Highlights from the Security Weekly shows this week, including dealing with personalities and compliance, Windows 10 exploits, alert fatigue in your SoC, security for startups, Windows 10 exploits, Tik Tok backdoors, lottery hacke, 5G (in)security and more!
Visit https://www.securityweekly.com/swn for all the latest episodes!
To learn more about our sponsors visit: The Security Weekly Sponsor’s Page
Win 10 exploit, Tik Tok, Lottery HackerShow Summaries from this week
- On Security and Compliance Weekly, Matt, Scott Lyons, and Josh Marpet talked with Ben Rothke. Ben manages information security at Tapad. this show was focused on all the different personalities you run into when you are doing compliance and audit engagements. From my perspective those include angry people with guns and tasers but maybe it was just me.
- On Enterprise Security Weekly, Paul, John Strang and Matt talked with Markk Orland of Bionic Cyber. The discussion focused on rethinking security operations in the enterprise. Specifically, defenders really struggle with bias, alert fatiugue, turnover, etc. which results in serious problems. Does good security really just mean creating a monitoring team and investing in products? We see this problem over and over so maybe it’s time to rethink some of these approaches.
- Also on Enterprise Security Weekly, a second interview with Ward Cobleigh from VIAVI Solutions focused on VISA security alerts. They talked about the need for ongoing network monitoring and how to react quickly when there are indicators of compromise. I really like the idea that we should focus not just on the fact that an alert happened but how we can start to identify the scope of the breach.
- On Business Security Weekly, Matt, Jason and Paul interviewed Al Ghous from Service Max. The conversation focused on the issues of startup security. Startups are often being run on a small budget with even more limitations on resources that can be dedicated to security hygiene. This creates an issue for the startup as Enterprises may not want to do business with non compliant small firms. Al talks about a framework to empower startups with reasonable security controls and how that can be implemented in the limited budget of startups. That site is security4startups.com.
- On Security Weekly News, Jason’s expert commentary focused on 5G security and the issues surrounding a sort of “rolling” standard for all this since not everyone will be on board on day 1 with any new standard.
- on Paul’s Security Weekly, Paul, Larry, Lee, Jeff, and Tyler had an tech segent with Ryan Speers and Jeff Spielberg from River Loop Security. This segment was about “shifting security left.” This is the data from 10 years finding that it is more expensive to respond to a single vulnerability disclosuer that it is to do an end to end embedded secure design process. Basically, they are looking at how you can start identifying security issues in the development chain (particularly in regards to IoT) since the patching time cycle is so long for firmware. They also began airing the hacker culture roundtable from the xmas show with all the hosts discussing this (and special guests). Definitely worth watching that pre recorded from the now legendary xmas show if you missed it live last year.
- https://news.ycombinator.com/item?id=22048619 — Thomas Pornin did a full analysis of the Windows 10 exploit to explain how this vulnerability works.
- https://thehill.com/policy/cybersecurity/477916-interior-planning-to-halt-use-of-drones-over-concerns-about-chinese-tech — DOI has decided to ban and replace drones made in China by DJI
- https://cyber.dhs.gov/ed/20-02/ — DHS has ordered federal agencies to put patches in place.
- https://medium.com/technicity/serious-back-door-vulnerabilities-spotted-in-tik-tok-e717167a1b80 — Tik Tok has vulnerabilities
- https://cablehaunt.com/ — up to 200 million cable modems could be infected with Cable Haunt.
- https://threatpost.com/trump-slams-apple-for-refusing-to-unlock-suspected-shooters-iphones/151874/ — Apple again refuses to unlock shooters phones, this time in Florida shooting.
- https://nakedsecurity.sophos.com/2020/01/14/lottery-hacker-gets-9-months-for-his-5-cut-of-the-loot/ — hacker gets 9 months in jail for providing brute forcing tools in UK Lottery Hack
- https://www.securitynewspaper.com/2019/12/20/honda-is-hacked-personal-details-of-more-than-976-million-customers-leaked/ — Honda says up to 976 million customer records were possibly leaked.
- https://virsec.com/say-goodbye-to-windows-server-2008-and-hello-to-azure/ — Microsoft is offering Azure cloud based use of server 2008 to replace the end of lifed version.
- https://www.washingtonpost.com/national-security/russian-spies-hacked-ukrainian-gas-company-at-heart-of-trump-impeachment-trial/2020/01/13/db50b2b0-366c-11ea-bb7b-265f4554af6d_story.html — russian spies attack Burisma Holdings
- https://www.bleepingcomputer.com/news/security/nemty-ransomware-to-start-leaking-non-paying-victims-data/ — New ransomware strategy leaks your data to the public a little at a time until you pay the ransom.
- https://www.npr.org/2019/12/30/791190150/california-rings-in-the-new-year-with-a-new-data-privacy-law — CA passes a new GDPR lite type law for privacy
- https://finance.yahoo.com/news/global-cyber-insurance-market-size-190000418.html — Cyber insurance industry will likely be 20+ billion a year by 2025
- https://www.teslarati.com/tesla-model-3-returns-to-pwn2own-hacking-competition/ — Tesla will give you a car if you can hack it.
- Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.