10 things you need to know today: October 17, 2019

1.

The House voted overwhelmingly on Wednesday to condemn President Trump’s decision to withdraw U.S. forces from northern Syria, which cleared the way for Turkey to launch its offensive against Syrian Kurds who fought alongside U.S. troops against the Islamic State. The bipartisan rebuke was approved 354 to 60 in a rare break with Trump by most House Republicans. "Today we make clear that the Congress is a coequal branch of government and we want nothing to do with this disastrous policy," said Rep. Eliot Engel (D-N.Y.). The vote came as Vice President Mike Pence and Secretary of State Mike Pompeo headed to Ankara, Turkey, to press Turkish President Recep Tayyip Erdogan to accept a ceasefire. [The New York Times]” data-reactid=”12″>The House voted overwhelmingly on Wednesday to condemn President Trump’s decision to withdraw U.S. forces from northern Syria, which cleared the way for Turkey to launch its offensive against Syrian Kurds who fought alongside U.S. troops against the Islamic State. The bipartisan rebuke was approved 354 to 60 in a rare break with Trump by most House Republicans. “Today we make clear that the Congress is a coequal branch of government and we want nothing to do with this disastrous policy,” said Rep. Eliot Engel (D-N.Y.). The vote came as Vice President Mike Pence and Secretary of State Mike Pompeo headed to Ankara, Turkey, to press Turkish President Recep Tayyip Erdogan to accept a ceasefire. [The New York Times]

Improving Site Isolation for Stronger Browser Security

Posted by Charlie Reis, Site Isolator

The Chrome Security team values having multiple lines of defense. Web browsers are complex, and malicious web pages may try to find and exploit browser bugs to steal data. Additional lines of defense, like sandboxes, make it harder for attackers to access your computer, even if bugs in the browser are exploited. With Site Isolation, Chrome has gained a new line of defense that helps protect your accounts on the Web as well.

ISC Releases Security Advisories for BIND

The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to obtain sensitive information.

Corelight Raises $50 Million in Series C Funding Led by Insight Partners and Accel

Corelight was founded by Dr. Vern Paxson (a Professor of Computer Science at UC Berkeley and Chief Scientist at Corelight), Robin Sommer (CTO) and Seth Hall (Chief Evangelist) to deliver network visibility solutions for cybersecurity built on an open source framework called Zeek (formerly Bro). Paxson began developing Zeek in 1995 when he was working at Lawrence Berkeley National Laboratory (LBNL). The software is now widely regarded as the gold standard for both NSM and network traffic analysis (NTA) and has been deployed by thousands of organizations around the world.

Snapchat goes after retailers and DTC brands with new Dynamic Ads

Snap today is announcing a new kind of advertising product, Dynamic Ads, that will help it to better attract ad dollars from retail, e-commerce, and other direct-to-consumer brands — a group that today thrives on Instagram. With Dynamic Ads, advertisers can now automatically create ads in real-time based on extensive product catalogs that may contain hundreds of thousands of products. These ads are then served to Snapchat users based on their interests using a variety of templates provided by Snap.

Our Embedded Engineer Andrea Molino was one of the speakers at the National Cryptography Association ”De componentis cifris ”

On 14 October 2019, a member of our team, Eng. Andrea Molino, gave a speech at the event ”La De Cifris incontra Torino” , organized by De Componendis Cifris and held at Politecnico in Turin. The event was focused on successful advancements in cryptography research and applications. The initiative involved several experts from academic institutions and business operating in the cryptography sector. The main goal was fostering cooperation between those who work in the Italian crypto domain.

Graboid: Revenge of the Worms

This week saw news of self-propagating worms in the container landscape to perform unsanctioned computation tasks such as cryptojacking. This blog post is intended for Qualys customers and partners to understand how such container attacks work, provide security best practice recommendations & walkthrough related Qualys product portfolio functionality.