The obvious news this week. In case you somehow missed it: a ransom worm was let loose on the world, infecting over 300.000 systems in a few days. This article provides a good overview of what happened.
The attack was based on an SMB exploit out of the NSA leaks. Microsoft had released a patch for this exploit in March, but not everyone had installed the update yet. Because of how serious this was Microsoft even released patches for Windows XP, Windows 8 and Windows Server 2003, which are in theory no longer supported.
A researcher by the alias of MalwareTech was able to effectively trigger a killswitch, stopping propagation of the worm. He writes his story here.
Thanks to MalwareTech we also have a live map of infections, which is just downright cool. And you can also see the total infection count up till now, 300.000 systems, right here.
Dieter Van der Stock
Docusign had their users' e-mail addresses stolen, which were used in a phishing campaign with an e-mail crafted to look like Docusign's. I can tell from first-hand experience that it was a pretty convincing attempt.
Apple released security updates for MacOS, iOS, Safari and others, fixing a total of 66 vulnerabilities.
It was found that HP laptops, through an audio driver from Conexant, log all keystrokes entered in the machine. It doesn't seem intentionally malicious though, but rather a debugging tool.
In a "How was this not a thing yet?" move, Wordpress has set up a bug bounty program on HackerOne.
TL;DR: If you own an Asus RT router, update it.
OpenVPN's security audits found 7 vulnerabilities, out of which one was rated high severity and another medium. All were fixed. The researchers praise OpenVPN's secure development, although they do include some remarks.
Interesting overview of some of the most important HTTP security headers, like HTST, X-Frame-Options and others.
I remain amazed by the concept of malware-as-a-service. This article shows off DiamondFox. Just purchase the software, pick your plugins (keylogger, DDoS, Crypto Wallet Stealer, ...) and watch the dashboard to track your geographical spread and dig down into victim details.
Something I've never given any thought about: security of yachts. Probably not that relevant to any of us, but an interesting read nonetheless :-)
This is a long but interesting read on how security has progressed over the last decades. How crime evolved, how the private industry evolved, cyber warfare and much more.
This newsletter now has a Twitter account \o/
It will tweet out the shared stories during the week after each issue.
Dieter Van der Stock