AWS re:INVENT 2017 recap

• Everything is everything
• After winter, must come spring
• EKS kubernetes
• aws farnet
• aws lambda
• aws Aurora
• aws IoT
• aws Sumerian
• aws cloud9
• stop and resume on spot
• save up to 90% on spot fleet

TrendLabs: Digital Extortion: A Forward-looking View

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/digital-extortion-forward-looking-view/

Plex: Virtual Reality on Daydream

You can now experience your movies and shows in dazzling virtual reality with Plex on Google Daydream. From an upscale condo to an enchanting drive-in, you’ve never experienced your media like this before AND you can share the love! Interact with different scenes and chat with friends while you Watch Together (available with Plex Passbut free for the first week!). Click for more details about virtual reality, device requirements, and co-watching.

EXPERIENCE VR

TrendLabs: Malvertising Campaign Abuses Google’s DoubleClick

Figure 1. Activity of the malvertising campaign from January 18-24

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/malvertising-campaign-abuses-googles-doubleclick-to-deliver-cryptocurrency-miners/

ResourceSpace: DAM vs. Dropbox

TrendLabs: Lazarus Campaign Targeting Cryptocurrencies

Figure 2: Malicious CHM file used as RATANKBA lure

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/lazarus-campaign-targeting-cryptocurrencies-reveals-remote-controller-tool-evolved-ratankba/

Plex: New year, new Xbox One

The newest update to Plex for Xbox One brings so many improvements under the hood, you'd think it was a completely new app! We've brought the heat with new audio, video, and photo players. What else? How about direct streaming HEVC for Xbox One S and One X! Enjoy an even smoother, more beautiful experience using Plex and update right from your Xbox.

GET THE DETAILS

Puppet highlights in 2017

New year, exciting new products, resources and more! 2017 was an incredible year! Let’s take a look back at some highlights from Puppet’s best year yet. View infographic

TrendLabs: Motivations and Methods of Web Defacement

Cybercrime takes on many forms, but one of the long-standing tactics attackers use is web defacement—the act of compromising and vandalizing a website. Typically, these attackers—known as web defacers—replace the original page with their own content, boldly stating a political or social message. This is not a new phenomenon, but it is an enduring one. We’ve analyzed data that goes back almost two decades, and we’ve seen how the process of web defacement is still being used nowadays.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/hacktivism-web-defacement/

NewTek: Capture Without a Card: Using NDI® with OBS

Capture Without a Card: Using NDI® with OBS

TrendLabs: Server Exploits Used For Cryptocurrency Mining

Figure 3. Number of hits in November – December

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/struts-dotnetnuke-server-exploits-used-cryptocurrency-mining/

ResourceSpace: how AI will change the future of DAM

FSF: Intel Management Engine – Take Action

If there is an event at your university or in your community addressing the Intel chip bugs, we urge you to distribute printed copies of our report on the Intel ME by Denis GNUtoo Carikli, with the following foreword by Free Software Foundation president Richard Stallman:

Meltdown and Spectre are errors. Grave errors, to be sure, but not evidently malicious. Everyone makes mistakes.

Intel has done far worse with its CPUs than make a mistake. It has built in an intentional back door called the Management Engine.

Important as these bugs are, don't let Intel's mistakes distract you from Intel's deliberate attack!

Download a printable PDF of the article here.

TrendLabs: GhostTeam Adware can Steal Facebook Credentials

Figure 1: Top countries most affected by GhostTeam
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/ghostteam-adware-can-steal-facebook-credentials/

ADMIN: First Malware for macOS in 2018

“OSX/MaMi isn't particular advanced - but does alter infected systems in rather nasty and persistent ways. By installing a new root certificate and hijacking the DNS servers, the attackers can perform a variety of nefarious actions such as man-in-the-middle'ing traffic (perhaps to steal credentials, or inject ads),” wrote Wardle.
REF: http://www.admin-magazine.com/News/First-Malware-for-macOS-in-2018

TrendLabs: UK Conviction Arises out of Trend Micro and NCA Partnership

Figure 1. Advertisement for Cryptex listing many of its features

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/uk-conviction-arises-out-of-trend-micro-and-nca-partnership/

DNS resolution change for Google Compute Engine

In the coming months, all VMs in newly created Compute Engine projects will use zonal DNS names by default. These VMs' DNS configuration will differ from current VMs in the following ways:

• The "search" entry in resolv.conf ("c.[PROJECT_ID].internal") will be changed to "[ZONE].c.[PROJECT_ID].internal"
• The VM domain name ("c.[project-id].internal") will be changed to "[zone].c.[project-id].internal"
• The VM fully-qualified domain name ("[vm-name].c.[project-id].internal") will change to "[vm-name].[zone].c.[project-id].internal"

