Weekly InfoSec Roundup 10/27/17

Friday, October 27th, 2017 | by

It was a busy week in InfoSec with KRACK, DUHK, Reaper, Whole Foods and more. Read on for a round-up of the most interesting InfoSec news this week.

 

  • The Week in Crypto: Bad News for SSH, WPA2, RSA & Privacy
  • “Between KRACK, ROCA, new threats to SSH keys, and the European Commission’s loosey-goosey stance on encryption backdoors, it’s been a difficult time for cryptography.”
    Read More
     

  • Hackers are attacking power companies, stealing critical data: Here’s how they are doing it
  • “Hackers are continuing to attempt to gain access to the networks of nuclear power companies and others involved with critical national infrastructure, raising concerns about cyber-espionage and sabotage.”
    Read More
     

  • Nearly 100 Whole Foods Locations Affected by Card Breach
  • “Amazon-owned Whole Foods Market informed customers last week that a recent hacker attack aimed at its payment systems affected nearly 100 locations across the United States.”
    Read More
     

  • After quietly infecting a million devices, Reaper botnet set to be worse than Mirai
  • “A little over a month ago, a sizable botnet of infected Internet of Things devices began appearing on the radar of security researchers. Now, just weeks later, it’s on track to become one of the largest botnets recorded in recent years.”
    Read More
     

  • DUHK Crypto Attack Recovers Encryption Keys, Exposes VPN Connections, More
  • “After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly “great” start with the publication of a new crypto attack known as DUHK (Don’t Use Hard-coded Keys).”
    Read More
     

  • Thirty Percent of CEO Email Accounts Exposed in Breaches: Study
  • “Thirty percent of CEOs from the world’s largest organizations have had their company email address and password stolen from a breached service. Given the continuing tendency for users to employ simple passwords and reuse the same passwords across multiple accounts, the implication is that at least some of these CEOs are at risk of losing their email accounts to cyber criminals or foreign nation state hacking groups.”
    Read More
     

  • New Locky Ransomware Strain Emerges
  • “The latest Locky strain, which began appearing on Oct. 11 and goes by the .asasin extension, is collecting information on users’ computers such as the operating system used, IP address, and other such information, says Brendan Griffin, PhishMe threat intelligence manager.”
    Read More
     

  • Why Patching Software Is Hard: Organizational Challenges
  • “The Equifax breach shows how large companies can stumble when it comes to patching. Organizational problems can prevent best practices from being enforced. In instances like the Equifax breach, it’s understandable to try to assign blame, but the reality is there are many organizational challenges preventing best practices. To solve the problem and not just point fingers, companies should look at the teams and individuals involved with patching and identify potential blockers.”
    Read More
     

  • Bad Rabbit: Ten things you need to know about the latest ransomware outbreak
  • “A new ransomware campaign has hit a number of high profile targets in Russia and Eastern Europe. Dubbed Bad Rabbit, the ransomware first started infecting systems on Tuesday 24 October, and the way in which organisations appear to have been hit simultaneously immediately drew comparisons to this year’s WannaCry and Petya epidemics.”
    Read More
     

  • Cybersecurity and the CFO: Risk, Responsibility and Resilience
  • “You’re the CFO. Your company’s capital structure, the current sentiment of your stakeholders and constantly-evolving economic modeling are all things for you to worry about. You likely know what keeps your fellow executives up at night as well. But what about your organization’s cybersecurity team?”
    Read More
     

  • 3 Steps to reduce risk in your supply chain
  • “Many companies have very limited visibility into their vendors’ security posture — and some may have thousands of vendors. Here are steps that every company should take to lock down their supply chains.”
    Read More
     

  • Industrial Products Also Vulnerable to KRACK Wi-Fi Attack
  • “Some industrial networking devices are also vulnerable to the recently disclosed KRACK Wi-Fi attack, including products from Cisco, Rockwell Automation and Sierra Wireless.”
    Read More
     

  • Brinqa QSC17 Session
  • At the Qualys Security Conference in Las Vegas last week Brinqa Director of Products, Syed Abdur, presented a session about how Brinqa customers are starting their cyber risk efforts by focusing on addressing Vulnerability Management in an effective manner, but through efforts to address critical questions of vulnerability risk or to enhance their programs, developing programs that deliver a much more comprehensive perspective on cyber risk than was originally anticipated.

    See a recording of the session here.


About

Director of Product Management at Brinqa — Passionate about design, travel and good food. When not working can be found hiking, snowboarding or exploring the wonderful city of San Francisco.
More posts by Syed Abdur