Our thanks to the Patrons who generously support of the CyberWire. We're happy to add a new benefit this week: members of the Producer's Circle now receive exclusive access to our new Quarterly Report. If you'd like to see a sample of the Quarterly Report (redacted, of course, because only the Patrons' have access, and anything else would be dilutive), this is it. And thanks again to all of our Patrons.
Don't misconfigure that AWS S3 bucket. Hacks affect revenue years later. Bad Taste bug in Linux. Domain fronting attacks. DarkHotel is back. Apple, Oracle patch.
Amazon Web Services has sent its customers a reminder that Access Control Lists (ACLs) govern who can see the contents of their S3 buckets, and that they should look at their buckets to insure that public read-access is enabled only where it's supposed to be. Misconfiguration, often by third parties, has hit data held by large organizations hard this summer, but AWS wants customers to remember that protecting information from inadvertent exposure isn't that hard.
TalkTalk's revenues declined in the first quarter, and analysts attribute this in large measure to the breach the telco sustained in 2015.
Malformed Windows MSI files are now known to infect Linux systems, too—researchers call the vulnerability "Bad Taste."
CyberArk's Red Team reports a form of domain fronting that can mask attackers' command-and-control traffic. It abuses content delivery networks (CDNs) and high-traffic domains. Domain fronting uses different domain names at different layers of communication. The technique, CyberArk says, is in use in the wild, and can be applied to highly targeted attacks.
As fears of election hacking persist, the DarkHotel APT group appears ready to offer a fresh approach to political hacking. The online gang uses whaling, digital certificate factoring and Inexsmar malware in its attacks.
In the second cryptocurrency heist reported this week, a hacker stole Ethereum currency worth approximately $30 million by exploiting a vulnerability in a Parity wallet. Parity is working on a fix.
Apple has issued patches for MacOS, iOS, and Safari. Oracle has fixed three-hundred-eight vulnerabilities in its products.
Today's issue includes events affecting Bahrain, Iran, Iraq, NATO/OTAN, Qatar, Russia, Saudi Arabia, Syria, United Arab Emirates, United Kingdom, and United States.
Artificial intelligence is key to making sense of big data and scaling security data analytics. The “spray and pray” shotgun approach is too expensive and too imprecise to combat advanced attacks. So how do you harness the power of AI to increase precision and to proactively stay ahead of advanced attacks? How do you evaluate threat hunting tools? Join an online fireside chat with guests Josh Zelonis and Stephen Pieraldi to get the answers.