Skip to content
AttackWise cyber security weekly bulletinDeviceCraft2019-02-09T16:42:54+00:00
Week ending 9th February 2019
In the news
- Australian Federal MPs’ computer network hacked in possible foreign government attack. Agencies are now focussing on determining if the hackers have a foothold within the network.
- Apple has patched the Facetime bug that allowed anonymous eavesdropping while also announcing it would reward the High School student who discovered the bug.
- Jeff Bezos, the worlds richest man and founder/CEO of Amazon, has accused the National Inquirer of an extortion attempt using embarrassing pictures. There is speculation that the photos could have been acquired by using publicly available information email addresses and stolen passwords – this is a very common technique used by Penetration Testers to gain access to accounts, especially if not secured with Multi Factor Authentication.
- QuadrigaCX, the largest bitcoin exchange in Canada, has lost access to its cryptocurrency reserves after the only person with access to the company’s offline wallet died losing a reported $145m.
- A hacker has been sentenced to 10 years for using SIM swapping attacks to get around SMS based multi factor authentication and steal cryptocurrencies from his targets. This is one example why SMS is not considered secure for multi factor authentication.
- Microsoft has published an advisory on the vulnerability reported last week on Exchange 2013 and newer being vulnerable to NTLM relay attack.
- Check Point research has identified a reverse RDP vulnerability. The computer being connected to with RDP (the RDP server) can infect the source computer initiating the RDP session (the RDP client). FreeRDP patched the vulnerability, Microsoft acknowledged the finding but did not deem it sufficient to patch.
- Microsoft has shared some AI security lessons-learned. This lesson was really interesting “Machine Learning models are largely unable to discern between malicious input and benign anomalous data. A significant source of training data is derived from un-curated, unmoderated, public datasets which are open to 3rd-party contributions. Attackers don’t need to compromise datasets when they are free to contribute to them”.
- At interesting article on how Advanced Persistent Threat actions are named and how attribution is assigned.
UK industry events
- 12-13 Feb 2019, London, The European Information Security Summit
- 7-8 March 2019, London, Identity and Access Management Summit
- 12-13 March 2019, London, Cloud and Cyber Security Expo
- 27-28 March 2019, London, The World Cyber Security Congress
- 14 March 2019, London, CRESTCon
- 24-25 April 2019, Glasgow, CYBERUK
- 25-26 April 2019, London, Cyber Security and Cloud Expo
- 9 May 2019, London, GovSec
- 4-6 June 2019, London, Infosecurity Europe
- June 2019, London, Security BSides
- 9 July, London, The Cyber Security Summit
- 23-24 September, Windsor, Information Security Network
- 9-10 October, London, Cyber Security Europe (part of IP Expo)
- October 2019, London, FT Cyber Security Summit Europe
- 20 November 2019, London, Cyber Security Summit
Previous recent editions