Security News – Paul’s Security Weekly #613

July 29, 2019




In the Security News, a phishing scheme that targets AMEX cardholders, the list of labs affected by the American Medical Collection Agency data breach continues to grow, a Silk Road drug dealer gets caught converting Bitcoin to cash, how GDPR is forcing the tech industry to rethink Identity Management and Authentication, and a Mirai-Like botnet wages massive application layer DDoS attack!

Paul's Stories

  1. How to improve the hiring and retaining of infosec professionals? - Help Net Security
  2. Every minute, $2.9 million is lost to cybercrime - Help Net Security
  3. Answer These 9 Questions to Determine if Your Data Is Safe
  4. Fact vs Fiction: The Truth About Breach and Attack Simulation Tools | SecurityWeek.Com
  5. Crypto-Mining Botnet Implements BlueKeep Scanner | SecurityWeek.Com
  6. If youre struggling with Windows 10 migration, updates will be an even bigger challenge - Help Net Security
  7. Average data breach cost has risen to $3.92 million - Help Net Security
  8. InfoSec Handlers Diary Blog - May People Be Considered as IOC?
  9. How GDPR is Forcing the Tech Industry to Rethink Identity Management & Authentication
  10. When it comes to the IoT, Wi-Fi has the best security
  11. How IoT Opens the Door for Insider Attacks Against Industrial Infrastructure | SecurityWeek.Com
  12. Picture Perfect: How JPG EXIF Data Hides Malware - OpenDNS Umbrella Blog
  13. Mirai-Like Botnet Wages Massive Application-Layer DDoS Attack
  14. U.S. Warns of 5G Wireless Network Security Risks | SecurityWeek.Com
  15. PKWARE contributing to the development of PCI Security Standards - Help Net Security
  16. Kazakhstan Begins Intercepting HTTPS Internet Traffic Of All Citizens Forcefully
  17. Security or compliance? Stop choosing between them - Help Net Security
  18. Science Fiction Writers Helping Imagine Future Threats - Schneier on Security
  19. Rapper Who is Very Concerned with Password Security
  20. Security Considerations in a BYOD Culture
  21. Programmer from hell plants logic bombs to guarantee future work
  22. US Attorney General Says Encryption Creates Security Risk | SecurityWeek.Com

Larry's Stories

  1. APT17 aka DeputyDog has been revealed as an operation of Chinese Ministry of State Security
  2. The list of laboratories and other healthcare clients affected by the data breach at American Medical Collection Agency continues to grow - as does the number of patients whose data may have been exposed
  3. And the Huawei plot thickens… - Huawei secretly helped North Korea build and maintain its 3G mobile network, potentially breaking US sanctions in the process, a new report has sensationally claimed. A former employee leaked sensitive internal documents to The Washington Post, allegedly revealing a number of projects related to building out 3G in the hermit state. The documents are said to refer to North Korea, and countries like Iran and Syria, by code.

Lee's Stories

  1. Phishing Scheme Targets Amex Cardholders Bougus account update Email used. Malicious URL split in two to avoid filters.
  2. Analysis of Elusive MegaCortex Ransomware Attacks Domain Cotroller, installs Cobalt Strike, leverages PsExec to deliver ransomware as winnit.exe.
  3. Kazakhstan Government Requires Root Certificate install The Kazakhstan government is requiring all citizens to install their root certificates on system as a protection mechanism, it also allows interception of HTTPS traffic as their certificate will be trusted.
  4. Apple Releases multiple updates watchOS 5.3, macOS 10.14.6, Safari 12.1.2, tvOS 12.4, iOS 12.4 (and 10.3.4, 9.3.6 for older devices), iCloud and iTunes also updated.
  5. Scientists Find Key to Sending Data Trhough Music: Van Halen Audio Stenography works best with rock music. Encode message (e.g. URL) so human ear cannot decode, but any device with app can.
  6. 7.5TB Breach Reveals Secret Russian IT Projects Twitter account @0v1ruS seems to be tied to @D1G1R3V (DigitalRevolution) who is motivated by information freedom in Russia.
  7. Equifax, Regulators Close to signing $700M Settlement $700M to settle data breach lawsuits. Options include 6 more years credit monitoring, reimbursement up to $20K, and extended monitoring for affected minors.
  8. Silk Road Drug Dealer caught when converting bitcoin to cash Poor operational security choices exposed the blockchain to DHS who traced the Bitcoin origins to Silk Road rather than claimed successful Bitcoin Mining.
  9. New Phishing for O365 users Fake login page, which tests credentials immediately using IMAP, plus real error page, which isn't often done. Mitigation: MFA plus disable legacy protocols such as IMAP/POP.
  10. VPN Flaw in Global Connect allows authentication bypass. CVE-2019-1579 allows login to Palo Alto VPN bypassing username/password. While here is a fix, older code still online. 22 servers operated by Uber were identified.

Jeff's Stories

  1. Facebook's 5 Billion FTC Fine is Just the Start of its Problems
  2. Two charged with terrorism over Bulgaria's biggest data breach
  3. Marriott Faces Massive $123 Million GDPR Fine For 2018 Security Breach
  4. Louisiana governor declares state emergency after local ransomware outbreak

Full Show Notes:

Visit for all the latest episodes!


Full Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor's Page





[caption id="attachment_210" align="alignleft" width="120"]Jeff Man Jeff Man - Sr. InfoSec Consultant[/caption] [caption id="attachment_210" align="alignleft" width="120"]Joff Thyer Joff Thyer - Security Analyst[/caption] [caption id="attachment_210" align="alignleft" width="120"]Larry Pesce Larry Pesce - Senior Managing Consultant and Director of Research[/caption] [caption id="attachment_210" align="alignleft" width="120"]Lee Neely Lee Neely - Senior Cyber Analyst[/caption] [caption id="attachment_210" align="alignleft" width="120"]Matt Alderman Matt Alderman - CEO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Paul Asadorian Paul Asadorian - CTO[/caption]


[caption id="attachment_210" align="alignleft" width="120"]Test Guest Test Guest - None - bioograpyh[/caption]


  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for our upcoming webcasts with (ISC)2 by going to If you have missed any of our previously recorded webcasts, you can find our on-demand library at
  • Security Weekly is returning to Vegas this August for BlackHat and DefCon! If you would like to request a briefing or sponsor an interview on-site at BlackHat, please go to and submit your request!
  • Security Weekly will be at Hacker Halted in Atlanta, GA this October 10th-11th! EC-Council is offering our listeners a 15% discount to sit for any of their Bootcamp Courses or Workshops! Visit to register now!

[audio src=""]

prestitial ad