This posting is here to collect cyber security news in November 2019.
I post links to security vulnerability news to comments of this article.
If you are interested in cyber security trends, read my Cyber security trends 2019 posting.
You are also free to post related links.
117 Comments
Tomi Engdahl says:
New Google Chrome Security Alert: Update Your Browsers As ‘High Severity’ Zero-Day Exploit Confirmed
https://www.forbes.com/sites/daveywinder/2019/11/01/new-google-chrome-security-alert-update-your-browsers-as-high-severity-zero-day-exploit-confirmed/
The October 31 disclosure from Google confirmed that the “stable channel” desktop Chrome browser is being updated to version 78.0.3904.87 across the Windows, Mac, and Linux platforms. This urgent update will start rolling out “over the coming days/weeks,” according to Google. Unlike recent Windows 10 security alerts advising not to install an update, Chrome users should ensure they do install this one.
Tomi Engdahl says:
Encrypted web traffic now exceeds 90%
https://netmarketshare.com/report.aspx?options=%7B%22filter%22%3A%7B%7D%2C%22dateLabel%22%3A%22Custom%22%2C%22attributes%22%3A%22share%22%2C%22group%22%3A%22secure%22%2C%22sort%22%3A%7B%22share%22%3A-1%7D%2C%22id%22%3A%22https%22%2C%22dateInterval%22%3A%22Monthly%22%2C%22dateStart%22%3A%222019-10%22%2C%22dateEnd%22%3A%222019-10%22%2C%22segments%22%3A%22-1000%22%7D
Tomi Engdahl says:
[Alert] ClamAV 0Day Exploit Dropped itw by Unknown
0Day PrivEsc. in Clam AntiVirus, an open-source antivirus engine for Linux based systems. Exploit dropped in the wild.
https://pastebin.com/cfP7X89m
Note:- PoC only works when JIT is enabled and ClamAV is compiled with it from v0.97.0 to 0.100.2. The bug is also present in 0.102.0 latest.
Tomi Engdahl says:
Chinese users attack Notepad++ app after ‘Free Uyghur’ release
https://www.zdnet.com/article/chinese-users-attack-notepad-app-after-free-uyghur-release/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5dba32458021ed000132c72b&utm_medium=trueAnthem&utm_source=facebook
Notepad++’s GitHub issue tracker flooded with pro-Chinese and anti-western messages. Anti-Chinese activists are fighting back with their own spam and attacks on the Beijing regime.
Tomi Engdahl says:
DNS-over-HTTPS Is The Wrong Partial Solution
https://hackaday.com/2019/10/21/dns-over-https-is-the-wrong-partial-solution/
The idea of also encrypting DNS requests isn’t exactly new, with the first attempts starting in the early 2000s, in the form of DNSCrypt, DNS over TLS (DoT), and others. Mozilla, Google, and a few other large internet companies are pushing a new method to encrypt DNS requests: DNS over HTTPS (DoH).
DoH not only encrypts the DNS request, but it also serves it to a “normal” web server rather than a DNS server, making the DNS request traffic essentially indistinguishable from normal HTTPS.
And in comparison to DoT, DoH centralizes information about your browsing in a few companies: at the moment Cloudflare, who says they will throw your data away within 24 hours, and Google, who seems intent on retaining and monetizing every detail about everything you’ve ever thought about doing.
Tomi Engdahl says:
New PHP7 bug CVE-2019-11043 can allow even non-technical attackers to take over servers.
Nasty PHP7 remote code execution bug exploited in the wild
https://www.zdnet.com/article/nasty-php7-remote-code-execution-bug-exploited-in-the-wild/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5db4ec698021ed0001327898&utm_medium=trueAnthem&utm_source=facebook
New PHP7 bug CVE-2019-11043 can allow even non-technical attackers to take over servers.
Exploiting the bug is trivial, and public proof-of-concept exploit code has been published on GitHub earlier this week.
