Inside Security | Inside
Inside Security

David Strom's in-depth cybersecurity news and analysis

Today’s premium story is about the latest research on malware beware. If you would like to subscribe and receive this content, it will cost you $10/month for my newsletter or $25/month for unlimited subscriptions to multiple newsletters, with corporate discounts available. The premium stories will have more depth and my analysis, and you will also get your newsletters without any ads. Click on this link here to upgrade your account

-- David Strom


1. Is the DMARC glass two-thirds full or one-third empty? A major milestone for its implementation by federal agencies has prompted posts from various interested parties. The graph shown here shows progress over the past year, although there is still room for improvement. Here is perspective on why DMARC matters. -- PROOFPOINT BLOG


2. A new threat group has been identified and is being called GreyEnergy. It has developed a series of malware modules that can be used to attack critical infrastructure that is more potent and difficult to track down. Its name belies its lineage with the BlackEnergy group that caused Ukraine power blackouts previously. -- WE LIVE SECURITY (ESET)


Subscribe to Inside Security


Many thanks to Inside Security's corporate supporters.  Please go check them out!

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 
   
   

Today’s premium story is about a new phishing study from Cofense. If you would like to subscribe and receive this content, it will cost you $10/month for my newsletter or $25/month for unlimited subscriptions to multiple newsletters, with corporate discounts available. The premium stories will have more depth and my analysis, and you will also get your newsletters without any ads. Click on this link here to upgrade your account

-- David Strom


1. This week all major browsers have announced they are ending support for TLS v1.0 and 1.1 come July 2020. These versions make use of the outdated SHA-1 and MD5 algorithms. That leaves v1.2 as the default method, which is supported by vast majority of current sites and users. -- THE HACKER NEWS


2. The use of malware droppers is becoming more common. They are used to gain initial access to the victim’s PC and then they automatically deploy more complex payloads. Here is a description of how one of them called Kilences works and how it removes existing cryptominers. -- ALERTLOGIC BLOG


Learn about the state of hacker-powered security in a new 2018 study analyzing 78,000+ security vulnerabilities reported to 1,000+ companies. Explore why more and more companies flag critical vulnerabilities in a cost-effective and high-ROI way.

CLICK HERE for the Free Report. 


3. There is an issue with the libssh C libraries that support the SSH protocols.The bug has to do with an authentication bypass trick.  Here is the security announcement. There are at least two thousand servers that need upgrading, and you can download libssh v0.8.4 or v0.7.6 here


4. Researchers have detected a near-400% increase in crypto-mining malware attacks against iPhones. The surge was seen in the last two weeks of September. The attacks used the Coinhive mining malware tool. -- CHECKPOINT


Gain cybersecurity expertise from Harvard's VPAL in 8 weeks.

Learn to identify the cybersecurity vulnerabilities threatening your most valuable business systems and assets, and prepare your business to mitigate the chance of cyberattacks. Learn more.  


5. The Security Industry Association has identified its 2019 megatrends here. Heading the list are the relationship of physical to cyber security, IoT security, and cloud security.


6. This post describes how a brute-force password attack occurs. There are some solid suggestions on how to prevent one, such as using MFA and limiting password retries. -- VARONIS BLOG

7. This is an excellent start to a series on how to assemble your own security awareness program. (Here is part 1 and part 2). While the author is from Cofense, a vendor of such offerings, it contains great information that you can use to set up your own program.

8. The free version of the pen test Burp suite can be enhanced with many free extensions. This post describes a few of the more useful ones. -- PEERLYST FORUM (reg. req.)

9. Anthem will pay a total of $16M in fines for its 2015 breach when 79M individuals’ records were exposed online.  -- HELPNET SECURITY

10.The New York state attorney general's office estimates that up to 9.5M comments were submitted using stolen identities to a net neutrality bill. They have subpoenaed records from various telecom companies. -- ARS


Very true comment. -- JASON HALLOWEEN NAME @ TWITTER


In today’s premium feature, we discuss how you can track malware authors by their writing style.

Content for premium users only

Learn about the state of hacker-powered security in a new 2018 study analyzing 78,000+ security vulnerabilities reported to 1,000+ companies. Explore why more and more companies flag critical vulnerabilities in a cost-effective and high-ROI way.

CLICK HERE for the Free Report. 


3. If you are a remote worker, here are some solid tips. Communicate often, take care when using Wi-Fi, understand your data consumption and ownership, and boost your authentication processes. -- TECHRADAR


4. A known exploit chain has been modified to push the Agent Tesla malware. It uses an infected Word RTF which avoids triggering any detection from common antivirus products. -- CISCO TALOS BLOG


Gain cybersecurity expertise from Harvard's VPAL in 8 weeks.

Learn to identify the cybersecurity vulnerabilities threatening your most valuable business systems and assets, and prepare your business to mitigate the chance of cyberattacks. Learn more.  


5. Here are the past week's funding events.

StrongKey received a $10M A funding round to help with its rebranding from StrongAuth. They have a security appliance business and are based in San Francisco. Their CEO is Jake Kiser.

Acorus Networks received a $5.75M funding round led by Elaia Partners. They are based in Paris and have cloud-based DDoS protection and their CEO is Benjamin Schilz.

Paladin Cyber received a $3.6M funding led by Lightbank and based in San Francisco. They have an integrated cyber insurance and risk protection product. Their CEO is Han Wang.

Demisto received a $43M funding round led by Greylock Partners and are based in Silicon Valley. They have a SOC managment tool and their CEO is Slavik Markovich.

Mission Secure received a $8M A funding round led by Energy Innovation Capital and are based in Houston. They have a SCADA security control product and their CEO is David Drescher.

Shujinko received a $2.8M seek funding round led by Vulcan and are based in Seattle. They have an auditing and compliance tool. Their CEO is Scott Schwan.

CybelAngel received a $12M funding round led by Serena Capital and are based in Paris. They have a threat management tool and their CEO is Erwan Keraudy.

Nyotron received a $10M funding round led by Ingram Micro. They have behavioral endpoint security tools, are based in Silicon Valley and their CEO is Sagit Manor.

Garrison Technology received a $30.2M funding round led by Dawn Capital. They have a secure browser, are based in London and their CEO is David Garfield


6. Instagram has become the latest darling for attracting botnet rental customers. Criminals are using ads on the service in a brazen attempt to gain business. -- CORERO BLOG

7. It is time to think like a hacker if you are going to properly defend your networks. Learn how they establish a foothold and do their internal reconnaissance to boost your protection. -- ESECURITY PLANET

8. A sixth of EU organizations are unprepared for the next cyber breach. And more than a third of them have experienced a recent attack, too. -- IRISH TECH NEWS

9. Here are some suggestions from IBM’s X-Force running cyber-ranges. Consider corporate culture, don’t count on playbooks exclusively, and train your leadership. -- SECURITY INTELLIGENCE (IBM)

10. The Scottish Ambulance Service suffered a data breach last week. Staff phone numbers were made public, but not any health records. -- TRIPWIRE


Many thanks to Inside Security's corporate supporters.  Please go check them out!

 

Endgame

Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more

 

Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more

 

[YOUR LOGO HERE – click for details]
 
   

Gain cybersecurity expertise from Harvard's VPAL in 8 weeks. Learn More.

HackerOne is the #1 hacker-powered security platform for finding critical vulnerabilities.

load more stories