From Paul's Security Weekly
- InfoSec Handlers Diary Blog - Here is a sample that I spotted two days ago. It’s an interesting one because it’s a malware that implements ransomware features developed in Node.js! The stage one is not obfuscated and I suspect the script to be a prototype or a test…
- Hacking Git Directories - First, make sure your build process is not deploying this folder. Second, configure your web server not to serve files from the .git directory, ever. Do both, then build a test to make sure someone has not opened this exposure. This is a well-known and basic security hygiene thing.
- Critical Citrix Bug Puts 80,000 Corporate LANs at Risk - No details yey, but: Digital workspace and enterprise networks vendor Citrix has announced a critical vulnerability in the Citrix Application Delivery Controller (ADC) and Citrix Gateway. If exploited, it could allow unauthenticated attackers to gain remote access to a company’s local network and carry out arbitrary code execution.
- The Coolest Hacks of 2019 - My favorite from this list: Researcher Matthew Wixey calls them acoustic cyber weapons: the PWC UK researcher wrote custom malicious code that forces Bluetooth and Wi-Fi-connected embedded speakers to emit painfully high-volume sound or even high intensity and inaudible frequency sounds that can possibly produce destructive sound levels to the speakers - and to the ear.
- 2020 Cybersecurity Trends to Watch - I hate slide shows in posts. This article is not all that useful. What are we watching? What is a trend?
- 7 Tips for Maximizing Your SOC - Perhaps the best advice: Analysts and managers make a hard job harder when they conceal operational failures, fail to disclose known vulnerabilities or create a dishonest organizational culture. Instead, make your SOC a place where employees can be honest about what they find without worrying about getting fired. And incorporating automation and security analysis software into places in your SOC where human failures commonly occur can greatly improve its overall operational efficiency and effectiveness.
- The Most Dangerous People on the Internet This Decade - This is mostly a political post. I worry about dangerous people on the Internet who are smart enough not to be on anyone's list.
- Ethics and Encryption
- Mysterious Drones are Flying over Colorado - Schneier on Security - “There are many theories about what is going on, but at this point, that’s all they are,” he said. “I think we are all feeling a little bit vulnerable due to the intrusion of our privacy that we enjoy in our rural community, but I don’t have a solution.”
- Critical Vulnerabilities Impact Ruckus Wi-Fi Routers | SecurityWeek.Com - They comprise three different remote code execution (RCE) exploit possibilities built from information and credentials leakage, authentication bypass, command injection, path traversal, stack overflow, and arbitrary file read/write. The researchers examined the firmware of 33 different Ruckus access points and found them all to be vulnerable. Although the devices examined were from the Ruckus Unleashed stable, Zror told SecurityWeek, "I believe the same issues will affect the Ruckus regular routers and other Ruckus devices. Without pre-authentication," he continued, "I can run my own code on those devices. The implication is that I can upload my own malware into the router, and manipulate all the router activity, as I wish. From there I can access any other network, including the corporate network, that may be connected or may also use Ruckus devices."
- Cisco DCNM Users Warned of Serious Vulnerabilities | SecurityWeek.Com