This Week in Security News - November 19
Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut and Trend Micro Announces Free Web-Based Tool
Read on:
Attackers Are Using the Cloud, Too. Here’s What You Need to Know.
In a sample dataset of 1,000 logs, Trend Micro identified a total of 67,712 URLs for compromised accounts. Access to these so called “Cloud of Logs” can be purchased for a monthly fee between $350-$1,000 and can include thousands or millions of emails and passwords to popular sites like Google, Amazon, Twitter, Facebook and PayPal.
Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut
Cybercriminals are embracing cloud-based services and technologies in order to accelerate their attacks on organizations and better monetize their wares, Trend Micro researchers have found. This is largely driven by cybercriminals who sell access to what they call “clouds of logs,” which are caches of stolen credentials and other data hosted in the cloud.
CVE-2020-17053: Use-After-Free IE Vulnerability
Trend Micro recently analyzed CVE-2020-1380, a vulnerability caused by a type inference error in the browser’s JIT engine, which can be exploited by neutering ArrayBuffer and resulted in a use-after-free (UAF) vulnerability. While analyzing the root cause of this vulnerability, Trend Micro found another path to trigger a similar UAF vulnerability by neutering ArrayBuffer—this time, without the JIT engine.
Bumble Vulnerabilities Put Facebook Likes, Locations and Pictures of 95 Million Daters at Risk
Researchers at San Diego-based Independent Security Evaluators discovered that even if they’d been banned from the service, they could acquire a wealth of information on daters using Bumble. Prior to the flaws being fixed earlier this month, having been open for at least 200 days since the researchers alerted Bumble, they could acquire the identities of every Bumble user.
ENISA Issues Guidelines on Securing the IoT Supply Chain
The European Union Agency for Cybersecurity (ENISA) recently published its Guidelines for Securing the IoT Secure Supply Chain for IoT. The guidelines covered the entire Internet of Things (IoT) supply chain, including software, hardware, and services. ENISA’s report was based on the 2019 Good Practices for Security of IoT - Secure Software Development Lifecycle and zeroed in on the actual processes of the supply chain utilized to develop IoT products.
Amazon Web Services’ New Network Firewall Solution Rolls Out
Amazon Web Services (AWS) has announced the general availability of AWS Network Firewall, a managed service created to give customers improved visibility into their AWS setups and architecture, and to bolster network security. The solution's rules engine can be customized or imported from AWS Partner Network (APN) providers such as CrowdStrike, Fortinet, and Trend Micro, among others.
Malicious Actors Target Comm Apps such as Zoom, Slack, Discord
Trend Micro’s 2020 midyear report outlined how the COVID-19 pandemic forced many organizations to shift from physical offices to virtual ones, which led to the rise of messaging and video conferencing apps as essential tools for communication. While these apps have provided a way of maintaining communication, they have also caught the eye of malicious actors.
Trend Micro's Free Web-Based Tool Takes on Hackers and Fake News
Trend Micro has announced the US launch of Trend Micro Check, a free online tool that warns users of online misinformation. The tool was previously available only in Japan and Taiwan. The company designed the tool to keep people safe from a myriad of growing cyber security threats, including privacy violations, false claims and online misinformation.
The Dangers of AI and ML in the Hands of Cybercriminals
Despite the many advantages of AI and ML technologies in thwarting cybercrime, they can also be abused by cybercriminals to improve existing threats and attacks. Trend Micro’s newest research paper “Malicious Uses and Abuses of Artificial Intelligence,” a joint project with the United Nations Interregional Crime and Justice Research Institute (UNICRI), and Europol, delves into the many ways that cybercriminals abuse ML and AI and how they could exploit these technologies for ill gain in the future.
Why Phone-Based Authentication Can Be Insecure
Alex Weinert, Director of Identity Security at Microsoft, wrote in a recent blog post that phone codes are vulnerable to interception by hackers and told users to stop using phone-based multi-factor authentication (MFA) codes sent via SMS and voice calls. In this article, Mark Nunnikhoven, vice president of cloud research at Trend Micro, weighs in and discusses how authentication apps are preferable, though text-based MFA is better than nothing.
Data of 27 Million Texas Drivers Compromised in Breach
An unauthorized person gained access to a database of insurance software firm Vertafore earlier this year and compromised the driver's license data of over 27 million Texas citizens. Vertafore says in a statement that the entry was made between March 11 and Aug. 1, when someone gained access to a database within the company's insurance rating tool that contained information on Texas drivers.
The Ransomware Landscape is More Crowded Than You Think
Ransomware-as-a-Service is a cyber-security term referring to criminal gangs that rent ransomware to other groups, either via a dedicated portal or via threads on hacking forums. RaaS portals work by providing a ready-made ransomware code to other gangs. These gangs rent the ransomware code, customize it using options provided by the RaaS, and then deploy attacks via a method of their choosing.
What are your thoughts on cybercriminals using the cloud to accelerate their attacks? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.