CounterTack, Phishing Attacks, and Who Uses Flash? – Paul’s Security Weekly #563

In the Security News this week, Google Chrome has a critical vulnerability, Flash has another zero-day exploit, Colorado passes “most stringent” breach notification law, hackers hack a plane from the ground.

Paul’s Suggested Stories

  1. Is Your SOC Flying Blind? – Is Your SOC Flying Blind?
  2. Further Down the Trello Rabbit Hole Krebs on Security
  3. Update Google Chrome Immediately to Patch a High Severity Vulnerability
  4. Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI
  5. Federal Agencies Face an Uphill Battle in Cyber-Preparedness
  6. VPNFilter Update – VPNFilter exploits endpoints, targets new devices
  7. Microsoft Just Put a Data Center on the Bottom of the Ocean
  8. Amazon and eBay pull ‘hack risk’ smart toys
  9. New Colorado Breach Notification Rules Signed Into Law
  10. Cisco fixes critical bug that exposed networks to hackers | ZDNet
  11. Flash zero-day exploit. Act now!
  12. In Case You Are Wondering, Sex With Robots May Not Be Healthy
  13. Insider attack resistance
  14. What happens if IoT security doesnt get solved?
  15. Researcher Succesfully Hacked In-Flight Airplanes – From the Ground

Matt’s Stories

  1. CounterTack adds advanced managed security services with GoSecure acquisition

Jeff’s Stories

  1. For you history buffs – check out a recounting of Eligible Receiver 97: A Wake-Up call

Jason’s Stories

  1. Oh the irony! When cybercriminals are rubbish at cybersecurity
  2. Container ships easy to hack, track, send off course and even sink, security experts say

Doug’s Stories

https://hackercombat.com/three-state-departments-impacted-no-data-compromised-in-rhode-island-malware-incident/

State Agencies are particular targets for phishing. This was described as a “generic phishing attack”

https://www.darkreading.com/analytics/i-for-one-welcome-our-robotic-security-overlords/a/d-id/1331934 — The return of Dixie Flatline and correlation of data via ai.

https://threatpost.com/ticketfly-major-concert-venues-still-offline-after-hack/132436/

http://www.hackwolrdwide.com/ticket-seller-ticketfly-is-the-victim-of-a-data-breach/technology-hacking/2018/

Defaced by IsHaKdz and asked for 7500 ransom. Happened on 31 May and breached 26 million accounts. WordPress.

https://www.darkreading.com/attacks-breaches/vpnfilter-poses-broader-threat-than-first-thought-endpoints-at-risk-too/d/d-id/1331982

— Even more devices at risk from VPNFilter. They have added ASUS, Huawei, D-link, and ZTE.

Subscribe to YouTube Channel