ONLY NGINX SERVERS AFFECTED
Fortunately, not all PHP-capable web servers are impacted. Only NGINX servers with PHP-FPM enabled are vulnerable. PHP-FPM, or FastCGI Process Manager
Tomi Engdahl says:
This aggressive IoT malware is forcing Wi-Fi routers to join its botnet army
Gafgyt has been updated with new capabilities, and it spreads by killing rival malware.
https://www.zdnet.com/article/this-aggressive-iot-malware-is-forcing-wi-fi-routers-to-join-its-botnet-army/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5dbaf0108021ed000132d25e&utm_medium=trueAnthem&utm_source=facebook
Tomi Engdahl says:
NordVPN users’ passwords used in credential-stuffing attacks
Ars Technica: NordVPN had a second wave of headlines this week after its breach last month. This time, a number of users’ credentials have been found in several Pastebin posts used in credential stuffing attacks.
[https://arstechnica.com/information-technology/2019/11/nordvpn-users-passwords-exposed-in-mass-credential-stuffing-attacks/](https://arstechnica.com/information-technology/2019/11/nordvpn-users-passwords-exposed-in-mass-credential-stuffing-attacks/)
Tomi Engdahl says:
Microsoft Users Hit with Phishing Kits Hosted on Thousands of Domains
https://www.bleepingcomputer.com/news/security/microsoft-users-hit-with-phishing-kits-hosted-on-thousands-of-domains/
Microsoft’s users were the most targeted by phishing campaigns among the top targeted brands with attackers using thousands of domains specifically registered to be used for harvesting credentials from their targets.
6,035 domains were used to host 120 phishing kit variants according to Akamai’s 2019 State of the Internet / Security Report
Overall, Microsoft, PayPal, DHL, Dropbox, DocuSign, and LinkedIn were the top targets for phishers throughout this year in the attacks Akamai’s researchers detected.
Tomi Engdahl says:
Sites are using Audio Fingerprinting (no permissions needed) to track users.
Fingerprinting is a way of identifying users based on one or more set of unique device characteristics. Along with Canvas fingerprinting, Audio fingerprinting takes advantage of device performance specs to build up an identifying fingerprint of a user. The problem is it does not need to take any permission from the users and works on all browsers and can be used to track users across browsers.
Demonstration (test your own audio fingerprint): [https://audiofingerprint.openwpm.com](https://audiofingerprint.openwpm.com/)
Dustin says:
https://vpnpro.com/blog/nordvpn-security-breach-between-fact-and-fiction/ About the breach and all that fuss
Tomi Engdahl says:
NSA Cybersecurity Boss Anne Neuberger on What Keeps Her Up at Night
At WIRED25, the NSA’s Anne Neuberger talked election security, low-orbit satellites, and weaponized autonomous drones
https://www.wired.com/story/anne-neuberger-national-security-agency-wired25/
Tomi Engdahl says:
Researchers hack Siri, Alexa, and Google Home by shining lasers at them
MEMS mics respond to light as if it were sound. No one knows precisely why.
https://arstechnica.com/information-technology/2019/11/researchers-hack-siri-alexa-and-google-home-by-shining-lasers-at-them/
Siri, Alexa, and Google Assistant are vulnerable to attacks that use lasers to inject inaudible—and sometimes invisible—commands into the devices and surreptitiously cause them to unlock doors, visit websites, and locate, unlock, and start vehicles, researchers report in a research paper published on Monday. Dubbed Light Commands, the attack works against Facebook Portal and a variety of phones.
Shining a low-powered laser into these voice-activated systems allows attackers to inject commands of their choice from as far away as 360 feet (110m). Because voice-controlled systems often don’t require users to authenticate themselves, the attack can frequently be carried out without the need of a password or PIN.
Tomi Engdahl says:
Hackers Claim ‘Any’ Smartphone Fingerprint Lock Can Be Broken In 20 Minutes
https://www.forbes.com/sites/daveywinder/2019/11/02/smartphone-security-alert-as-hackers-claim-any-fingerprint-lock-broken-in-20-minutes/amp
Chinese hackers have demonstrated how, they say, any fingerprint scanner can be beaten using equipment costing $140 (£108) and an app that analyzes a photograph of your print.
