Today’s premium story is about the delays in ISPs reporting malware abuses across their networks. If you would like to subscribe and receive this content, it will cost you $10/month for my newsletter or $25/month for unlimited subscriptions to multiple newsletters, with corporate discounts available. The premium stories will have more depth and my analysis, and you will also get your newsletters without any ads. Click on this link here to upgrade your account.
-- David Strom
1. Almost all of the advanced US government weapons systems suffer from a wide collection of security issues. This is the conclusion of a new report from the GAO. “Weapon systems have a wide variety of interfaces, some of which are not obvious, that could be used as pathways for adversaries to access the systems,” the authors state. -- GAO
2. Yet more news on the Chinese spy chips. Another user of hacked Supermicro servers has been reported by Bloomberg, this time a major telecom provider. Their source clarifies the situation in this rebuttal post, while a second source used in the first story issues other clarifications.
Learn about the state of hacker-powered security in a new 2018 study analyzing 78,000+ security vulnerabilities reported to 1,000+ companies. Explore why more and more companies flag critical vulnerabilities in a cost-effective and high-ROI way.
CLICK HERE for the Free Report.
3. Two big mergers were announced this week. First, AppRiver acquired Total Defense, a leading provider of consumer subscription-based endpoint security tools. Terms weren’t disclosed. Also, the investment firm Thoma Bravo is taking Imperva private for $2.1B, which is a third premium over its current stock value. Bravo also owns Barracuda Networks and has minority investments in McAfee and Sailpoint, among other tech companies. Imperva’s annual revenues are more than $300M and they recently acquired Prevoty earlier this summer.
4. A new malware campaign using Ursnif shows enhancements to the banking Trojan. Now it is being used to compromise discussion threads and there are several warning signs, such as switching languages in mid-conversation and verbose signature blocks. The malware looks for email credentials, cookies, and certificates. -- TREND MICRO BLOG
4 ways to improve collaboration on your team today
Our collaboration eBook shows you the four things your team can do right now to improve the way they work together and gives examples of what strong collaborative cultures across industries have in common. You’ll also learn how Dropbox Business can power your team’s best work.
5. Microsoft has joined the Open Invention Network, an open-source patent consortium. It is placing its 60,000 patents into the repository. In the announcement, with perhaps the understatement of the year, a representative stated: “There has been friction in the past between Microsoft and the open-source community over the issue of patents." -- MICROSOFT BLOG
6. Many of the world’s cheap digital video recorders are made by the Chinese vendor Xiongmai. The lack of their interest in device security is appalling, such as having blank admin passwords. -- KREBS ON SECURITY
7. Microsoft has recently fixed a serious zero-day Windows flaw. Called FruityArmor, it would allow privilege escalation and remote code execution. -- SECURITY AFFAIRS (KASPERSKY)
8. Garmin Navionics exposed 19 GB of its customer navigation data thanks to an improperly configured MongoDB storage bucket. The flaw was fixed when they were notified and the company says no data was accessed improperly. -- HACKEN BLOG
9. Here is how Microsoft’s Windows Defender detects fileless malware attacks. The tool relies on the Sharpshooter utility, which has its origins in Google-funded research. MICROSOFT BLOG
10. Speaking of fileless attacks, this post goes into details on how they are constructed. There are three basic techniques, using existing documents, scripts and OS routines to hid their mischief. -- MINERVA LABS BLOG
This isn’t what Josiah Bluetooth intended. While no such person actually existed, Harald “Bluetooth” Gormsson was a ruler of Denmark and Norway who died more than a thousand years ago and was the original namesake used by the technology’s inventors. - XKCD
ISPs need to be more vigilant when it comes to reporting malware issues observed across their networks. In this premium feature, I go into more details from a new report.
This newsletter is written and curated by David Strom. I live in St. Louis MO and have covered the infosec industry for decades. I also ran editorial operations for various B2B IT publications including Network Computing (USA), Tom’s Hardware and ReadWrite.com’s business websites. You can find me at @dstrom or my personal site.
Finally, we note our editing team: Lon Harris (editor-in-chief at Inside.com, game-master at Screen Junkies), Krystle Vermes (Breaking news editor at Inside, B2B marketing news reporter, host of the "All Day Paranormal" podcast), and Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram).