Inside
Inside Security

Inside Security (Oct 17th, 2017)

David’s Take: Okta CSO interview

I spent some time with the CSO for Okta, Yassir Abousselham. He has worked for E&Y and Google before coming to Okta, and has a lot to say about threat hunting, being more comprehensive in your security assessments, and designing in multiple security layers of protection in your networks. He recommends looking at security tools that can help automate various processes, to ensure that they are done properly, such as automated patching and automated application testing. Given Okta’s role in providing SSO solutions, he was surprised to see that it isn’t universally deployed. You can find my interview here.

-- David Strom, Editor of Inside Security

  • Email gray
  • Permalink gray

Top Story: Infineon RSA key flaw

An encryption code library developed by Infineon has been generating weak and demonstrably hackable keys for more than five years, according to researchers. They will present a paper at the next ACM meeting describing the flaw, and hopefully by then vendors can fix the code involved. It has to do with factoring prime numbers and has wide-ranging consequences, including  compromising national ID cards and the Trusted Platform module found in many desktop computers. Most Yubico keys aren't affected.  – ARS

  • Email gray
  • Permalink gray

Beginner’s corner: Learning about PowerShell exploits

Why do attackers love using PowerShell? Because it's native to many versions of Windows, provides full access to WMI and .Net Framework and can execute malicious code in memory thereby evading many AV tools, not to mention that it lacks logging features. If you aren’t yet familiar with hunting down PowerShell exploits yet, this post will help. – ANOTHER FORENSICS BLOG

  • Email gray
  • Permalink gray

Methods and tools

Speaking of PowerShell, here is a script that can help you discover privileged and shadow admin accounts. Called ACLight, it queries Active Directory and then analyzes the account permissions. – KITPLOIT BLOG

  • Email gray
  • Permalink gray

Not cool: OnePlus collecting customer data on the sly

If you are using a phone from OnePlus, you might want to find another phone. Apparently, it collects all sort of private data on your usage, including what WiFi networks you connect to and other details. A researcher discovered this behavior, and the company has promised that it will provide a fix. However, it will still continue to collect this information, regardless of its customers’ wishes. Ironically, its motto is “Never settle.” -- TECHCRUNCH

  • Email gray
  • Permalink gray

Attacks

A new Adobe Flash exploit called BlackOasis has been observed in the wild by researchers. It is delivered via an infected decoy Office document (shown here) and ultimately drops the FinSpy payload. Adobe issued a patch. It hasn’t hit many targets, but shares code with another exploit found by FireEye last month. -- SECURELIST

  • Email gray
  • Permalink gray

Here is one reporter’s list of the top 12 social media-based attacks of recent memory, including LinkedIn/Vevo, the curious case of Mia Ash, Twitter Counter and Hammertoss. -- ZEROFOX

  • Email gray
  • Permalink gray

Microsoft’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking group variously called Morpho, Butterfly or Wild Neutron. This happened more than four years ago, according to five former employees who were interviewed by Reuters. The flaws were quickly fixed, but information from the database could have used in other exploits. -- REUTERS

  • Email gray
  • Permalink gray

The Docket

The Department of Homeland Security will require all federal agencies to adopt DMARC standards to improve their security profiles. The plan was announced this week at a NYC briefing. – SC MAGAZINE

  • Email gray
  • Permalink gray

Just for fun

If you are a fan of pictures of industrial control rooms from the bygone cold war era, this site has a bunch of them, such as the one here. – PRESENT AND CORRECT BLOG

  • Email gray
  • Permalink gray

Subscribe to Inside Security

MORE NEWSLETTERS

Small x2 screen shot 2016 09 18 at 8.55.07 pm

Inside Retail

The news, trends and tech that is reshaping the rapidly changing world of retail

TWICE WEEKLY
Small x2 1auw39

Inside Retail

TWICE WEEKLY

SUBSCRIBED!

Share via

Small x2 photo

Inside Trump

Digging into the Trump Presidency, issue by issue

TWICE WEEKLY
Small x2 trump

Inside Trump

TWICE WEEKLY

SUBSCRIBED!

Share via

Small x2 screen shot 2016 09 13 at 5.04.07 pm

Inside Amazon

The best source of in-depth news and analysis about Amazon

TWICE WEEKLY
Small x2 giphy 28

Inside Amazon

TWICE WEEKLY

SUBSCRIBED!

Share via

Small x2 screen shot 2017 11 06 at 4.41.56 pm

Inside Streaming

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

WEEKLY
Small x2 gyroscopicilluminatedfigure dec14 1

Inside Streaming

WEEKLY

SUBSCRIBED!

Share via