The hackers work as part of the X-Lab security research team at a Chinese company called Tencent. They demonstrated their fingerprint hacking methodology at the GeekPwn 2019 conference in Shanghai.
Tomi Engdahl says:
Despite the warnings, they were running Windows 95 and what was expected happened: the virus rolled over the Berlin Court of Appeal, will not be up until 2020.
The Berlin Court of Appeal was hit by a devastating virus attack. As a result, the court had to disconnect all its computers. The virus got bitten badly and destroyed files over decades.
Experts had already demanded the abolition of the program based on the Windows 95 operating system in 2017. The report prepared by the consulting firm “Accenture Operations” note under the keyword “risks”: “Unsupported software and operating systems are a serious security risk.” The conclusion of the investigation continues: “Please do not wait any longer! Budget and support a comprehensive transformation program. ”
https://www.tagesspiegel.de/berlin/experten-warnten-schon-2017-it-katastrophe-am-berliner-kammergericht-kam-mit-ansage/25163810.html
https://www.tivi.fi/uutiset/varoituksista-huolimatta-kaytossa-windows-95-ja-nainhan-siina-sitten-kavi-virus-jyrasi-berliinin-hovioikeuden-paasee-pystyyn-vasta-2020/d97c5ef8-5251-40ab-8b8a-517f0a19883d
Tomi Engdahl says:
Emotion recognition was the crime prevention buzz-phrase at China’s largest surveillance tech expo held in Shenzhen, according to Financial Times correspondent Sue-Lin Wong.
https://m.9gag.com/gag/aj59y8R?ref=fb.s
https://www.ft.com/content/68155560-fbd1-11e9-a354-36acbbb0d9b6
Tomi Engdahl says:
Hackers could control Alexa with a cheap laser. The only real defense is to keep your devices out of sight of your windows
.Amazon Alexa Can Be Hacked By A Laser From 100 Meters — Is It Time To Hide Your Echo?
http://on.forbes.com/61881z86g
Amazon Alexa—as well as home devices from Google and Apple—can be tricked into carrying out actions with a laser pointed at their microphones.
Tomi Engdahl says:
“Encryption is not a technology that can be bypassed sometimes. It either works or it doesn’t. Saying that there should be a way to weaken it for only specific people in specific situations is a lot like saying, “you should leave a key under the mat to your front door, just in case there’s an emergency and the police need to come in.” That sounds great in theory, but what bad guy wouldn’t think to look under the mat, take the key, and create the bad situation in the first place?”
Owning Your Keys: The Technical and Human Side of Encryption
https://www.internetsociety.org/blog/2019/11/owning-your-keys-the-technical-and-human-side-of-encryption/
Efforts to weaken encryption threaten our ability to keep our most vulnerable communities safe online. As the best tool available to protect our digital security, encryption helps ensure that data and messages are kept private and make it much more difficult for outside parties to get access to sensitive information. Encryption helps ensure that your digital bank transactions are secure, your passwords are kept safe, and your stored data can’t be accessed by any unintended parties.
This security tool protects all Internet users, but it is critical for vulnerable communities.
We’ve already seen what can happen when security is weakened. Take the TSA luggage lock, which has become a favorite example of why “exceptional access” for law enforcement doesn’t always pan out as planned. These locks were supposed to only allow verified TSA agents to access the contents of your suitcase, but after an agent posted a picture of a key online, people copied it and made it readily available for purchase or to 3D print. The agent made an understandable mistake that probably seemed harmless at first. But that’s the problem. We’re human, and we make mistakes. When it comes to security, those mistakes can have huge impacts on all of us
Over the last several years, there has been a debate in the United States and around the world about the use of encrypted technologies. Many technologists, academics, manufacturers, civil society, and others have long fought to ensure devices and software are as secure as possible through encryption. However, some individuals, particularly those in government or law enforcement, have argued that there are times when actors – such as themselves – may need to bypass this critical security measure.
