Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Life after lockdown: Your office job will never be the same–here’s what to expect

A near-future look at what office life may become, according to changes make at the offices of property company Cushman-Wakefield.  When you return to the office everything will look very different, and that’s just the beginning of a set of changes to how and why we work in offices.

Open source libraries a big source of application security flaws

How many vulnerabilities lurk inside the open source libraries that today’s developers happily borrow to build their applications?  This is where a majority of software vulnerabilities come from in the development process.

Apple sends out 11 security alerts – get your fixes now!

Apple’s current round of updates have been officially announced in the company’s latest Security Advisory emails.

Insurance Company Hires Hacker for Corporate Espionage: Is It Legal?

If you’ve purchased life insurance, you may have decided on a policy with the help of their technology. Compulife and NAAIP are direct competitors in a niche industry: they both generate life insurance quotes for brokers who sell insurance. And court documents reviewed by SecureWorld News reveal that one of the companies hired a hacker to get inside information and propriety code used by its competitor. Judge James Randal Hall, of the Eleventh Circuit U.S. Court of Appeals, explains in his recent decision: “There’s nothing easy about this case. The facts are complicated, and the governing law is tangled. At its essence, it’s a case about high-tech corporate espionage… Read more

Windows 10 adds new security and privacy features in May update

Windows 10 release 2004 is out, with a slew of new features, including several updates to its security and privacy.

NSA Releases Advisory on Sandworm Actors Exploiting an Exim Vulnerability

Original release date: May 28, 2020

The National Security Agency (NSA) has released a cybersecurity advisory on Russian advanced persistent threat (APT) group Sandworm exploiting a vulnerability—CVE-2019-10149—in Exim Mail Transfer Agent (MTA) software. An unauthenticated remote attacker can use this vulnerability to send a specially crafted email to execute commands with root privileges, allowing the attacker to install programs, modify data, and create new accounts.

Although Exim released a security update for the MTA vulnerability in June 2019, Sandworm cyber actors have been exploiting this vulnerability in unpatched Exim servers since at least August 2019 according NSA’s advisory, which provides indicators of compromise and mitigations to detect and block exploit attempts.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators and users to upgrade to the latest version of Exim and review NSA’s Advisory: Exim Mail Transfer Agent Actively Exploited by Russian GRU Cyber Actors and Exim’s page on CVE-2019-10149 for more information.

Hacker posts database stolen from Dark Net free hosting provider DH

Some 7,600 dark-web sites were obliterated in an attack on the most popular provider of .onion free hosting services, Daniel’s Hosting.

Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion

An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico’s top tourist destinations disrupted their highly profitable business, which raked in an estimated $1.2 billion and enjoyed the protection of top Mexican authorities.  Read more…

For much more on this investigation, check out OCCRP’s multi-part series, How a Crew of Romanian Criminals Conquered the World of ATM Skimming.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.