Inside Security | Inside
Inside Security

David Strom's in-depth cybersecurity news and analysis

Today’s premium story is about protecting your websites against injections and defacements, which are on the rise. If you would like to subscribe and receive this content, it will cost you $10/month for my newsletter or $25/month for unlimited subscriptions to multiple newsletters, with corporate discounts available. The premium stories will have more depth and my analysis, and you will also get your newsletters without any ads. Click on this link here to upgrade your account.  

Today’s edition has lots of fakery going on: phony reviews, phony tax refund emails, and more. And very real funding and merger events of the past week. -- David Strom


1. Bahrain government officials are targets of spear phishing attacks. Researchers found the Bondupdater Trojan being used by OilRig group to hide their malware campaigns. -- UNIT 42 (PALO ALTO NETWORKS)


2. Models of 17 different Honeywell handheld computers were found vulnerable to a privilege escalation bug. The machines run various Android versions. Honeywell has released a security update and urges all users to install it. -- HOTFOR SECURITY


Subscribe to Inside Security


Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 
   
   

I interview Brian NeSmith, the CEO of Arctic Wolf, in this blog post. He has a lot to say about the differences between SOC-as-a-service (what his current company offers) and MSSPs. NeSmith also ran a couple of other security and networking companies in the past. Today’s premium story is about a new exploit that hurts all versions of Windows since 7.

If you would like to subscribe and receive this content, it will cost you $10/month for my newsletter or $25/month for unlimited subscriptions to multiple newsletters, with corporate discounts available. The premium stories will have more depth and my analysis, and you will also get your newsletters without any ads. Click on this link here to upgrade your account. — David Strom


1. A researcher has figured out a simple way to crash iOS devices by exploiting a new CSS command called Backdrop-filter. Apple confirmed the issue, but does not have a fix yet. -- SABRI @ TWITTER


2. Researchers have found a new exploit in Chrome browsers called Evil Cursor that prevents users from closing a tab. The hack injects code that replaces the “x” icon for closing that window. Google is aware of the issue. It is just one of numerous techniques being used by phony tech support “technicians.” -- MALWAREBYTES BLOG


4 ways to improve collaboration on your team today

Our collaboration eBook shows you the four things your team can do right now to improve the way they work together and gives examples of what strong collaborative cultures across industries have in common. You’ll also learn how Dropbox Business can power your team’s best work.

Download now


3. The Town of Midland Ontario’s computers have been hit by ransomware and been offline since the beginning of the month. Officials are negotiating with the hackers over payment to restore their systems. -- CTV NEWS (CANADA)


4. An Italian court has ruled that writing fake reviews, under a fake identity, is a criminal offense and the perp has been sent to jail. The author was running a real business selling fake reviews in bulk that were posted on TripAdvisor. The site describes their investigation here. -- NAKED SECURITY


Build better, faster applications with DigitalOcean’s all-in-one cloud platform for developers.

Start today with a $100 credit.


5. The biggest story is the acquisition of BeyondTrust by Bomgar. The combined company will be called BeyondTrust. Both of them have privileged access and identity management tools that will be combined in some fashion. Financial data wasn’t disclosed.

Sysdig announced a $68.5M D round led by Insight Venture Partners. Based in San Francisco, they do cloud and container security. They are led by Suresh Vasudevan.

Scythe announced a $3M funding round led by Ron Gula and others. They are based in the DC area and have an attack simulation platform. Their CEO is Bryson Bort.

Hdiv Security announced a $1M funding round led by Adara Ventures. They are based in Spain and have a real-time web apps protection product. Their CEO is Roberto Velasco.

Secure Code Warrior raised $3.5M in initial funding, led by Paladin Capital. They are based in Sydney Australia and do secure devops. Their CEO is Pieter Danhieux.


6. Fake UK Revenue and Customs emails are making the rounds. Don’t fall for this phishing lure of a tax refund. -- MALWAREBYTES

7. There is yet another malicious Excel attachment, this time using the TrickBot malware. Beware of documents that come labeled “internal only.” -- MYONLINE SECURITY (UK)

8. If you are interested in learning more about the Decoy File System, check out this blog series. It can be used as part of other cyber deception tactics to protect against attacks by setting up isolated security domains. -- SECURITY INTELLIGENCE BLOG (IBM)

9. Researchers have found that cat phishing is on the rise. Never heard the term? Hint, it is all about exploiting love across the interwebs. -- THE ANTI-SOCIAL ENGINEER

10. He is a computer systems analyst by day who hunts for Russian Trolls by night. He was profiled here about his laudable volunteer efforts to try to rid the Internet of their efforts. -- INDY STAR


Please don’t tap the glass, nerds at work.   -- FACEBOOK


Today's websites are very complex pieces of code and sadly, the bad guys have been exploiting this complexity in what is called script injection techniques. Defacements are also on the rise, as this research shows. 

Content for premium users only

This newsletter is written and curated by David Strom. I live in St. Louis MO and have covered the infosec industry for decades. I also ran editorial operations for various B2B IT publications including Network Computing (USA), Tom’s Hardware and ReadWrite.com’s business websites. You can find me at @dstrom or my personal site.

Finally, we note our editing team: Lon Harris (editor-in-chief at Inside.com, game-master at Screen Junkies), Krystle Vermes (Breaking news editor at Inside, B2B marketing news reporter, host of the "All Day Paranormal" podcast), and Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram).


4 ways to improve collaboration on your team today

Our collaboration eBook shows you the four things your team can do right now to improve the way they work together and gives examples of what strong collaborative cultures across industries have in common. You’ll also learn how Dropbox Business can power your team’s best work.

Download now


3. There are bugs in Alpine Linux’s package manager, which is often used with Docker. One creates a man-in-the-middle scenario where arbitrary code can be injected. You should upgrade to the latest release. -- JUSTICZ BLOG


4. It has been a year since the NSA Eternal Blue hacking tools were stolen and used in various exploits. This post takes a look back, and showcases how it is still potent and active across the world. -- TECHCRUNCH


Build better, faster applications with DigitalOcean’s all-in-one cloud platform for developers.

Start today with a $100 credit.


5. Researchers have found a new ransomware variant called PyLocky. It poses as Locky but is something else entirely and written in Python, as its name implies. It has been hitting European sites this summer. -- TREND MICRO BLOG


 

Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 

[YOUR LOGO HERE – click for details]
 
   




 

load more stories