But there’s a problem with that. Encryption is not a technology that can be bypassed sometimes. It either works or it doesn’t.
Tomi Engdahl says:
SecDef: China Is Exporting Killer Robots to the Mideast
https://www.defenseone.com/technology/2019/11/secdef-china-exporting-killer-robots-mideast/161100/
Tomi Engdahl says:
https://thehackernews.com/2019/11/ring-doorbell-wifi-password.html?fbclid=IwAR1ygUYPiArdR_lQmIQg78tW9GVpzJEbszB9hBWtwivjo1hBBp5cXc3G50k&m=1
Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon’s Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network
Tomi Engdahl says:
Xiaomi, Amazon Echo, Sony & Samsung Smart TVs pwned at Pwn2Own
https://www.hackread.com/pwn2own-xiaomi-amazon-echo-sony-samsung-smart-tvs-pwned/
Tomi Engdahl says:
Riot Games’ Millionaire Founder Defrauded In $5 Million Amazon Cloud Cryptocurrency Mining Scam, DOJ Says
http://on.forbes.com/61881zoBa
Tomi Engdahl says:
“A UK ISP called Mozilla an “[internet villain](https://www.zdnet.com/article/uk-isp-group-names-mozilla-internet-villain-for-supporting-dns-over-https/)” for its plans to roll out DoH, and a Comcast-backed lobby group has been caught [preparing a misleading document about DoH](https://www.vice.com/en_us/article/9kembz/comcast-lobbying-against-doh-dns-over-https-encryption-browsing-data) that they were planning to present to US lawmakers in the hopes of preventing DoH’s broader rollout.”
Tomi Engdahl says:
It was long thought that large-scale censorship on decentralized networks like Russia, United States, India and the United Kingdom was prohibitively difficult.
Thus exhaustive study of Russia’s censorship infrastructure shows that that is not the case.
https://censoredplanet.org/russia
Russian government is gradually building national-level censorship policies on thousands of ISPs using commodity DPIs, a trend that we fear other countries with similar topological structure will follow.
we confirm that Russia is succeeding at building a national censorship apparatus out of commodity equipment (i.e., inexpensive DPIs). This raises alarm and confirms that there is neither a need for a government-run technical choke points with several layers of complexity nor major government investment, as seen by the Chinese GFW, to achieve synchronized and homogeneous nationally restrictive internet access.
websites in the blocklist, we find that 63% of the websites are in Russian and 28% are in English. While the top categories include gambling and pornography, we find some Russian-language news, politics and circumvention websites in the blocklist.
what is striking is the transparency of ISPs in injecting explicit notices to users when censorship is enforced, which we later determined is based on guidelines dictated by Roskomnadzor.
Our findings suggest that data centers block differently from the residential ISPs both in quantity and in method of blocking. In most countries, residential ISPs are subject to different laws and policies for information control.
Information control has long been a goal of many countries, and with advancements in technology that enable it, entities like the Great Firewall of China are not the only threats to freedom on the Internet. As filtering technology gets cheaper to buy and easier to deploy, more nation-states are moving towards using them to achieve network and information control.
Our study has shown that the implementation of such decentralized control breaks the mold of what “censorship” traditionally connotes: the monolithic blocking of large swaths of content from border to border within a country. But in Russia with the advent of SORM and commoditization of censorship and surveillance technology it has become relatively easy and cheap for ISPs to comply. However, the means by which ISPs comply vary widely, as does their degree of compliance.
Previously, Russia was known for using naive censorship approaches. For example, while trying to block Telegram, they blocked entire subnets of Amazon Elastic Compute Cloud, Google Cloud, Digital Ocean, OVH (and hence other websites and services) causing collateral damage. They have since moved to more advanced technologies such as deep packet inspection (DPI) and keyword based blocking due to the commoditization of these technologies that make them cheaper and easier to deploy. The “Sovereign RUnet” law that comes into effect on November 1, 2019 requires telecom operators to install “special equipment” on their networks to handle 100% of all traffic in-path as a security measure against “external threats”. The most important part of this enforcement is that Roskomnadzor will be allowed to centrally manage the routing of traffic on this equipment.
