Word of the week “Cyber security own goal”
Avoid scoring a cyber security own goal this summer
Cyber security is now an important part of our lives so, if you are travelling to the FIFA™ World Cup in Russia this summer, it’s understandable that you may be thinking about how best to secure your devices and key accounts.
This blog provides some quick and easy steps to improve your personal cyber security. It should be read alongside the FCO Travel Advice and the guidance offered on the Be on the Ball: World Cup 2018 website
“Data Re-Identification” – thanks to Dougy
Person re-identification (re-ID) –
has become increasingly popular in the community due to its application and research significance. It aims at spotting a person of interest in other cameras. In the early days, hand-crafted algorithms and small-scale evaluation were predominantly reported. Recent years have witnessed the emergence of large-scale datasets and deep learning systems which make use of large data volumes.
Word of the week special
“Security 3 lines of defence”
The IIA and the IoD endorse the ‘Three Lines of Defence’ model as a way of explaining the relationship between these functions and as a guide to how responsibilities should be divided:
- the first line of defence – functions that own and manage risk
- the second line of defence – functions that oversee or specialise in risk management, compliance
- the third line of defence – functions that provide independent assurance, above all internal audit
“Value Stream Mapping” and “Wardley (Value Chain) Mapping”
Crypto challenge of the week
-“Route” Transposition Cipher – thanks to Mark
May 25: GDPR Live! Waiting for first incident (and fine)!
June 12 2018: Trump met Kim
June 30: TLS1.1 mandatory for PCI-DSS compliance
Now: TLS1.2 mandatory for proper security
Jun 14: World Cup 2018
July and August – Holidays!!
March 29 2019: Brexit
Sept 2019: PSD2 security mandatory
Comic of the week
##Some OWASP stuff first
-OWASP Hackademic Challenges Project
-A developer’s guide to the GDPR – from IBM
Understand how the GDPR impacts you
This article, the first in a three-part series, summarizes the GDPR and explains how the privacy regulation impacts and applies to developing and supporting applications that are intended to be used by European Union citizens. Part 2 explores how to integrate privacy risk evaluation and mitigation within the software development lifecycle, and Part 3 provides practical application development techniques that can alleviate an application’s privacy risk
-Utility script to build a PDF book gathering all OWASP Cheat Sheets
-Presentations from OffensiveCON
OffensiveCon18 – Brian Gorenc, Abdul-Aziz Hariri and Jasiel Spelman – L’art de l’évasion – Modern VMWare Exploitation Techniques
OffensiveCon18 – Jos Wetzels and Ali Abbasi – Dissecting QNX – Analyzing & Breaking QNX Exploit Mitigations and Secure Random Number Generators
-Insights from Code Conference 2018
A collection of quotes, one-liners (and apologies) that were interesting, insightful, thought-provoking from #CODECON
-Don’t forget about
Incidents in the world last week
Other source HERE Find your country
Fraudsters exploiting newsworthy events
Opportunistic fraudsters have been using current events and exploiting public concern for their own financial gain
Owari botnet own-goal takeover
Security researchers recently took over the large Owari botnet after its owner failed to change the command-and-control (C&C) server’s weak default credentials
Global ALERT level
MIT researchers develop frequency-hopping transmitter that fends off attackers
Academic researchers say they have invented a transmitter that can secure billions of Internet of Things products by individually scattering each bit of data that a device wirelessly sends out onto different radio frequency channels, thus preventing attackers from intercepting a full packet and manipulating its data
FireEye Finds New Clues in TRITON/TRISIS Attack
Researchers from FireEye have found proof that the hackers who breached and inadvertently shut down a safety monitoring system in a Middle East industrial plant reverse-engineered the protocol software.
“Instead of just being a theory that they reverse-engineered something or used legitimate resources to augment their development on it, now we have evidence that supports that,” says Steve Miller, a researcher with FireEye who made the discovery after studying the malware’s Python scripts.
