Posted by Taylor Armerding on October 23, 2018
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.
Voter records for sale on the dark web, what the ONWASA ransomware attack says about the state of critical infrastructure security, and the government does DMARC adoption right. Watch this week’s episode here:
via Anomali Labs: First, the bad news: Someone is selling voter records, as many as 35 million of them from 19 states, on a dark web forum. Information might include the usual personal info, party affiliation, voting history (participation, not actual votes), and so on. Oh, and the data seems to be coming through legitimate channels (or at least from legitimate sources). The seller has even promised to provide weekly updates to buyers. Unfortunately, there’s not much you can do to protect against this kind of insider threat. But now for the good news: This segment is not about software security! No one hacked a voting machine. No one breached a voter database. Win? Find out more about the potential consequences of voter records for sale here.
via Onslow Water and Sewer Authority: Should we pity the Onslow Water and Sewer Authority, which suffered a ransomware attack in the wake of Hurricane Florence a month ago? Of course, we sympathize with the customers. Having just survived a hurricane, they now face service delays for weeks to come. But the press release about the ONWASA ransomware attack raises questions. For example, the organization says it now must “undertake the painstaking process of rebuilding its databases…from the ground up.” So can we assume the attackers somehow sneaked into their off-site backups and encrypted those too? They did have off-site backups, right? Learn more about how the attackers brought down ONWASA. Then create a disaster recovery plan.
via Fareed Bukhari, Agari: DMARC is an email protocol for, among other things, ensuring that email senders are who they say they are and rejecting emails otherwise. Since the human element is unpatchable and will always be susceptible to breach, organizations should view DMARC adoption as a big step toward protecting their employees. The Department of Homeland Security agrees. Last year, they issued Binding Directive 18-01, with a mandate for all federal domains to implement DMARC. At the time, only 18% had done so. But today, that number has soared to 85%. There’s still some work left to do, but it’s always nice to see the government outpacing private industry in security. (Unlike the ONWASA ransomware attack.) Watch this segment to learn more about DMARC adoption in the federal government.
Get the latest AppSec news and trends sent directly to you.