This week has been dominated by the Cambridge Analytica – Facebook debacle. So, let’s just skip all of that and jump right into the security news that you may have missed.
Stealing IP
We often hear of intellectual property being stolen by competitors. However, it’s not too common to hear of IP being stolen from an IT Security vendor.
Malwarebytes suspected a company called CyberByte was using its IP to augment its AV engine. So, laid a subtle honey-trap to validate its theory.
What I like about this story is how honey words / tokens / pots can be used in a relative simple and low-tech manner to catch someone with their hand in the virtual cookie-jar.
- CyberByte steals Malwarebytes’ intellectual property | Malwarebytes
Uber Self-Driving Car Strikes and Kills Arizona Woman
An Uber self-driving car has struck and killed a woman pedestrian in Tempe, Arizona, the company revealed.
Our hearts go out to the victim’s family. We’re fully cooperating with @TempePolice and local authorities as they investigate this incident.
— Uber Comms (@Uber_Comms) March 19, 2018
- Uber Self-Driving Car Strikes and Kills Arizona Woman | Bleeping Computer
Information Security Misconceptions
I thought I’d slip a self-promotional link in here for an article I wrote for CSO Online.
Channelling my inner Billy Bragg, isn't it fair to say that nobody knows nothing anymore? I'm not just talking about the press -- although sloppy security reporting is far too common, and unfailingly gets my goat. What about people in the inside of the industry?
- Information Security Misconceptions | CSO Online
AWS S3 leaky bucket of the week
This week's misconfigured AWS S3 bucket award goes to Walmart jewellery partner MBM for exposing 1.3m customers.
DNS Poisoning and how to prevent it
Much of what we know now about DNS, address protocol, and packet priority is being redefined with the recent 'Net Neutrality' legislation. Instead of becoming a party to the hoopla that is partisan politics surrounding THAT issue, let me assure you there are many different mitigation strategies for not only securing your own network against DNS poisoning, but also working towards a harmonious kum-by-ah solution that in the end, may end up resolving (pun intended) the DNS plight. So, let's silence the alerting system, and get down to what DNS poisoning is, why it's still around, and one of the best ways to solve it.
- DNS Poisoning and How To Prevent It | AlienVault
What a 100-year-old idea can teach us about cybersecurity
We are vulnerable not just because of the increasing sophistication of hackers, who are today as likely to be well-funded criminal organizations or governments as petty thieves or amateurs out for the thrill of defacing a Web site. Nor is the greatest threat the development of new offensive tools such as quantum computers, which might soon be powerful enough to crack today’s most widely used cryptographic ciphers. The biggest problem is that our basic approach to cyber security is flawed.
- What a 100-year-old idea can teach us about cybersecurity | World economic forum
Romanian hacktivist GhostShell says computers on Indian infrastructure have security holes
The Romanian hacktivist, who goes by the name GhostShell, has shared a list of more than 46 vulnerable SCADA systems with their IP addresses and port numbers installed across India.
“The SCADA industry is facing a crisis all over the world nowadays because these types of systems don’t have any type of security implanted into them, meaning that anyone with a client for the respective protocol can login to the servers and either do espionage by logging the traffic or cause significant damage. For example the tools/clients can be found everywhere online,” said GhostShell who feels that such vulnerabilities should be fixed or patched to prevent them from being hacked.
- Romanian hacktivist GhostShell says computers on Indian infrastructure have security holes | Factor Daily
The average SMB website is attacked 44 times per day
As the cyberthreat landscape continues to expand and grow more sophisticated, small and medium-sized businesses (SMBs) are at an increased risk of falling victim to cyber attacks, often due to a lack of resources to combat threats. In Q4 2017, the average SMB website was attacked 44 times per day, according to a new report from security firm SiteLock.
- The average SMB website is attacked 44 times per day | Tech Republic
Orbitz says hacker stole two years' worth of customer data (about 880k payment cards)
Travel booking website Orbitz has been hacked, the company said.
The site, now owned by Expedia, confirmed in a statement that it "identified and remediated a data security incident affecting a legacy travel booking platform."
According to the statement, the company found evidence in March that an attacker had access to the company's legacy systems between October and December last year. It was during that time the hacker accessed customer data from the previous two years -- between January 2016 and December 2017 -- which included names, dates of birth, postal and email addresses, gender, and payment card information.
- Orbitz Hack May Have Compromised 880,000 Credit Cards | Bloomberg
- Orbitz says hacker stole two years' worth of customer data | ZD Net
- Hackers steal banking & personal data of 800,000 Orbitz customers | Hack Read
Facebook – Cambridge Analytica
Remember at the top when I said I wasn’t going to talk about the week’s biggest news, I lied. Well, here are just some interesting links and commentary for your reading pleasure.
- Shut up about Facebook | Anti-social Engineer
- The Facebook Brand | Stratechery
- Why we’re not calling the Cambridge Analytica story a ‘data breach’ | Motherboard
- Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach | Guardian
- Cambridge Analytica Debacle -The Definition Of Breach | AlienVault
