AttackWise cyber security week in review is published every Monday 7:00 GMT. Subscribe for delivery direct to your inbox.
In the news
- F5 has acquired NGINX, which is used by close to 60% of the top 10,000 websites, for $670 million.
- NASA’s cybersecurity program has been audited resulting in an outcome which falls short of the level required to be considered effective. Apparently the same result was achieved last year.
- McAfee has identified active exploits of an unpatched vulnerability in WinRAR compression tool where opening a malicious file silently installs malware. The exploit is perhaps significant as there are an estimated 500 million users, and WinRAR does not auto update.
Research, reports, opinions
- F-Secure has completed research that conclude that the UK Brexit pro-leave Twitter community is receiving support from far-right Twitter accounts based outside of the UK. The report reminds me of “disinformation for hire” services.
- Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, security researchers have found. The exposure was via an unsecured Elasticsearch database.
- Another reason for pre-boot authentication for BitLocker. Apparently it is possible to sniff BitLocker keys in the default config, from either a TPM1.2 or TPM2.0 device, using a dirt cheap FPGA (~$40NZD) and publicly available code. After sniffing, you can decrypt the drive.
- Rapid7 has produced attack surface research targeting the 200 largest listed companies in Australia. Some surprising results on some relatively simple controls not being maintained by big corporates down under.
- Adobe has released patches for Adobe Digital Edition and Adobe Photoshop.
- Cisco has high impact advisories for certain IP telephones and a critical advisory due to a hard coded default password in their Common Services Platform Collector product.
- Google has released Chrome version 73.0.3683.75 for Windows, Mac, and Linux. This version addresses 60 security fixes.
- Microsoft has released their March 2019 security updates.
- SAP has released various patches including 9 security notes and 3 updates to previously released security notes.
- WordPress has released a patch to resolve a vulnerability that allowed an unauthenticated remote attack.
UK industry events
- 27-28 March 2019, London, The World Cyber Security Congress
- 14 March 2019, London, CRESTCon
- 24-25 April 2019, Glasgow, CYBERUK
- 25-26 April 2019, London, Cyber Security and Cloud Expo
- 9 May 2019, London, GovSec
- 4-6 June 2019, London, Infosecurity Europe
- June 2019, London, Security BSides
- 9 July, London, The Cyber Security Summit
- 23-24 September, Windsor, Information Security Network
- 9-10 October, London, Cyber Security Europe (part of IP Expo)
- October 2019, London, FT Cyber Security Summit Europe
- 20 November 2019, London, Cyber Security Summit