This is a trend we have observed in many countries: the United States, the United Kingdom, India, Indonesia, Portugal are all slowly moving towards this model and this should serve as a warning to researchers and policymakers. The United Kingdom’s censorship architecture is similar to Russia’s, with the government providing ISPs a list of websites to block
Russia’s censorship architecture is a blueprint, and perhaps a forewarning of what national censorship regimes could look like in many other countries that have similarly diverse ISP ecosystems to Russia’s.
Russia’s rise to prominence as a censor is wake-up call for censorship researchers, journalists, activists, and citizens of the global Internet.
Tomi Engdahl says:
Concerning developments from down under.
Now the police want your passwords – and you could be fined $60,000 or put in prison for five years if you refuse
https://www.msn.com/en-au/news/australia/now-the-police-want-your-passwords-%E2%80%93-and-you-could-be-fined-dollar60000-or-put-in-prison-for-five-years-if-you-refuse/ar-BBNBzP6
People could face up to five years’ in jail if they do not give their laptop password or mobile phone PIN to the authorities under proposed changes to the law.
Tomi Engdahl says:
Simple Voice-Command SQL Injection Hack into Alexa Application
https://www.protego.io/voice-command-sql-injection-hack/
Tomi Engdahl says:
Linux-haittaohjelma ujutettiin operaattorin verkkoon: hakkerit tarkkailivat kaikkea tekstiviestiliikennettä
https://www.mikrobitti.fi/uutiset/linux-haittaohjelma-ujutettiin-operaattorin-verkkoon-hakkerit-tarkkailivat-kaikkea-tekstiviestiliikennetta/be641e21-c946-4cd5-8248-2231c8bb899b
Tomi Engdahl says:
Chinese hackers developed malware to steal SMS messages from telco’s network
MessageTap malware is meant to be installed on Short Message Service Center (SMSC) servers, on a telco’s network.
https://www.zdnet.com/article/chinese-hackers-developed-malware-to-steal-sms-messages-from-telcos-network/
Tomi Engdahl says:
Inside the Microsoft team tracking the world’s most dangerous hackers
https://www.technologyreview.com/s/614646/inside-the-microsoft-team-tracking-the-worlds-most-dangerous-hackers/
From Russian Olympic cyberattacks to billion-dollar North Korean malware, how one tech giant monitors nation-sponsored hackers everywhere on earth.
Tomi Engdahl says:
Daily Crunch: Google announces open-source chip project
https://techcrunch.com/2019/11/05/daily-crunch-google-announces-open-source-chip-project/
1. Google launches OpenTitan, an open-source secure chip design project
The aim of the new coalition is to build trustworthy chip designs for use in data centers, storage and computer peripherals.
The project will allow anyone to inspect the hardware for security vulnerabilities and backdoors.
