Border Control, Russia, & Scams – Paul’s Security Weekly #609

In the Security News, how not to prevent a cyberwar with Russia, the case against knee-jerk installation of Windows patches, U.S. customs and Border Protection data breach is the result of a supply chain attack, and a phishing scam that hacks 2 factor authentication!

Paul’s Stories

  1. 5 Keys to Improve Your Cybersecurity
  2. Censorship vs. the memes
  3. Engineer’s ‘Smart Speaker Firewall’ isolates Alexa devices in a snap
  4. How Not To Prevent a Cyberwar With Russia
  5. A Plan to Stop Breaches With Dead Simple Database Encryption
  6. Antivirus Evasion with Python
  7. The case against knee-jerk installation of Windows patches – Does applying patches as soon as they come out really help today? Some think not: With a few notable exceptions, in the real world, the risks of getting clobbered by a bad patch far, far outweigh the risks of getting hit with a just-patched exploit. Many security “experts” huff and puff at that assertion. The poohbahs preach Automatic Update for the unwashed masses, while frequently exempting themselves from the edict.
  8. Hacker conference speaker axed over abortion views – Jennifer’s comments are very interesting: Jennifer Granick, legal counsel for the American Civil Liberties Union, asked what other views would disqualify someone from speaking at the conference. In a tweet, she asked: “Should Black Hat now ask potential speakers for their views on abortion, or is it fine so long as we don’t know?” Two sides: 1) Are speakers political views criteria for being accepted to speak or not? 2) In this case its not only the person’s views but a documented track record of voting against Women’s rights, therefore justifiable to be asked not to speak at a conference? Also, Jennifer is questioning the access to the information, so as long as we don’t share or publicize our views, thats okay and you can speak regardless of your views?
  9. The Backdoor in your Living Room – Apparently, the code is bad: For the Tizen OS, Amihai Neiderman recently defined that: “It may be the worst code I’ve ever seen,” “Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It’s like taking an undergraduate and letting him program your software.” Uhm, so our new developer is 15 and doing just fine.
  10. Designers built an AI penis detector to protest Googles prudish doodles
  11. Warning Issued For Apple’s 1.4 Billion iPad And iPhone Users
  12. Massive Blackout Leaves Most of Argentina, Uruguay Without Power
  13. How To Test Drive 200+ Linux Distributions Without Ever Downloading Or Installing Them

Jeff’s Stories

  1. Data breach forces medical debt collector AMCA to file for bankruptcy protection
  2. U.S. Customs and Border Protection Data Breach Result of Supply Chain Attack
  3. A Method for Establishing Liability for Data Breaches Make ’em pay!
  4. Personal data of 2.7 million people leaked from Desjardins That’s like, the entire population of Canada

Doug’s Stories

  1. https://www.zdnet.com/article/mozilla-patches-firefox-zero-day-abused-in-the-wild/
  2. https://www.washingtonpost.com/business/2019/06/20/florida-city-will-pay-hackers-get-its-computer-systems-back/?utm_term=.44f823c01712

Lee’s Stories

  1. Phishing scam hacks 2FA Phishing email sends user to fake site, which passes username, password and one-time-token to real site.
  2. XSS Flaw exposes Google employees to attack. Flaw in Google site can be used to attack existing users of system.
  3. US-CERT AA19-168A: Microsoft OS BlueKeep Vulnerability Alert CUSA issues guidance regarding BlueKeep for Windows 2000, Vista, 7, 2003, 2003R2, 2008 & 2008R2.
  4. Google researcher finds weakness in MS SymCrypt Library used for Symmetric encryption on Windows 8 and beyond, flaw results in infinite loop/reboot, trigger able by benign looking X.509 certificate.
  5. Exim worm spreading through Azure Prevent worm spread by updating Exim service to 4.92 on linux.
  6. US Hacks Russian Grid Very difficult to verify as details classified. US Cyber Command reportedly using new powers to establish foothold on Russian Power Grid.
  7. Researcher scrapes 7 million Venmo transactions Make sure your Venmo account is set to private.
  8. A Duie Pyle goes Extra Mile after Ransomware A Duie Pyle went above and beyond to communicate status after Ransomware incident. Failed back to taking orders over the phone.

Full Show Notes

Follow us on Twitter: https://www.twitter.com/securityweekly

Hosts

Lee Neely
Lee Neely – Senior Cyber Analyst , Lawrence Livermore National Laboratory.

Paul Asadorian
Paul Asadorian – CTO, Security Weekly.

Doug White
Doug White – Professor, Roger Williams University.

Jeff Man
Jeff Man – Sr. InfoSec Consultant, Online Business Systems.

 

 

 

 

 

 

Announcements

  • Register for our upcoming webcasts with SaltStack, DomainTools, and LogRhythm by going to securityweekly.com/webcasts. If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
  • Some of you told us that you are overwhelmed by the amount of content we distribute! In an attempt to make it a little easier for you to find what you’re interested in, we’ve created our new listener interest list! Sign up for list and select your interests by visiting: securityweekly.com/subscribe and clicking the button to join the list! You can also now submit your suggestions for guests in our recently released guest suggestion form! Go to securityweekly.com/guests and enter your suggestions!
  • Security Weekly is returning to Vegas this August for BlackHat and DefCon! If you would like to request a briefing or sponsor an interview on-site at BlackHat, please go to securityweekly.com/booking and submit your request!
  • Security Weekly will be at Hacker Halted in Atlanta, GA this October 10th-11th! EC-Council is offering our listeners a 15% discount to sit for any of their Bootcamp Courses or Workshops! Visit Securityweekly.com/hackerhalted to register now!