International Shopping in Amazon App

REF: https://www.amazon.com/gp/b/ref=pe_3518040_264868100_pe_btn/?node=17052338011

TrendLabs: Patch Tuesday Fixes Meltdown and Spectre

This year’s first Patch Tuesday is a busy one. Microsoft released 56 updates that include patches for the Meltdown and Spectre vulnerabilities. The patches also addressed security issues in Windows OS, Internet Explorer, Edge, Office, ChakraCore, ASP.NET, and .NET Framework. Sixteen were rated critical and 38 important, 20 of which can result in remote code execution (RCE).
REF:  http://blog.trendmicro.com/trendlabs-security-intelligence/januarys-patch-tuesday-fixes-56-security-issues-including-meltdown-spectre/

TriCaster Mini: Ultra portable, infinitely flexible.

ResourceSpace: new Google VR view

The Best Advice For Remote Work Success From 10 Global Teams

REF: https://blog.trello.com/remote-work-team-success-guide

TrendLabs: Malicious App Signs Users Up for Premium SMS Services

Figure 1. Swift Cleaner, the malicious app posing as an Android cleaning app

REF: http://blog.trendmicro.com/trendlabs-security-intelligence/first-kotlin-developed-malicious-app-signs-users-premium-sms-services/

Multitasking: How To Do It The Right Way

Multitasking: is it actually a good thing? Scientific research suggests there are ways to manage multiple tasks effectively. 

REF: https://blog.trello.com/why-multitasking-is-good-for-you

TrendLabs: Understanding Meltdown and Spectre

Solutions and best practices

Users have no way to mitigate this threat; the responsibility of doing so ultimately falls on vendors who have released multiple patches to mitigate Meltdown. Microsoft has released documents that cover both server and client versions of Windows:

• Windows Server guidance to protect against speculative execution side-channel vulnerabilities
• Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities

Note that in order to receive automatic updates from Microsoft, a registry key must be in place on the affected system. Details can be found in this article.

Apple’s December updates for macOS (released last December 2017) already resolved this vulnerability as well. As noted earlier, patches for Meltdown have been merged into the Linux kernel. It is up to individual vendors to release this update for their distribution; some vendors such as Debian, Red Hat, and SUSE have released bulletins and patches as appropriate.

REF: http://blog.trendmicro.com/trendlabs-security-intelligence/speculation-risky-understanding-meltdown-spectre/

Graylog v2.4.0 of 2018

QuickValue Widget Improvements:  Stack data with another field, such as a source address to get a new result set with all destination addresses of this field. This is a top method for threat hunting! Sort the result set based on the field value or count, which is useful if you want to find the most common or uncommon values. Build a chart of a result set over time to detect important changes or past outliers.  We have also moved four plugins from Graylog Labs into Core: AWS, Threat Intelligence, NetFlow, and CEF. Download Now

TrendLabs: Apps Disguised as Security Tools

Figure 1. Malicious apps found on Google Play, detected by Trend Micro Mobile Security

We notified Google of these apps, and at the time of writing all the apps have been removed from Google Play.

REF: http://blog.trendmicro.com/trendlabs-security-intelligence/apps-disguised-security-tools-bombard-users-ads-track-users-location/

Diving Into Deep Work Theory

REF: https://blog.trello.com/deep-work-productivity-interview-with-cal-newport

“Many think that focusing without distraction is a habit, like flossing their teeth—something they know how to do but simply need to make time to do more often. The reality, however, is that deep work is a skill, like playing the guitar—something that you shouldn’t expect to be good at if you haven’t been practicing.”

NewTek LivePanel for controlling

REF: https://www.newtek.com/store/

Plexivus for the rest of us!

REF: https://www.plex.tv/blog/catch-restart-android/

TrendLabs: New GnatSpy Mobile Malware Family Discovered

Figures 1 and 2. Old and new receivers and services

REF: http://blog.trendmicro.com/trendlabs-security-intelligence/new-gnatspy-mobile-malware-family-discovered/

Does Remote Work Increase Our Risk Of Impostor Syndrome?

The impostor phenomenon, also known as impostor syndrome, has been generating buzz in psychology and business circles since the 1970s. Common symptoms of impostor syndrome include feeling under-qualified for (or unworthy of) your job, even though success after success proves your abilities. Although you and everyone in your network considers you high-performing, you live with a persistent fear of being exposed as a fraud.

REF: https://blog.trello.com/does-remote-work-increase-impostor-syndrome-risk