Tomi Engdahl says:
Canonical Pledges Full Raspberry Pi Support, Warns of USB Bug in Ubuntu 19.10 on the Raspberry Pi 4
https://www.hackster.io/news/canonical-pledges-full-raspberry-pi-support-warns-of-usb-bug-in-ubuntu-19-10-on-the-raspberry-pi-4-f8675109ba5d
Tomi Engdahl says:
Google launches OpenTitan, an open-source secure chip design project
https://techcrunch.com/2019/11/05/google-opentitan-secure-chip/
Tomi Engdahl says:
https://www.uusiteknologia.fi/2019/11/05/kyberhyokkaykset-pahenevat-energiainfra-kohteeksi/
Tomi Engdahl says:
Tutkimusyhtiö: Joka neljännessä pc-tietokoneessa on käyttöjärjestelmä, jonka tuki loppuu 70 päivän päässä – Windows 7 jää nyt Windows 10:n jalkoihin
https://tekniikanmaailma.fi/microsoftin-paansarky-windows-7n-tuki-loppuu-70-paivan-paasta-mutta-se-on-edelleen-kaytossa-joka-neljannessa-pc-tietokoneessa/
Tomi Engdahl says:
Surveillance kit slinger accused of slapping ‘Made in America’ on Chinese gear, selling it to the US government
https://www.theregister.co.uk/AMP/2019/11/08/aventura_china_charges/?__twitter_impression=true
But sure, it’s Huawei that’s the big security threat
Tomi Engdahl says:
2019 – Endpoint Protection Platforms Magic Quadrant
https://pentestmag.com/2019-endpoint-protection-platforms-magic-quadrant/
#pentest #magazine #pentestmag #pentestblog #PTblog #endpoint #protection #platforms #magic #quadrant #cybersecurity #infosecurity #infosec
Tomi Engdahl says:
Google’s Secret ‘Project Nightingale’ Gathers Personal Health Data on Millions of Americans
https://www.wsj.com/articles/google-s-secret-project-nightingale-gathers-personal-health-data-on-millions-of-americans-11573496790
Search giant is amassing health records from Ascension facilities in 21 states; patients not yet informed
Tomi Engdahl says:
General election: Jeremy Corbyn ‘very worried’ after ‘cyber attack’ on Labour
https://news.sky.com/story/labour-says-it-has-been-hit-by-large-scale-cyber-attack-11859823
A National Cyber Security Centre source says it was low-level and there is no evidence of sponsored activity
Hackers hit Labour with a “very serious cyber attack” on the party’s digital platforms, Jeremy Corbyn has announced.
He said it was “suspicious” and “something one is very worried about” after the Distributed Denial of Service (DDOS) targeting began late on Monday.
What is a DDoS attack? What the Labour cyber-attack means – and how serious it is
Labour were targeted by a “sophisticated and large-scale cyber-attack”.
https://inews.co.uk/news/politics/ddos-attack-what-meaning-cloudfare-labour-party-cyber-category-general-election-2019-969527?amp
Tomi Engdahl says:
Labour reveals large-scale cyber-attack on digital platforms
Party says it is confident no data was breached during ‘failed’ attack
https://www.theguardian.com/politics/2019/nov/12/labour-reveals-large-scale-cyber-attack-on-digital-platforms?CMP=fb_gu&utm_medium=Social&utm_source=Facebook#Echobox=1573554178
Seems like…
Category 6: Localised incident – “A cyber attack on an individual, or preliminary indications of cyber activity against a small or medium-sized organisation.”
https://inews.co.uk/news/politics/ddos-attack-what-meaning-cloudfare-labour-party-cyber-category-general-election-2019-969527?amp
Tomi Engdahl says:
Trusted Platform Module (TPM) serves as a root of trust for the operating system. This Intel cpu bug allows an attacker to recover 256-bit private keys http://tpm.fail/
Tomi Engdahl says:
Microsoft vows to ‘honor’ California’s sweeping privacy law across entire US
Microsoft is making moves
https://www.theverge.com/2019/11/11/20960113/microsoft-ccpa-privacy-law-california-congress-regulation
Tomi Engdahl says:
Entirely by accident.. I’m sure.. pinky swear…
Facebook Bug Has Camera Activated While People Are Using the App
https://m.slashdot.org/story/363330
Tomi Engdahl says:
CVE-2019-12415: XML processing vulnerability in Apache POI
https://pentestmag.com/cve-2019-12415-xml-processing-vulnerability-in-apache-poi/
#pentest #magazine #pentestmag #pentestblog #PTblog #CVE #vulnerability #XML #Apache #POI #cybersecurity #infosecurity #infosec
Apache POI is a popular Java library for working with Microsoft documents. For example, it allows you reading and writing Microsoft Excel files using Java.
