- 1. Would Banning Russia From Getting Software Updates Make It Easier to Hack?
"The ban on software updates, specifically, captured the attention of cybersecurity experts. One of the most basic pieces of advice for consumers and companies is to make sure all software is updated to the latest version, because known vulnerabilities are patched out. If Russia was prevented from updating software, this would, in theory, make unpatched systems easier to hack. Dmitri Alperovitch, a cybersecurity veteran and the chairman of the Silverado Policy Accelerator, told Motherboard in an online chat that such a ban is “just going to drive them even more towards open source [software].”"
- 2. Crowd-sourced attacks present new risk of crisis escalation
"From our perspective, this sudden appearance of many different highly motivated actors of wildly differing levels of capability presents a special hazard given the current political environment. Even low-capability actors have a possibility of getting lucky, and if they get lucky in the wrong place, real-world consequences could come into play. These groups may be mistaken for state-sponsored organizations, without understanding what kind of reactions they might trigger. This is our greatest concern, that the response to a misattributed attack will lead to an escalation in the conflict. "
- 3. Protecting Field Programmable Gate Arrays From Attacks
"Features like side-channel attack protection, anti-tampering, and anti-cloning help FPGAs provide hardware-enforced isolation, identity management, and accelerated authentication."
- 4. Hackers Begin Weaponizing TCP Middlebox Reflection for Amplified DDoS Attacks
- 5. Reality Winner’s Twitter account was hacked to target journalists
"Reality Leigh Winner is an American former intelligence specialist who, in 2018, was sentenced to five years and three months in prison for unauthorized release of classified information to the media."
- 6. Linus Torvalds prepares to move the Linux kernel to modern C
"So why bother? The change being made doesn't include useful features that appear in newer versions. The situation came to Torvald's attention when, in order to patch a potential security problem with the kernel's linked-list primitive speculative-execution functions, another problem was revealed in the patch. While fixing this, Torvalds realized that in C99 the iterator passed to the list-traversal macros must be declared in a scope outside of the loop itself. "
- 7. Nvidia Hit by Possible Cyber Attack – ExtremeTech
"Given the timing of the attack, it certainly raises questions about if it’s at all tied to the recent Russian aggression in Ukraine as the cyber attack began at roughly the exact same time as the Russian incursion into Ukraine. Shortly thereafter, the US announced major sanctions against Russia in retaliation for its actions, so it’s possible that hackers friendly with Russian interests could be counter-attacking, and a huge and important company like Nvidia would certainly be a juicy target. However, several days ago the Secretary of the Department of Homeland Security, Alejandro Mayorkas, said the US doesn’t know of any specific and credible threats targeting US companies at this time, but that companies should be prepared just in case. " - Every breach is not Russia, or is it?
- 8. DarkTracer : DarkWeb Criminal Intelligence on Twitter
- 9. vx-underground on Twitter
- 10. Conti ransomware gang chats leaked by pro-Ukraine member
Interesting how this is split: "A member of the Conti ransomware group, believed to be Ukrainian of origin, has leaked the gang’s internal chats after the group’s leaders posted an aggressive pro-Russian message on their official site, on Friday, in the aftermath of Russia’s invasion of Ukraine. The message appears to have rubbed Conti’s Ukrainian members the wrong way, and one of them has hacked the gang’s internal Jabber/XMPP server. Internal logs were leaked earlier today via an email sent to multiple journalists and security researchers."
- 11. Namecheap is banning Russians, asks them to switch registrars
Good idea? "Namecheap also asked Russian users to move their top-level domains to other providers until March 6 and offered to help those who reach out for assistance with the move. "
- 12. Alan Framework
- 13. Triaging A Malicious Docker Container – Sysdig
"If your endpoint must be exposed, Docker recommends configuring a docker context in order to only expose the Docker socket to users who are able to log into the Docker host via SSH. An alternative, and also complementary solution to creating a docker context, is a zero-trust infrastructure architecture, where only known or signed containers are allowed to run. In addition, proper zero-trust implementations necessitate that communication between containers is only possible when containers are able to authenticate among themselves via pre-shared certificate."