Things I Hearted This Week, 11th Jan 2019

January 11, 2019 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

And we’re back into the swing of things with a proper first week on the books and plenty to talk about as to the weird and wonderful goings on in the world of security, technology and beyond.

International Security of Mystery

Joe Gray hasn’t really flown outside of the US other than Canada, so when presented with an opportunity to speak at conferences in Switzerland and Paris, he went about trying to find what a security professional should do when travelling internationally.

Lesley Carhart’s blog which is referenced in Joe’s article probably has one of the most comprehensive posts on the topic

Mondelez Sues Zurich in Rest for Cyber Hack Insurance

And so it begins…

Mondelez, the US food company that owns the Oreo and Cadbury brands, is suing its insurance company, Zurich, for refusing to pay out on a $100m claim for damage caused by the NotPetya cyber attack.

2019 - The Year of Cloud-Based Cybersecurity

Yes, it’s a prediction piece, but a rather specific one talking about how we’re seeing a rise in cloud-based security analytics and operations.

The Cyber-Attack That Sent an Alaskan Community Back in Time

They still don’t know where it came from. But when it hit, the Alaskan borough of Matanuska-Susitna was knocked for six. Malware rapidly spread across the borough’s computer networks, disrupting a bewildering array of services. Hundreds of employees found themselves locked out of their work stations. Staff at local libraries received urgent phone calls telling them to quickly turn off all the public PCs. The animal shelter lost access to data on medications required by its furry residents.

Hacker History III: Professional Hardware Hacker

In the mid-to-late 1980’s, following France’s 1985 bombing and sinking of the Rainbow Warrior in New Zealand, if you wanted to learn to hack and not worry about repercussions – any system related to the French Government was within scope. It was in that period that war-dialing and exploit development really took off and, in my opinion, the professional hacker was born – at least in New Zealand it was. Through 1989-1991 I had the opportunity to apply those acquired skills in meaningful ways – but those tales are best not ever written down.

Rush to Attribution Misses the Point

During the past week, an outbreak of Ryuk ransomware that impeded newspaper printing services in the United States has garnered a lot of attention. To determine who was behind the attack many have cited past research that compares code from Ryuk with the older ransomware Hermes to link the attack to North Korea. Determining attribution was largely based on the fact that the Hermes ransomware has been used in the past by North Korean actors, and code blocks in Ryuk are similar to those in Hermes.

How a Russian Firm Helped Catch an Alleged NSA Data Thief

The company’s role in exposing Harold T. Martin is a remarkable twist in an increasingly bizarre case that is believed to be the largest breach of classified material in U.S. history.

It indicates that the government’s own internal monitoring systems and investigators had little to do with catching Martin, who prosecutors say took home an estimated 50 terabytes of data from the NSA and other government offices over a two-decade period, including some of the NSA’s most sophisticated and sensitive hacking tools.

You Gotta fight! For Your Right! To Repaaaair!

You buy a new appliance and soon after the warranty runs out the appliance coughs and splutters in the sweet embrace of death.

Maybe you can’t repair it, maybe no one else can, or won’t for a reasonable price - so you end up throwing it out and getting a new appliance.

But the EU and some US states are fighting for a right to repair, of sorts, to make appliances last longer and be easier to repair.

It should make for interesting developments over the coming years as more devices become smart, or cloud enabled, and repair becomes less about the hardware, and more about the software.

Other Stories I Lked This Week

Javvad Malik

About the Author: Javvad Malik

The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.

Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
Get Price Free Trial