Risk Radar Free Cyber Newsletter – Jun 20, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

No recourse, perhaps, for 200M affected in breach of RNC database, attorney says
200 million registered voters had their information available on an improperly secured cloud server. The RNC was using Deep Root Analytics (DRA) to collect and analysis the data. This is another example of third party contractors causing security issues for the main business. Since most of the information in the data base is publicly available there may be no recourse for effected people.
Say Goodbye to SMBv1 in Windows Fall Creators Update
The September update in the Windows Fall Creators update will be removing SMBv1. Removing SMBv1 has been planned for years, well before WannaCry became an issue. This SMBv1 removal is only for Windows 10. There are mitigations for older Windows OS versions, but Microsoft is strongly encouraging people to move up to Windows 10.
Mirai botnet army could have been larger, more destructive: report
Security researchers have found additional vulnerabilities in the IoT devices used in the Mirai botnet. If the developers had found and used these additional vulnerabilities the Mirai botnet could have been much worse. Additional interesting details are covered in the article.
Someone Failed to Contain WannaCry
Researchers have found coding and implementation mistakes in WannaCry. These mistakes also indicate that WannaCry got out before the developers wanted it to. The type of mistakes made seem to indicate that WannaCry was still being worked on and escaped before it was ready. I am glad the WannaCry developers made the mistakes they did.
Post-WannaCry, 5.5 Million Devices Still Expose SMB Port
One would hope the amount of exposed SMB port 445 on the internet would be much less after WannaCry. The amount of exposed port 445 has gone up after WannaCry. There is still much work to do, hopefully these known problems are addressed going forward.
IoT Malware Activity Already More Than Doubled 2016 Numbers
IoT devices are being targeted by malware at a high rate in 2017.  Malware for IoT devices have already increased two fold over 2016, and we still have half of 2017 to go. It looks like 2017 is going to be the year that IoT devices became a big security problem.