Threat Source newsletter (Jan. 26, 2019)

Event: Talos Insights: The State of Cyber Security at Cisco Live Barcelona
Location: Fira Barcelona, Barcelona, Spain
Date: Jan. 27 – 31
Speakers: Warren Mercer
Synopsis: Cisco Talos specializes in early-warning intelligence and threat analysis necessary for maintaining a secure network. We are responsible for defending networks realize that the security threat landscape is constantly in flux as attackers evolve their skills. Talos advances the overall efficacy of all Cisco security platforms by aggregating data, cooperating with teams of security experts, and applying the cutting-edge big data technology to security. In this talk, we will perform a deep analysis of recent threats and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.

• Apple once again denied the FBI’s request for the company to unlock an iPhone belonging to someone involved in a criminal investigation. The agency is attempting to access a device belonging to a man who shot and killed multiple people at a naval base last year. 
• This caused U.S. President Donald Trump to enter the fold. Trump tweeted that he was unhappy with Apple denying law enforcement access to devices “used by killers, drug dealers and other violent criminal elements.” 
• More than two weeks after a ransomware attack, foreign currency exchange service Travelex is finally resuming normal operations. The company recently said it was making “good progress” on recovery and was expecting customer-facing systems to return soon. 
• The Travelex attack prompted the U.S. government to release a new warning that users need to update their VPN services as soon as possible. Vulnerabilities disclosed last year in Pulse Secure VPN leave users open to cyber attacks similar to the ransomware infection on Travelex, according to the U.S. Cybersecurity and Infrastructure Security Agency. 
• The Democratic party in Iowa says it will still use a mobile app to report primary election results, despite warnings that it is a security risk. Election judges will use the apps to count polling results during the presidential primaries and report those results on their mobile devices, though officials say there will be paper backups to verify the results. 
• The estimated cost of a recent cyber attack on the city of New Orleans is above $7 million, $3 million of which the city says it will recoup from its cyber insurance policy. Officials say it will still take months to rebuild their internal network, and departments are still digging out from having to manually carry out many functions for weeks. 
• The U.S. election security czar warned that attempts to interfere in the U.S.’ upcoming presidential election will be more sophisticated than ever. Shelby Pierson said at a recent presentation America is tracking several hacking groups, including a recent effort uncovered to breach a Ukrainian company at the center of President Donald Trump’s impeachment trial. 
• A critical vulnerability in a popular WordPress plugin leaves more than 300,000 sites open to attack. An attacker could exploit a bug in InfiniteWP to log in as an administrator on any affected site.  
• Android devices infected with the Faketoken malware began sending offensive SMS messages last week. It sends these messages to foreign numbers, potentially costing the victim money based on their carrier’s policies. 
• The U.S. may invest more than $1 billion into researching alternatives for 5G to avoid working with Chinese tech companies Huawei and ZTE. Legislation submitted in the Senate urged America to counter the Chinese government’s investment in the telecom space.

Notable recent security issues