Inside | Real news, curated by real humans
Inside Security

Inside Security (Nov 14th, 2018)

Today’s premium story is about various trips down memory lane of significant past events in computer security. If you would like to subscribe and receive this content, it will cost you $10/month for my newsletter or $25/month for unlimited subscriptions to multiple newsletters, with corporate discounts available. The premium stories will have more depth and my analysis, and you will also get your newsletters delivered without any ads. Click on this link here to upgrade your account.  

As I mentioned last week, I am publishing four newsletters this week, including today. For next week’s schedule, I will publish on Monday, Tuesday and Wednesday.

-- David Strom

  • Email gray
  • Permalink gray

1. Seven new variations in Spectre and Meltdown have been discovered by the original research team. The classification diagram shows which are new and which are already reported. Intel claims existing mitigations are adequate enough protection, a claim refuted by the researchers. -- ACADEMIC PRE-PRINT (PDF)

  • Email gray
  • Permalink gray

2. Nordstrom was hit with a new breach last month. This one targeted employee data, both current and past ones. It happened thanks to a contractor’s mistake. Here is the chain’s notification page, with helpful hints. -- SEATTLE TIMES

  • Email gray
  • Permalink gray

Find out what motivates developers to contribute to open source and what barriers prevent others from doing the same.

Get the report.

3. The annual Pwn2Own hacking contest happened earlier this week in Tokyo. It is put on by Trend Micro’s Zero-Day Initiative to find new vulnerabilities. The first day saw $225,000 in prize money awarded, and the second day saw $105,000 in prizes awarded. Various mobile phones were easily hacked by participants.  

  • Email gray
  • Permalink gray

4. Bad bots make up a fifth of traffic to online airline websites, according to a new report. They conduct “seat spinning” (holding a seat without any purchase), unauthorized content scraping, and takeover of loyalty program accounts. -- DISTIL NETWORKS (PDF)

  • Email gray
  • Permalink gray

What’s the ideal work environment for your personality?

Employees should be empowered to work where, when, and however they are most productive. Maybe you’re meant to work remotely. Maybe you’re destined for your own corner office.

Curious what the ideal work environment is for your personality?

Take the quiz to find out.

5. Here are some tips to prevent your users from downloading phony and malicious smartphone apps. The post by my colleague Mike Elgan also reviews some of the more pernicious recent examples of how these apps operate. -- SECURITY INTELLIGENCE (IBM)

  • Email gray
  • Permalink gray

6. A new state-sponsored hacking team has been identified by researchers. Called The White Company, it has targeted Pakistani government agencies and its malware goes through numerous obfuscation steps. -- CYLANCE THREAT VECTOR BLOG

7. Researchers developed a proof of concept compromise that infects Word documents with malicious embedded videos. -- TREND MICRO BLOG

8. Want to watch a live cyberattack as it happens? You have two opportunities. Tune in tomorrow at 11am ET to watch this live DDoS attack in this webinar. Also, you can tune in  tomorrow at 1pm ET for this webinar, showing what a defender has to do to neutralize a more general attack. Both will be available for replay if you miss them.

9. Beware of “secret sister” chain emails. The holiday-themed scams mimic popular office secret Santa gift-giving efforts; just delete them. -- MALWAREBYTES BLOG

10. A comparison of biometric authentication platforms has found OneSpan superior amongst 12 vendors evaluated. -- JAVELIN STRATEGY

  • Email gray
  • Permalink gray

Several looking-back articles appeared this week in advance of the traditional year-end reviews. In this premium edition, I link to them and provide my own commentary.

Content for premium users only

This newsletter is written and curated by David Strom. I live in St. Louis MO and have covered the infosec industry for decades. I also ran editorial operations for various B2B IT publications including Network Computing (USA), Tom’s Hardware and ReadWrite.com’s business websites. You can find me at @dstrom or my personal site.

Finally, we note our editing team: Lon Harris (editor-in-chief at Inside.com, game-master at Screen Junkies), Krystle Vermes (Breaking news editor at Inside, B2B marketing news reporter, host of the "All Day Paranormal" podcast), and Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram).

  • Email gray
  • Permalink gray

Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 

Find out why Global Leaders are trusting HackerOne to test and secure their mission-critical applications

 
   

[YOUR LOGO HERE – click for details]

Subscribe to Inside Security

MORE NEWSLETTERS

The present and future of virtual/augmented reality news and technology

Inside VR & AR

The present and future of virtual/augmented reality news and technology

DAILY
The present and future of virtual/augmented reality news and technology

Inside VR & AR

DAILY

SUBSCRIBED!

Share via

Financial, legislative, agricultural, and all the other most important news about the cannabis industry

Inside Cannabis

Financial, legislative, agricultural, and all the other most important news about the cannabis industry

DAILY
Financial, legislative, agricultural, and all the other most important news about the cannabis industry

Inside Cannabis

DAILY

SUBSCRIBED!

Share via

Essays and musings from Inside.com founder Jason Calacanis

The Jason Calacanis Newsletter

Essays and musings from Inside.com founder Jason Calacanis

WEEKLY
Essays and musings from Inside.com founder Jason Calacanis

The Jason Calacanis Newsletter

WEEKLY

SUBSCRIBED!

Share via

Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

Fascinating, curious and amazing journalism, all in one link.

DAILY
Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

DAILY

SUBSCRIBED!

Share via