News
Hi everyone,
I have decided to take a break from writing the newsletter. As much as I enjoy reading and writing about infosec, I want to be more selective about where I dedicate my time and focus, and the newsletter didn't make the top of the list right now. I'm not certain if I'll restart it in the future, we'll see :-)
Some notes:
- I will never sell the newsletter or the list of e-mails it has gathered.
- The website, securitynewsletter.co, will stay online with the archive of previous issues.
- Big shout out to 1Password and Uptycs for being incredibly supportive sponsors. Thank you!
- If, down the line, I start some other non-newsletter project and you want to know when that happens, you can leave your e-mail address here. I won't spam the newsletter for something like that. Or you can just follow me on Twitter I guess :-)
If you want other places to catch up on news, I can recommend:
- Zack's weekly newsletter on security
- Clint's tl;dr sec newsletter
- Brian Krebs
- bleepingcomputer.com
- ZDNet
- Motherboard/Vice
That's it! I hope you enjoy this issue. Keep fighting the good fight :-)
Cheers,
Breaches and leaks
- Over a billion records belonging to CVS Health exposed online: link.
- South Korea's Nuclear Research agency hacked using VPN flaw: link.
- REvil ransomware hits US nuclear weapons contractor: link.
- Fertility clinic discloses data breach exposing patient info: link.
- Poland blames Russia for breach, theft of Polish officials' emails: link.
- Audi, Volkswagen customer data being sold on a hacking forum: link.
- Carnival Cruise hit by data breach, warns of data misuse risk: link.
Inside the market for cookies that let's hackers pretend to be you
This is just a fascinating follow up to the EA breach, and blew my mind a bit. It turns out that there are markets where you can not only buy a cookie that gets you access to some Slack or Okta account, but you can also essentially clone an entire browser from a compromised target. If anyone in your organisation is unknowingly part of a botnet, the attacker can just "become them" and have all the access that that person has. All nice and user friendly, and a great extra income stream for botnet operators. Incredible.
Open-source security: Google has a new plan to stop software supply chain attacks
Google released an "end to end framework" to stop supply chain attacks. Definitely a worthy cause. Right now it's just a set of guidelines, but it'll be interesting to see if it evolves into something more. See also Google's own blogpost: link.
NATO: Series of cyberattacks could be seen as the same threat as an armed attack
It sure is a fine line, but I'm glad to see that cyberattacks are taken more seriously.
Discovery of Simps Botnet leads To ties to Keksec Group
Uptycs' threat research team has discovered a new Botnet named ‘Simps’, attributed to Keksec group and primarily focussed on DDOS activities. It even comes with its own Discord server, Youtube channel and Instagram account to showcase its capabilities. (Sponsored)
Criminals are mailing altered Ledger devices to steal cryptocurrency
This is damn bold, but I can absolutely see it paying off for the criminals.
Apple releases emergency update for older iPhones and iPads
This is just awesome, and should happen far more consistently across far more vendors. I've had to decommission way too many devices that were still in perfect working order just because they were EOL'd.
Stripe launches Stripe Identity, an identity verification tool for online businesses
This is one to keep an eye on. I'm sure we'll see a lot more need for proper identification flows over the years, and I for one trust Stripe a whole lot more to do it properly than just any random company that wants to verify who I am.
Most firms face second ransomware attack after paying off first
The stats seem high to me, but either way, may it serve as a great reminder that you better have everything in order before you prove to the attackers that you're a target that pays up.
How does one get hired by a top cybercrime gang?
Pretty fascinating write-up of the recruitment flows that they employ.
1Password: Awesome password manager with, for me, the best UX
First of all: please use a password manager. Since you're a subscriber here I'm pretty sure you already do, but just in case. Second: if you're not using 1Password yet, give them a try. I've been using them for many years professionally and migrated my personal Vault over two years ago. The experience was super smooth, and I haven't looked back ever since. (Sponsored)