Friday Five 8/27
Tech companies pledge billions to bolster security, a ransomware group shuts down, and the top data breach culprits - catch up on the infosec news of the week with the Friday Five!
1. Data Breach Culprits: Phishing and Ransomware Dominate by Mathew J. Schwartz
The Information Commissioner's Office's quarterly reports are chockfull of interesting data but it's historically a lot to parse through. Thankfully, BankInfoSecurity's Mathew J. Schwartz does that from time to time. The ICO, for those not in the know, is in charge of data protection in the UK. According to their most recent report, phishing and ransomware are largely to blame for breaches in the country; there were responsible for 284 reports and 144 reports in Q2. The graph posted below does a good job identifying trends over the last year or so. Also, Schwartz digs into some of the more notorious breaches from Q2 in the UK, military documents and leaked video footage.
2. White House rolls out pipeline, supply chain security initiatives as companies pledge billions in cyber spending by Tim Starks
In what might the week's biggest news, aside from CISA warning about the Microsoft ProxyShell vulnerabilities being exploited in the wild, was the cybersecurity summit held at the White House on Wednesday. Cyberscoop has a piece on the takeaways, including plans to strengthen supply chain and natural gas pipeline security following last year's SolarWinds hack and this year's Colonial Pipeline ransomware attack. Of course, the major headlines from the summit came Thursday, when it was disclosed tech companies like Microsoft and Google were fronting billions of dollars the former $20 billion, the latter $10 billion, to better incorporate security into products.
3. What To Know About The Spying Scandal Linked To Israeli Tech Firm NSO by Daniel Estrin
Another solid piece here via NPR's Daniel Estrin recapping Israel's NSO and its spyware Pegasus, which in case you missed it, has been embroiled in some controversy as of late. Estrin does a good job going over the story so far, gives a brief history of NSO, and how the Pegasus Project's reports have played out in Israel and on the broader tech world stage.
4. Ragnarok ransomware releases master decryptor after shutdown by Ionut Ilascu
As we said two weeks ago, with ransomware, you have to celebrate the tiny victories. A tiny glimmer of hope came this week for users who may have had their files encrypted by the Ragnarok ransomware as the group behind it have called it quits. The news comes only a few weeks after another group, SynAck, rebranded and released the master decryption keys for victims. While some users automatically think it's game over after their machine has been hit by ransomware, if you're patient, decryption keys could someday become available.
5. Java deserialization vulnerabilities explained and how to defend against them by Ax Sharma
Okay, not a news item but an interesting feature story here, via CSO's Ax Sharma on java deserialization vulnerabilities. It's a helpful explainer how how data serialization figures into applications, how unsafe object deserialization vulnerabilities occur and how to protect against them. It's a lengthy piece but a good crash course into the topic with plenty of extra links to examples, applicable research, and a GitHub repository that could help pen testers and researchers.