Inside | Real news, curated by real humans
Inside Security

Inside Security (Aug 19th, 2019)

1. More than 20 local government agencies across Texas were hit with ransomware attacks concurrently over the last several days. State agencies are coordinating the response. The ransomware has been called JSE, which doesn’t stand for anything other than name of the encrypted file extensions. It is an odd strain, since it doesn’t leave any note behind or demand payment for decryption. -- ZDNET

  • Email gray
  • Permalink gray

2. Patch Tuesday was last week, and it ended up making things worse for many Windows users. Microsoft has found and fixed a VB flaw that goes back to Windows 7 and Server 2008. The flaw causes VB-based scripts and macros to report errors. Users should apply this latest update. -- BLEEPING COMPUTER

  • Email gray
  • Permalink gray

3. I have written frequently about the excellent cyber research from Ben Gurion University in Israel, and their latest foray is worth reading. It is a USENIX paper that documents a condition called CrossRouter covert channels. Many home routers create two SSIDs, a protected and encrypted one for residents and an open one for guests. Turns out you can use the open channel to launch attacks and compromise the encrypted one. They surveyed routers from TP-Link, D-Link and Linksys and found they were all vulnerable to at least one attack. -- USENIX (pdf)

  • Email gray
  • Permalink gray

4. Another paper delivered at USENIX is from Google’s research on password reuse. Google has collected telemetry from more than 650,000 users of its Password Checkup Chrome Extension released this April. It found that 1.5 percent of all logins used across the web are vulnerable to credential stuffing attacks due to reused passwords being disclosed in data breaches. About a quarter of the users of the extension have changed their passwords to something stronger as a result of the notifications. -- GOOGLE SECURITY BLOG

  • Email gray
  • Permalink gray

5. Almost everyone travels with a laptop nowadays. Here are seven tips to help keep your cool and your data private in case customs officers demand to see what you’ve got on yours. The tips include preventing automatic logins to your password manager or SSO account, don’t be obstreperous, carry a Chromebook instead of your usual work laptop, and keep as little data as possible on your device. -- CSO ONLINE

  • Email gray
  • Permalink gray

6. Here is one more analysis of Black Hat exhibit vendors, almost half of which are VC-backed. There are some other interesting stats and possible explanations why Israeli firms are under-represented at the show. Two-thirds of last year’s vendors have returned in 2019. “VC-backed vendors who are exhibiting again received their latest VC infusion more recently than those who are not still exhibiting.’ -- KELLY SHORTRIDGE BLOG

  • Email gray
  • Permalink gray

7. Here is another wrap-up article on the Vegas conference sessions that you might have missed. It includes a description of warshipping, zero-interaction mobile hacks, spoofing satnav on self-driving cars and biometric vulnerabilities. -- SECURITY INTELLIGENCE (IBM) 

  • Email gray
  • Permalink gray

8. Understanding how hackers employ lateral movement techniques is an important aspect to any cyber defender. This post describes several different ones, ranging from abuses to PowerShell to named pipes to Service Controller, and should be required reading for red teams. -- HAUSEC BLOG

  • Email gray
  • Permalink gray

10. A U.K. teen taunting police by creating DDoS attacks on their websites was arrested in March and recently sentenced. He will spend 16 months in prison and another five year term under a restraining order.  -- NAKED SECURITY

  • Email gray
  • Permalink gray

This newsletter is written and curated by David Strom. I live in St. Louis MO and have covered the infosec industry for decades. I also ran editorial operations for various B2B IT publications including Network Computing (USA), Tom’s Hardware and ReadWrite.com’s business websites. You can find me at @dstrom or my personal site. Finally, we note our editing team: Kim Lyons (Pittsburgh-based journalist and managing editor at Inside), David Stegon (senior editor at Inside, whose reporting experience includes cryptocurrency and technology), and Bobby Cherry (senior editor at Inside, who’s always on social media).

  • Email gray
  • Permalink gray

Subscribe to Inside Security