Twitter hack sparks a call for monitoring social media platforms

The New York State Department of Financial Services concluded that Twitter let itself be rolled by a simple social engineering technique this summer and called for an oversight council to ‘monitor and supervise’ the security practices of social media platforms. The report points out that heavily regulated cryptocurrency companies affected by the Twitter hack were quick block transfers by the attackers. 

(TechCrunch)

Zoom prepares to roll out end-to-end encryption

The roll out will begin next week with a technical preview to get feedback over the next 30 days. During this initial phase, hosts must activate encryption in account settings and opt-into it for every meeting, with each participant needing to also activate end-to-end encryption in order to join the call. Encrypted calls will also lose certain features in this test, like breakout rooms, cloud recording, polling, live transcription, one-to-one chats, and reactions. Zoom plans to roll out end-to-end encryption to all users over three additional phases, saying phase two is tentatively planned for 2021 with plans to introduce better identity management.

(VentureBeat)

Businesses are decreasing average malware dwell time

This finding comes from Verizon’s “2020 Data Breach Investigations Report”, which saw that organizations discovered 60% of data breaches in a matter of days. Over 25% of breaches were not discovered for months or more, while not great, it’s the lowest percent since Verizon tracked the metric. Once discovered, over 80% of breachers were contained within a matter of days. Overall cloud assets accounted for 24% of data breaches in the report, compared to 70% from on-premises assets like servers and endpoints. 

(Dark Reading)

Intel’s Ice Lake chips look to secure cloud workloads

Intel announced new security features for its Ice Lake Xeon chips. These will expand Intel’s use of its Software Guard Extensions to create up to 1TB protected data stores without adding additional overhead to applications. SGX is designed to allow organizations to better protect data throughout its use, secure critical information like credentials, and perform shared analysis on sensitive data, with support for a secure enclave. The processors will also include Total Memory Encryption for ensuring all data accessed by the CPU is encrypted, and cryptographic accelerators are included to reduce the overhead of security functions. 

(Dark Reading)

Thanks to this week’s sponsor, Trusona

Trusona enables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona’s passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don’t have to work around.

Carnival Cruise Confirms Customers Compromised 

The company confirmed that both customer and employee data from Carnival Cruise Line, Holland America Line, and Seabourn were compromised as part of a ransomware attack on August 15th. Information accessed may include names, addresses, phone numbers, passport numbers, and dates of birth, with Carnival also saying in limited instances Social Security numbers, health information, or other personal information could have been exposed. Carnival did not say how many customers and employees were impacted by the breach, what strain of ransomware was used, or how its systems were breached. The company is notifying impacted users, but said verifying all those affected could take up to 60 days. 

(InfoSecurity Magazine)

Bleedtooth vulnerability could allow for zero click attacks

Google security engineer Andy Nguyen identified Bleedingtooht, a set of Bluetooth exploits in the Linux kernel. The attacker would need to be in Bluetooth range of a device and know the bd address of the target. By sending a malicious l2cap packet, an attacker would be able to initiate a denial of service attack or even execute arbitrary code, with kernel privileges. Patches are available, but all Linux kernels before version 5.9 that support the BlueZ Bluetooth protocol stack are vulnerable.

(Security Week)

Researchers demonstrate the vulnerability to Apple’s T2 chip

We reported last week that security researchers with Team t8012 found that Apple’s T2 chip was vulnerable to the Checkm8 exploit. Now the group has demonstrated the exploit on a Mac using a modified USB-C cable without any other user interaction. The team is now working on a demonstration of installing a keylogger using the exploit. One of the security researchers on the team, Rick Mark said there is nothing Apple can do to fix the exploit on the T2 chip, but that the company could provide a tool to verify the integrity of the machine against checkm8 and flag a failure.

(9to5Mac)

A new report details the security and privacy impact of COVID-19

The human rights watchdog Freedom House published their annual Freedom on the Net report, which found that the COVID-19 pandemic has seen an acceleration of the cyber sovereignty movement among nation states, and used it as a pretext to increase domestic surveillance programs. Out of 65 countries representing 87% of worldwide internet users\, 54 countries implemented digital contact tracing systems that did not follow security and privacy best practices, often logging GPS location data, call logs and more. At least 30 counties expanded mass surveillance to integrate with telecom companies to monitor things like phone logs. At least 13 countries dealt with government imposed internet shutdowns. 

(Wired)