Week in Review, 25th August 2017

August 25, 2017 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

I have to thank our editor-in-chief, Kate Brew, for stepping in to compile the week in review last week while I was out topping up my tan on holiday.

So without further ado, let’s dive right in.

Buckets of insecurity

I think this is the week that unsecured Amazon S4 bucket leaks have officially jumped the shark. It’s an almost weekly occurrence, and continues to shine a spotlight on how many organisations simply lack the skills in how to properly secure their cloud environments, or obtain any form of assurance.

Groupsize customer information found in publicly accessible buckets

Enigma Compromised

Enigma, a decentralized platform that’s preparing to raise money via a crypto token sale, had its website and a number of social accounts compromised with the perpetrators netting nearly $500,000 in digital coin by sending out spam.

Having worked over a decade in banking, I’m not the biggest fan of the layers of regulation required in financial services. But as we’re seeing with cryptocurrency, a little additional security can go a long way.

Hackers nab $500,000 as Enigma is compromised weeks before its ICO

Somewhat related

Identity Thieves Hijack Cellphone Accounts to Go After Virtual Currency

Boarding passes and stolen accounts

This isn’t a new attack vector. I remember reading about similar attacks not too long ago, but it bears repeating that if you post photos of barcodes, particularly the ones on your airline flights, it’s likely someone can gain access to your account.

Bad guys probably work as much as you do

It’s not easy putting in a dishonest day's work. According to a recent study, it appears as if most criminal hackers put in just as many hours into their daily grind as many legitimate workers.

It’s a shame really, you’d probably think a lot of them would have actually made great colleagues in an alternate reality.

Day in the life of a modern spam kingpin: Why hackers work similar hours to everyone else

Ransomware changed the rules

Another good and insightful post by the Grugq in which he elaborates on a statement (which received some push back on Twitter) on why ransomware (authors and criminals) are doing more to advance the state of cyber security readiness than the last 10 RSA conferences.

A controversial statement for sure, but the article makes some valid points that are worth pondering over.

Ransomware changed the rules

Accept Ts & Cs or be left with a brick

Sonos is the latest company to throw customer care to the wind and try and dictate all the terms. It has released a new privacy policy that gives it the ability to, well, basically use the information it collects in any way that it wants. There is no ‘opt out’ for customers and those that don’t choose to accept the new policies could end up with a rather expensive brick.

The problem here is that this sets a bad precedent. Going forward, so-called ‘smart’ devices will only increase. To the point that it will probably be impossible to buy a ‘dumb’ device that doesn’t have some form of connected functionality. It gives corporations access to the most innermost and most private areas of people's lives.

I wonder how long before hackers start releasing their own firmware variations for Sonos and other devices, as they did for John Deere tractors.

Sonos says users must accept new privacy policy or devices may “Cease to function”

The Spyware App Store

Google has pulled 500 apps with over 100 million downloads from its official Play store after it was alerted by researchers to a secret backdoor that could allow developers to install a range of spyware at any time.

I don’t envy the job of those that have the responsibility to vet apps to ensure they are all legitimate without any malware. What is really interesting about this story is that the apps contained an SDK called lgexin – and it’s likely a lot of the developers themselves weren’t aware of the backdoor.

It’s another case of supply chain security – but with a good collaborative defensive effort. So, I guess it’s a good job and a pat on everyone's back for making it through another week.

Spyware backdoor prompts Google to pull 500 apps with >100m downloads

Javvad Malik

About the Author: Javvad Malik
The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.
Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL CHAT