Welcome to The Tanium 10, our weekly roundup of the news that matters most to security and IT professionals. Each week, we spotlight the 10 stories, trend reports, and research that caught our eye—all to help you keep up with what’s happening in our fast-paced industry. We value your feedback. Once you’ve read this week’s insights, please email me here and tell me what you think. See something you’d like to discuss further? Join the conversation in our Tanium User Community.
The Tanium 10 for the week ending December 15, 2017:
- The 2017 CyberCrime Report offers these five threat predictions for 2018: 1) The cryptojacking “gold rush” will be the top priority for cybercriminals; 2) There’ll be an increase in PowerShell-based attacks; 3) The cybercriminal underground will continue to evolve and grow; 4) Security software will have a target on its back; and, 5) More cyber criminals will use worms to launch malware.
- A wall exists between operational technology and IT, and it’s causing organizations to overlook cybersecurity in their rush to implement the industrial Internet of Things (IoT). So says a report from LNS Research.
- Do drones sold by Chinese manufacturer Da Jiang Innovations pose a security risk? An August memo from U.S. Immigration and Customs Enforcement, which was recently leaked to Public Intelligence, suggests the airborne devices are collecting sensitive data about U.S. gas and water infrastructure and downloading it to the Chinese government’s cloud.
- Don’t let their unimaginative name fool you. Russian hacker gang MoneyTaker has conducted more than 20 successful attacks in the last two months alone, according to researchers at Group-IB. Targets included banks and law firms in the United States, United Kingdom, and Russia.
- Matthias Gliwka, a Stuttgart, Germany-based software developer, threw some shade at Microsoft for taking 100 days to fix a leak he discovered. Back in August, Gliwka was working with Dynamics 365, the cloud version of Microsoft’s ERP system, when he discovered a TLS certificate and private key for the application could be leaked. Microsoft plugged the hole earlier this month.
- When good intentions go cockeyed. Some 460 HP laptop models were found to contain a keylogger in a Synaptics device driver. Researcher Michael Myngstumbled upon the keylogger while trying to control a keyboard backlight on an HP laptop. Although HP deactivates the keylogger by default, its existence raises privacy concerns. For example, an attacker with physical access to the computer could change the default setting. HP quickly offered a patch.
- The Cybersecurity and Infrastructure Security Agency Act of 2017 (H.R. 3359) was unanimously passed by the U.S. Congress this week. The act reorganizes the Department of Homeland Security’s National Protection and Programs Directorate (NPPD) into the newly formed Cybersecurity and Infrastructure Security Agency (CISA). The new agency will have “enhanced flexibility” in order to “elevate the cybersecurity and infrastructure missions of the nation’s lead civilian cybersecurity agency,” according to a prepared statement from Rep. John Ratcliffe (R-Texas), chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection.
- There’s a hole in the (S3) bucket. Three misconfigured AWS S3 buckets containing archives with “dozens of terabytes” of social media posts were found by UpGuard’s Chris Vickery. The posts and related content were allegedly slurped up from the public internet by the U.S. military to identify and profile persons of interest.
- Did the FBI retain data related to the results of a special election in Georgia? That’s one of the questions a U.S. Congressional hearing hoped to answer. FBI Director Christopher Wray declined to answer the questions during a Dec. 7 House hearing. The case revolves around a special election to fill the house seat vacated by Tom Price, former Secretary of Health and Human Services.
- A company selling encrypted USB drives decided it would be a good idea to survey 400 working professionals about their USB habits. And oh, what they found out! Eight out of 10 respondents to Apricorn’s survey said they use unencrypted USB drives, and 87% said they do not notify their organizations when they lose a USB drive. Only half of respondents say their organization has a policy to address lost or stolen USB drives.
And another thing…
Like what you see? Click here and sign up to receive The Tanium 10 in your inbox every Friday.