Friday Five 9/10
The latest Windows zero day, ProtonMail under fire, and creating a more diverse cybersecurity workforce - catch up on the infosec news of the week with the Friday Five!
1. Researchers Play Leading Role in Detecting Cloud Misconfiguration by Kelly Sheridan
We've come a long way from 2017 and 2018, when it seems like every week news came of a poorly secured Amazon S3 storage bucket leaking personal or corporate data. The wave of improperly configured buckets prompted many across the industry to ask just how secure are these cloud storage services? Amazon and Elasticsearch, whose databases have had their own security issues over the years, have made big advances in addressing configuration problems but there's inevitably data loss. According to a new Rapid7 report, there were 121 cases involving data exposure last year. As reported in DarkReading, thankfully most of the cases, 62%, were ferreted out by researchers, not malicious hackers. The best word of advice here comes later in the article: Always check up on old configurations, especially if you're setting up a new bucket and expecting older ones to fall in line with the newer configurations.
2. Congress Is Warning That the Federal Government Remains Vulnerable to Cyberattacks by Dan Lips
Another fairly straight forward alert here via the FBI. This one warning that companies in the food and agriculture sector should be weary of ransomware attacks; but there's more than meets the eyes here. Lost in the warning is news that earlier this year a ransomware attack at one US-based farm cost them a whopping $9 million. While the loss wasn't tied to the farm paying a ransom - it stemmed from the farm having to temporarily shutdown their farming operations - it's still a pretty penny to pay. According to the FBI's warning, attackers were able to infiltrate their servers by gaining admin level access after using compromised credentials. We're constantly reminded to change our passwords; unfortunately it cost these victims $9 million.
3. ProtonMail Under Fire For Sharing ClActivist Data With French Authorities by Karl Bode
4. Microsoft Confirms Serious New Windows 10 Attack—Here’s How To Stop It by Davey Winder
We wrote about the latest Windows zero day vulnerability earlier this week but as with any zero day, it's so serious it bears reiterating and linking to more reading on the subject. Reported to Microsoft over the weekend, the story's gained traction throughout the week with experts like Dave Maynor pointing out on Thursday that the vulnerability has "evasion of work arounds, can execute from a remotely hosted CAB, 0 detection rate on EDRs, potential for execution with minimal interaction." "This is bad,” Maynor adds. To reiterate, there's no patch for the issue – a bug in the Internet Explorer browser rendering engine, MSHTML - but there's a variety of workarounds and mitigations organizations should employ. As these mitigations have proven somewhat unreliable over the last few days, It's worth reminding employees to only open attachments from trusted sources until a fix is published. It’d be a quick turnaround but it's possible that one arrives in MIcrosoft's Patch Tuesday round of updates next week.
5. How to Bust Through Barriers for a More Diverse Cybersecurity Workforce by Williesha Morris
An important read in DarkReading via Williesha Morris on significant work being done by groups like the International Consortium of Minority Cybersecurity Professionals (ICMCP) and Blacks in Cybersecurity (BIC) when it comes to giving Black cybersecurity professionals a voice. While the piece lauds the work of these groups – and it’s worth reading up on their accomplishments - there's valuable advice here via Devo's Julian Waits, who says that white industry professionals need to enter spaces as mentors and highlight the ways the lack of diversity hurts the industry. “Expanding the pool of people to hire from means finding more talented individuals. Hiring individuals with different backgrounds results in teams with different ideas and complementary skills, which makes for stronger and better teams,” Morris writes.