Inside | Real news, curated by real humans
Inside Security

Inside Security (Aug 6th, 2018)

We are trying out a new format for the newsletter today, let me know what you think about it. We highlight a new report showing healthcare-related attacks are on the rise. That is why it always nice when we can share good news, such as this one medical firm who was able to restore its data from backups to fight off a ransomware attack. As I am writing this, I have to take my computer into the shop because of a hard drive failure. I hope to have good news on my own situation tomorrow.

This newsletter is written and curated by David Strom. I live in St. Louis MO and have covered the infosec industry for decades. I also ran editorial operations for various B2B IT publications including Network Computing (USA), Tom’s Hardware and ReadWrite.com’s business websites. You can find me at @dstrom or my personal site.

Finally, we note our editing team: Lon Harris (editor-in-chief at Inside.com, game-master at Screen Junkies), Krystle Vermes (Breaking news editor at Inside, B2B marketing news reporter, host of the "All Day Paranormal" podcast), and Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram).

  • Email gray
  • Permalink gray

1. Microsoft adds web authentication to its Edge browser, so users can login with various credentials other than passwords. It also added improvements to mobile device management tools. It is now available starting with versions 17723 of Windows10. – WINDOWS BLOG

  • Email gray
  • Permalink gray

2. Researchers have found a new wave of phishing emails with malicious attachments targeting primarily industrial companies. The technique has been used for at least three years but only recently discovered. Most of the targets are Russian. The malware used in these attacks installs legitimate remote administration software – TeamViewer or Remote Manipulator System/Remote Utilities. It gains remote control, then attempts to steal funds. – KASPERSKY LAB

  • Email gray
  • Permalink gray

3. Mozilla is introducing a new feature called Trusted Recursive Resolver. Technical details are here. Some analysts think this isn’t good news, because you are trusting Cloudflare to handle all your DNS requests. – UNGLEICH BLOG

  • Email gray
  • Permalink gray

4. According to a new report, the healthcare industry is currently in the early stages of re-evaluating operations with regards to new cyber threats and the integration of AI and IoT systems with life supporting technologies. This mirrors a recent survey conducted by the American Medical Association, who found that 83% of physician's practices have experienced some type of cyber attack.

  • Email gray
  • Permalink gray

5. Tim Leonard is a British IT manager and former hacker who launched and ran an international disinformation campaign. This has provided US President Donald Trump with fake evidence and false arguments to deny that Russia interfered with the 2016 election.  Leonard worked with a group of mainly American right-wing activists on social media.  -- COMPUTER WEEKLY (UK)

  • Email gray
  • Permalink gray

6. This post describes a new Bluetooth bug and how to exploit it. It also shows how the Bluetooth protocol uses the elliptic curve Diffie-Hellman algorithm to agree on a shared secret key for encryption. You’ll need some college math to understand things. – TRAIL OF BITS BLOG

  • Email gray
  • Permalink gray

7. Good news for blockchain users. Hardware wallet developer CoolBitX announced that it has partnered with security software company, MetaCert to shield wallets from fraudulent address schemes. The wallets will show visual indicators that will alert users to potential phishing attacks. – GLOBE NEWS

  • Email gray
  • Permalink gray

8. TCM Bank, a credit card issuer, has suffered a breach. It said a Web site misconfiguration with a third-party supplier exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and July 2018.  – KREBS ON SECURITY

  • Email gray
  • Permalink gray

9. Here are the mergers and funding announcements from last week. 

Cisco will acquire Duo Security, which provides security and authentication cloud services, for $2.35B. It is the networking giant’s first foray into buying an MFA vendor. Management will remain intact.

ZecOps received a $3.5M seed round led by KPN Ventures. They are developing reverse bounties, are based in San Francisco and their CEO is Zuk Avraham.

Hyas received a CN$6.2M A round led by M12. They have security attribution tools, are based in Victoria BC and their CEO is Chris Davis.

  • Email gray
  • Permalink gray

10. Xiaoqing Zheng is an engineer employed by GE. He was arrested by the FBI last week and admitted to using steganography to stealing copies of digital files on the company's turbine technology. -- DAILY GAZETTE (SCHENECTADY NY)

  • Email gray
  • Permalink gray

Yeah, there is that to consider. KEVIN KAY WHO @ TWITTER

  • Email gray
  • Permalink gray

Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 
   
   

Gain cybersecurity expertise from Harvard's VPAL in 8 weeks. Learn More.

HackerOne is the #1 hacker-powered security platform for finding critical vulnerabilities.

 

[YOUR LOGO HERE – click for details]

Subscribe to Inside Security

MORE NEWSLETTERS

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

News, updates, reviews and analysis of industry and consumer trends in the world of streaming

WEEKLY
News, updates, reviews and analysis of industry and consumer trends in the world of streaming

Inside Streaming

WEEKLY

SUBSCRIBED!

Share via

Digging into the Trump Presidency, issue by issue

Inside Trump

Digging into the Trump Presidency, issue by issue

DAILY
Digging into the Trump Presidency, issue by issue

Inside Trump

DAILY

SUBSCRIBED!

Share via

Explaining the business and consumer sides of social media networks

Inside Social

Explaining the business and consumer sides of social media networks

DAILY
Explaining the business and consumer sides of social media networks

Inside Social

DAILY

SUBSCRIBED!

Share via

The present and future of virtual/augmented reality news and technology

Inside VR & AR

The present and future of virtual/augmented reality news and technology

DAILY
The present and future of virtual/augmented reality news and technology

Inside VR & AR

DAILY

SUBSCRIBED!

Share via