Issue 121

Breaches and leaks

  • Zillow: a real-estate website, had an attacker manipulate the estimated price on a giant mansion in Bel-Air, dropping its price by $60mil and announcing an open house. The owners aren't too pleased.
  • Elsevier: the generally quite disliked paywall-for-science-papers company had a Kibana server where passwords would stream by in plain text.
  • A new batch of user credentials of six companies has been put on sale, by the same hacker who previously sold over 840 million user records: link.
  • Someone hacked into the tornado sirens of two Texan towns and set them off in the middle of the night: link.

Ransomware forces aluminum manufacturing giant to shut down network worldwide

This made enough headlines to warrant a separate item. Norwegian aluminum giant Norsk Hydro was infected with the LockerGoga ransomware. Their world-wide network is down, plants are operating on manual mode, and their 35.000 employees are told not to turn on their computers or connect to the Wi-fi. The attackers told them to e-mail them if they wanted to know the ransom amount, but Norsk Hydro says they are going to rebuild from backups.

Slack hands over control of encryption keys to regulated customers

If you're an Enterprise customer, and you pay an extra fee, you can start managing your own keys through the AWS' Key Management Service. They dive deeper into how it was designed here.

Lithuanian man pleads guilty to stealing $100 million From Google, Facebook

I often remember this news story, and it's worth bringing up again now that the court case is happening. The attacker registered a company with the same name as a hardware supplier for Facebook and Google, and then faked invoices and contracts to trick them into wiring $122 million to him.

Over 100 exploits found for 19-Year old WinRAR RCE bug

Remember that Winrar remote-code execution bug from a few weeks back? Well it turns out it's being exploited on a pretty large scale. So if you use Winrar, make sure you update to the latest version.

Trello gets 13 new enterprise features to improve team security

A lot of additional management options on teams, sharing and security. Might be worth checking out if you use Trello extensively.

Microsoft releases Application Guard extension for Chrome and Firefox

It's currently only available on Windows Insider builds, but I can imagine it being useful to some in the future. It allows certain whitelisted sites in Chrome and Firefox to be used, but when you visit a non-whitelisted site it opens that site in Edge, sandboxed in its own container.

Beto O’Rourke’s secret membership in America’s oldest hacking group

It's not actionable security news, but hey, it's fun. Turns out that this presidential candidate was part of Cult of the Dead Cow, one of the most well-known hacker groups of old.

These are the top ten security vulnerabilities most exploited by hackers

An interesting overview into what vulnerabilities are being most preyed upon. All of them from Microsoft, since they have the largest attack surface, say one from Adobe. All can be fixed by applying patches, but we all know there's plenty of work to do on that.

Newsletter highlight: Elixir digest

If you're into Elixir, as I see more and more people are, you might want to check this out. Another clean, minimal weekly digest by Jakub.


1Password for Teams and Business

As always I'm extremely grateful to 1Password for supporting the newsletter. If you have passwords or secure notes to share with your colleagues, I highly recommend you give them a try.