Inside Security | Inside
Inside Security

David Strom's in-depth cybersecurity news and analysis

Today’s premium story is about the growing concern over new rules for the WHOIS database and ICANN’s role in helping law enforcement. If you would like to subscribe and receive this content, it will cost you $10/month for my newsletter or $25/month for unlimited subscriptions to multiple newsletters, with corporate discounts available. The premium stories will have more depth and my analysis, and you will also get your newsletters without any ads. Click on this link here to upgrade your account.  

-- David Strom


1. The North Korean state-sponsored hacking team Lazarus has reported stolen $571M in equivalent bitcoins. Most of the thefts began as phishing campaigns. Here are the latest details about their exploits. -- THE NEXT WEB


2. Multiple vulnerabilities have been found by researchers within the Arcserve Unified Data Protection software. These can open backdoors into the product. Arcserve has published patches. -- DIGITAL DEFENSE BLOG


Subscribe to Inside Security


Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 
   
   

1. An eight-year-old plugin for the jQuery library has been actively exploited for several years. It is the File Upload widget and could allow an attacker to upload arbitrary files to web servers. The problem was caused by a change introduced in Apache 2.3.9 back then. The issue can affect thousands of apps that use the library. -- ZDNET


2. The embedded OS called FreeRTOS has several vulnerabilities, according to a researcher. This OS is used in a wide variety of IoT devices, including pacemakers and cars. They involve remote code execution, data leaks and other flaws. Amazon is managing the OS now and patches are available for v1.3.2.  -- ZIMPERIUM BLOG


Gain cybersecurity expertise from Harvard's VPAL in 8 weeks.

Learn to identify the cybersecurity vulnerabilities threatening your most valuable business systems and assets, and prepare your business to mitigate the chance of cyberattacks. Learn more.  


Gain cybersecurity expertise from Harvard's VPAL in 8 weeks.

Learn to identify the cybersecurity vulnerabilities threatening your most valuable business systems and assets, and prepare your business to mitigate the chance of cyberattacks. Learn more.  


3. This article describes who are the potential spear phishing targets. It provides details on some of the more successful lures and why they so often work. -- HELP NET SECURITY   


4. A ten-year-old data breach at Yale is being litigated after it was only discovered earlier this year. The breach hit an estimated 119,000 Yale alumni, faculty and staff.  -- SECURITY TODAY


It’s Hacktoberfest! Join DigitalOcean, GitHub and Twilio in celebrating open source and earn limited-edition swag. Learn more.


5. HoneyProcs is a new deception methodology from Juniper. It takes honeynets to a new level and uses forged decoy processes to catch info stealers and other malware. -- JUNIPER LABS


6. Two notable security-related mergers recently: First, eSentire announced the acquisition of Versive. Then Rapid7, who acquired Metasploit several years on this date announced it acquired tCell.io, Inc., for its RASP applications. Terms weren’t disclosed on either events.

7. Real-world telemetry from industrial networks shows unpatchable Windows systems, firmware with open access, and other IoT vulnerabilities. -- CYBERX REPORT (reg. req.)

8. The UK supermarket chain Morrison’s lost its latest appeal about damages resulting from a data leak from a malicious insider. They have one more appeal left in a higher court. -- INFOSECURITY MAG

9. An academic study, from Indiana University researchers, about password complexity has found that the higher the prescribed minimum length of a password, the lower the likelihood that it would be reused on another site. -- ACADEMIC PRE-PRINT

10. Here are some great suggestions on how to use MITRE’s ATT&CK red-team framework to improve your defensive posture. I wrote an article for CSOonline that describes the tool for beginners. -- MALCOM VETTER @ MEDIUM


Well, I am usually a morning person. -- SWIFT ON SECURTY @ TWITTER


This newsletter is written and curated by David Strom. I live in St. Louis MO and have covered the infosec industry for decades. I also ran editorial operations for various B2B IT publications including Network Computing (USA), Tom’s Hardware and ReadWrite.com’s business websites. You can find me at @dstrom or my personal site.

Finally, we note our editing team: Lon Harris (editor-in-chief at Inside.com, game-master at Screen Junkies), Krystle Vermes (Breaking news editor at Inside, B2B marketing news reporter, host of the "All Day Paranormal" podcast), and Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram).


3.Funding news of the week. 

Hoxhunt received a $2.9M funding round led by Dawn Capital. The company is based in Helsinki and does automated phishing training. Their CEO is Mika Aalto.

Canary received a $25M funding round led by Smartfrog. The company is based in NYC and does smart home security systems.

Kindite received a $4M seed funding round led by RDC. The Israeli company does cloud encryption services. Their CEO is Maor Cohen.

Valid Network Partners raised a $2M seed funding round led by Jerusalem Venture Partners. The Israeli company has a blockchain-based security tool. Their CEO is Kfir Nissan.

White Source Software raised a $35M funding round led by Susquehanna Growth Equity. The open source security company is based in NYC and led by Rami Sass.

Disrupt Ops raised a $2.5M funding round led by Rally Ventures. They are based in Phoenix and have a SOC service. They were spun out of Securosis and are led by Jody Brazil.


4. Apple has created a new privacy portal where you can download your data and correct it. The portal has been available for EU users since this summer, last week it expanded to US and other users around the world. You can select from more than a dozen different Apple services, including iCloud photos and emails. Requests can take a week to compile. -- APPLE PRIVACY PORTAL


It’s Hacktoberfest! Join DigitalOcean, GitHub and Twilio in celebrating open source and earn limited-edition swag. Learn more.


5. The Live555 streaming library has a remote code execution vulnerability. This is used in VLC and other streaming media players. There is a patch available. -- CISCO TALOS BLOG


6. Beware of emails with subject lines promising relief from hurricane Michael. These could be phishing lures, with infected PDF attachments. The enclosed malware is being loaded from Azure servers to make it appear more legit. -- PROOFPOINT BLOG

7. This post connects how old code from Chinese hacking group Comment Crew is being reused. The new campaign has been dubbed Operation Oceansalt and it stitches together five different code fragments for a powerful new threat vector. -- THREATPOST

8. A new malware dropper called Godzilla is documented in this post. It is cheaper than the more popular Emotet dropper and just gaining traction. -- CHECKPOINT RESEARCH BLOG

9. The broker portal for Healthcare.gov was hacked. It is called the Federally Facilitated Exchanges. Private data from 75,000 users was leaked. The server was shut down and repairs are underway. -- SECURITY AFFAIRS

10. Eight different adult websites had their email subscriber lists leaked last week and were shuttered. The sites include wifeposter and wifelover (dot com). The lists contain more data which is still being researched. -- ARS


Looking for a digital equivalent of the recent self-shredding Banksy art work? Look no further than here. -- COMMAND LINE MAGIC @ TWITTER


Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 
   
   

Gain cybersecurity expertise from Harvard's VPAL in 8 weeks. Learn More.

HackerOne is the #1 hacker-powered security platform for finding critical vulnerabilities.

 

[YOUR LOGO HERE – click for details]

load more stories