The so-called TRITON/TRISIS attack targeted Schneider Electric’s emergency shutdown system – Triconex Tricon – with custom malware. Two of the plant’s safety-instrumented systems (SIS) controllers entered a failed safe mode that shut down the industrial process and ultimately led to last year’s discovery of the malware
Apple strikes blow to Facebook as it clamps down on data harvesting
Rules appear to target services like Onavo Protect, which claims to protect user data even as it feeds information to Facebook
Pwn goal: Hackers used the username root, password root for botnet control database login
Sofacy APT Has Subtly Changed Tactics
A well-known Russian cyber-espionage group has subtly changed its modus operandi, moving to what security researchers from Palo Alto Networks are calling “parallel attacks.”
A new vulnerability has been discovered in all Mac OS versions since 2005 that could have allowed for “code signing,” allowing an attacker to impersonate Apple on a machine
Prowli Malware Operation Infected Over 40,000 Servers, Mo-dems, and IoT Devices
Europol forms new Dark Web Team to combat online criminal marketplaces
The InvisiMole malware allows attackers to take control of a machine and silently allow them to here and see through the computer
Dixons Carphone admits huge data breach 5.9 million cards
Facebook bug changed 14 million users’ default privacy settings to public
Research shows 75% of ‘open’ Redis servers infected
Server-Side Spreadsheet Injection – Formula Injection to Remote Code Execution
Research of the week
-The Seven Properties of Highly Secure Devices
This webpage is an attempt to assemble a ranking of top-cited papers from the area of cryptography. The ranking has been created based on citations of papers published at top cryptography conferences. More details are available here
Tool of the week
-Finding deserialisation issues has never been easier: Freddy the serial(isation) killer
-Traefik and Docker Services
I run all my docker services ‘behind’ traefik (https://traefik.io/). I do not want to have my (hundreds of) docker services directly accessible from the Internet (security). I do not want to create and handle SSL/TLS certificates for all the docker services. Therefore I am using an SSL wildcard certificate and point it to my traefik ip address. Traefik terminates TLS/SSL and happily routes all my HTTP or HTTPS packages, based on HOST or URL pattern rules, to the designated back-end service. Furthermore, traefik is docker-aware and allows registering or unregistering docker services without restarting traefik
-Automated twitter loot collection
Twitter is a great place to find interesting things, being shared by fellow security researchers. If you search for keywords like #opendir or hxxp://, you’ll get lots of links with open directories containing shells, control panels, sources, phishing sites or malware. Secops is hard, even for people with malicious intents
The AWS Well Architected Framework in a Nutshell
What is the Framework?
Your API Gateway should be a message queue
Or why we need Digital Osmosis
Conventional API Gateways handle difficult things like routing and provide a uniform layer that allows outside applicatons access without them having to understand what is going on in the inside.
Conventional API Gateways operate on the request/response pattern that most of the internet is based on. But this creates the problem of having to provide a relatively quick response so that the browser doesn’t time out. This becomes unnatural if the internals of the architecture use an event based architecture to allow for cleaner decoupling or otherwise trigger longer running tasks
The messy, musical process behind the web’s new security standard TLS1.3
The elite Microsoft hacker team that keeps windows PCs safe
ONE OF THEM jailbroke Nintendo handhelds in a former life. Another has more than one zero-day exploit to his name. A third signed on just prior to the devastating Shadow Brokers leak. These are a few of the members of the Windows red team, a group of hackers inside Microsoft who spend their days finding holes in the world’s most popular operating system. Without them, you’d be toast
Don’t Even Think of Complying with the New NIST Cybersecurity Framework!
Trust Issues Magazine
From personal relationships to the global stage, trust is what makes humanity more than just humans—and we’re in danger of losing it
And finally, Goodbye, Object Oriented Programming
I’ve been programming in Object Oriented languages for decades. The first OO language I used was C++ and then Smalltalk and finally .NET and Java.
I was gung-ho to leverage the benefits of Inheritance, Encapsulation, and Polymorphism. The Three Pillars of the Paradigm.
I was eager to gain the promise of Reuse and leverage the wisdom gained by those who came before me in this new and exciting landscape.
I couldn’t contain my excitement at the thought of mapping my real-world objects into their Classes and expected the whole world to fall neatly into place.
I couldn’t have been more wrong
##HACKING, TOOLS and FUN – CHECK BELOW!