Tomi Engdahl says:
Federal Court Rules Suspicionless Searches of Travelers’ Phones and Laptops Unconstitutional
https://www.eff.org/press/releases/federal-court-rules-suspicionless-searches-travelers-phones-and-laptops
Government Must Have Reasonable Suspicion of Digital Contraband Before Searching People’s Electronic Devices at the U.S. Border
Tomi Engdahl says:
FEDERAL COURT RULES SUSPICIONLESS SEARCHES OF TRAVELERS’ PHONES AND LAPTOPS UNCONSTITUTIONAL
https://www.aclu.org/press-releases/federal-court-rules-suspicionless-searches-travelers-phones-and-laptops
GOVERNMENT MUST HAVE REASONABLE SUSPICION OF DIGITAL CONTRABAND BEFORE SEARCHING ELECTRONIC DEVICES AT THE U.S. BORDER
Tomi Engdahl says:
Iowa hired a cybersecurity firm to do penetration testing, then arrested its workers
https://www.techspot.com/news/82740-iowa-hired-cybersecurity-firm-do-penetration-testing-arrested.html
Instead of dropping the charges, it has reduced them from a felony to a misdemeanor
In one of its tests back in September, two Coalfire employees found a door at the Dallas County Courthouse wide open. They entered the building and intentionally set off an alarm to test law enforcement response, which was part of the job.
Initially, the first deputies on the scene checked their documentation and said they were “good to go.” However, the local sheriff arrived within minutes and arrested them. The employees were charged with third-degree felony burglary and possession of burglary tools.
“Coalfire and State Court Administration believed they were in agreement regarding the physical security assessments for the locations included in the scope of work,”
The ramifications of this incident are far broader than just a beef between Coalfire and state officials. If the employees are not exonerated on all charges, it could have lasting effects on whether other security firms that do pen testing choose to take jobs with state and municipal authorities.
a political battle between the State and the County
Tomi Engdahl says:
Election vendors are ‘prime targets’ and need oversight, report finds
https://nypost.com/2019/11/12/election-vendors-are-prime-targets-and-need-oversight-report-finds/?utm_campaign=iosapp&utm_source=facebook_app
ATLANTA — The private companies that make voting equipment and build and maintain voter registration databases lack any meaningful federal oversight despite the crucial role they play in US elections, leaving the nation’s electoral process vulnerable to attack, according to a new report.
Norden said congressional inaction has increased the pressure on state and local election officials to secure their voting systems and have measures in place should something go wrong. Although Congress sent $380 million to states last year for election security, Norden said it was a “drop in the bucket” of what is needed as state and local election officials look to fund the replacement of outdated and insecure voting systems, increase cybersecurity personnel and add security upgrades.
A report by the Associated Press last year found the leading voting-related companies had long skimped on security in favor of convenience and operate under a shroud of financial and operational secrecy despite their critical role in elections.
The report noted that other industries also viewed as critical to national security, such as defense contractors, face substantial oversight and must comply with various requirements.
“Vendors are responsible for election security in a way that folks probably don’t understand,” Norden said. “When we talk about election security, we talk about what election officials are doing, but we’ve left this big part of the puzzle out of the discussion.”
Tomi Engdahl says:
Trilogues – one reason why the EU has a poor reputation for democracy
https://edri.org/trilogues-on-terrorist-content-upload-or-re-upload-filters-eachy-peachy/
Tomi Engdahl says:
Attack on Labour shows need for DDoS defence but should alarm few
https://www.computerweekly.com/news/252473876/Attack-on-Labour-shows-need-for-DDoS-defence-but-should-alarm-few
After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t
Oscar Wilde never wrote, “To be the victim of one distributed denial of service (DDoS) attack may be regarded as…
Tomi Engdahl says:
#OWASP
#CSRF
#PHP
#Infosec
#security
OWASP CSRF Vulnerability Code Review [26]
https://m.youtube.com/watch?v=cLMIeYrX09w&feature=share
Tomi Engdahl says:
Inconvenient truths about working in Cybersecurity
https://pentestmag.com/inconvenient-truths-about-working-in-cybersecurity/
#1 – Cybersecurity is not all about hackers and hoodies
#2 – Training, you need it but can’t get it
#3 – Job lock with high switching costs
#4 – Not all mentors are good mentors
#5 – Long hours and burnout