Security News – Paul’s DigitalMunition #613

In the Security News, a phishing scheme that targets AMEX cardholders, the list of labs affected by the American Medical Collection Agency data breach continues to grow, a Silk Road drug dealer gets caught converting Bitcoin to cash, how GDPR is forcing the tech industry to rethink Identity Management and Authentication, and a Mirai-Like botnet wages massive application layer DDoS attack!

Paul’s Stories

1. How to improve the hiring and retaining of infosec professionals? – Help Net Security
2. Every minute, $2.9 million is lost to cybercrime – Help Net Security
3. Answer These 9 Questions to Determine if Your Data Is Safe
4. Fact vs Fiction: The Truth About Breach and Attack Simulation Tools | SecurityWeek.Com
5. Crypto-Mining Botnet Implements BlueKeep Scanner | SecurityWeek.Com
6. If youre struggling with Windows 10 migration, updates will be an even bigger challenge – Help Net Security
7. Average data breach cost has risen to $3.92 million – Help Net Security
8. InfoSec Handlers Diary Blog – May People Be Considered as IOC?
9. How GDPR is Forcing the Tech Industry to Rethink Identity Management & Authentication
10. When it comes to the IoT, Wi-Fi has the best security
11. How IoT Opens the Door for Insider Attacks Against Industrial Infrastructure | SecurityWeek.Com
12. Picture Perfect: How JPG EXIF Data Hides Malware – OpenDNS Umbrella Blog
13. Mirai-Like Botnet Wages Massive Application-Layer DDoS Attack
14. U.S. Warns of 5G Wireless Network Security Risks | SecurityWeek.Com
15. PKWARE contributing to the development of PCI Security Standards – Help Net Security
16. Kazakhstan Begins Intercepting HTTPS Internet Traffic Of All Citizens Forcefully
17. Security or compliance? Stop choosing between them – Help Net Security
18. Science Fiction Writers Helping Imagine Future Threats – Schneier on Security
19. Rapper Who is Very Concerned with Password Security
20. Security Considerations in a BYOD Culture
21. Programmer from hell plants logic bombs to guarantee future work
22. US Attorney General Says Encryption Creates Security Risk | SecurityWeek.Com

Larry’s Stories

1. APT17 aka DeputyDog has been revealed as an operation of Chinese Ministry of State Security
2. The list of laboratories and other healthcare clients affected by the data breach at American Medical Collection Agency continues to grow – as does the number of patients whose data may have been exposed
3. And the Huawei plot thickens… – Huawei secretly helped North Korea build and maintain its 3G mobile network, potentially breaking US sanctions in the process, a new report has sensationally claimed. A former employee leaked sensitive internal documents to The Washington Post, allegedly revealing a number of projects related to building out 3G in the hermit state. The documents are said to refer to North Korea, and countries like Iran and Syria, by code.

Lee’s Stories

1. Phishing Scheme Targets Amex Cardholders Bougus account update Email used. Malicious URL split in two to avoid filters.
2. Analysis of Elusive MegaCortex Ransomware Attacks Domain Cotroller, installs Cobalt Strike, leverages PsExec to deliver ransomware as winnit.exe.
3. Kazakhstan Government Requires Root Certificate install The Kazakhstan government is requiring all citizens to install their root certificates on system as a protection mechanism, it also allows interception of HTTPS traffic as their certificate will be trusted.
4. Apple Releases multiple updates watchOS 5.3, macOS 10.14.6, Safari 12.1.2, tvOS 12.4, iOS 12.4 (and 10.3.4, 9.3.6 for older devices), iCloud and iTunes also updated.
5. Scientists Find Key to Sending Data Trhough Music: Van Halen Audio Stenography works best with rock music. Encode message (e.g. URL) so human ear cannot decode, but any device with app can.
6. 7.5TB Breach Reveals Secret Russian IT Projects Twitter account @0v1ruS seems to be tied to @D1G1R3V (DigitalRevolution) who is motivated by information freedom in Russia.
7. Equifax, Regulators Close to signing $700M Settlement $700M to settle data breach lawsuits. Options include 6 more years credit monitoring, reimbursement up to $20K, and extended monitoring for affected minors.
8. Silk Road Drug Dealer caught when converting bitcoin to cash Poor operational security choices exposed the blockchain to DHS who traced the Bitcoin origins to Silk Road rather than claimed successful Bitcoin Mining.
9. New Phishing for O365 users Fake login page, which tests credentials immediately using IMAP, plus real error page, which isn’t often done. Mitigation: MFA plus disable legacy protocols such as IMAP/POP.
10. VPN Flaw in Global Connect allows authentication bypass. CVE-2019-1579 allows login to Palo Alto VPN bypassing username/password. While here is a fix, older code still online. 22 servers operated by Uber were identified.

Jeff’s Stories

1. Facebook’s 5 Billion FTC Fine is Just the Start of its Problems
2. Two charged with terrorism over Bulgaria’s biggest data breach
3. Marriott Faces Massive $123 Million GDPR Fine For 2018 Security Breach
4. Louisiana governor declares state emergency after local ransomware outbreak

Full Show Notes: https://wiki.securityweekly.com/Episode613

Visit https://www.securityweekly.com/psw for all the latest episodes!