Secjuice Squeeze Volume 34
Welcome to the Secjuice Squeeze, a curated selection of interesting infosec articles and news that you may have missed. Now with upcoming events!
Welcome to the 34th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Sinwindie, Mike Peterson, Miguel Calles, Muhammad Luqman, and Prasanna.
Articles
Homeland Security details new tools for extracting device data at US borders
The agency says it can now obtain details including your phone's location history, social media information, and photos and videos.
Source & Link: cnet.com
Curator: Sinwindie
Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping
Four critical-severity flaws were recently disclosed in the Find My Mobile feature of Samsung Galaxy smartphones, which if exploited could allow attackers to force a factory reset on the phones or spy on users.
Source & Link: threatpost.com
Curator: Mike Peterson
Google Chrome Browser Bug Exposes Billions of Users to Data Theft
The vulnerability allows attackers to bypass Content Security Policy (CSP) protections and steal data from website visitors.
Source & Link: threatpost.com
Curator: Mike Peterson
SANS infosec training org suffers data breach after phishing attack
The SANS cybersecurity training organization has suffered a data breach after one of their employees fell victim to a phishing attack.
Source & Link: bleepingcomputer.com
Curator: Mike Peterson
Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Microsoft Patch Tuesday Reveals A Few Innocent Ways to Get Hacked
Source & Link: thehackernews.com
Curator: Muhammad Luqman
NSA, FBI expose Russian intelligence hacking tool: report
The U.S. National Security Agency and Federal Bureau of Investigation have exposed a sophisticated Russian hacking tool, they said on Thursday in a rare public report offering new insight on Russia's arsenal of digital weapons.
Source & Link: reuters.com
Curator: Sinwindie
North Korean Hacking Group Attacks Israeli Defense Industry
Israel says the attack was thwarted, but a cybersecurity firm says it was successful. Some officials fear that classified data stolen by North Korea could be shared with Iran.
Source & Link: nytimes.com
Curator: Sinwindie
Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon's Alexa
“Please lower the temperature of the AC, it’s getting humid in here,” said Eric to Alexa, who turned the AC to a cooler temperature in the living room. No, Alexa is not Eric’s partner, wife or friend. Alexa is his virtual assistant.
Source & Link: checkpoint.com
Curator: Sinwindie
Global Disruption of Three Terror Finance Cyber-Enabled Campaigns
The Justice Department today announced the dismantling of three terrorist financing cyber-enabled campaigns, involving the al-Qassam Brigades, Hamas’s military wing, al-Qaeda, and Islamic State of Iraq and the Levant (ISIS). This coordinated operation is detailed in three forfeiture complaints and a criminal complaint unsealed today in the District of Columbia. These actions represent the government’s largest-ever seizure of cryptocurrency in the terrorism context.
Source & Link: justice.gov
Curator: Sinwindie
Chrome extensions that lie about their permissions - Malwarebytes Labs
Users have learned to review the list of permissions Chrome extensions require before installing them. But what's the use if they lie to you?
Source & Link: malwarebytes.com
Curator: Prasanna
Upcoming Events, Webcasts, Conferences, etc.
Predict 2020: Intelligence to Disrupt the Status Quo
When: October 5-8, 2020
Location: Virtual
Cost: Free
Source & Link: recordedfuture.com
Curator: Miguel Calles
Ai4 2020
When: September 1-2, 2020
Location: MGM Grand, Las Vegas
Cost: $595 (early registration)
Source & Link: ai4.io
Curator: Miguel Calles
Open Source Digital Forensics Conference
When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source & Link: osdfcon.org
Curator: Hartoyo Wahyu
BIG List of Virtual Cybersecurity Conferences
Source & Link: https://github.com/santosomar/virtualseccons
Curator: Guise Bule