, postal and email addresses, gender, and payment card information.

Facebook – Cambridge Analytica

Remember at the top when I said I wasn’t going to talk about the week’s biggest news, I lied. Well, here are just some interesting links and commentary for your reading pleasure.

Share this with others

Featured resources



2024 Futures Report

Get price Free trial