- 1. Scanning for Secrets in Source Code
- 2. John McAfee Indicted for ICO Manipulation, Securities Fraud – Security Boulevard
- 3. BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks
Bleh, these articles simply don't help. I get the goal may be to present security in a simplistic way so that the majority of people can understand. However, watering it down too much results in useless advice, like this: "Secure home router. It’s essential to take simple steps to protect your home internet and change your router’s password to stop your network from being vulnerable." I'd argue these problems fall on us as security professionals to make security something that we worry about and improve, rather than the end-users.
- 4. Compliance – The Invisible Hand Guiding Cybersecurity
Uhm, little or no human intervention? Really? Please explain... "A secure configuration management tool combines network monitoring and Endpoint Protection methodology to compare monitored systems against an approved configuration baseline or a golden image. Deviation from this baseline, known as test failures, can usually be corrected with little or no human intervention."
- 5. F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs
- 6. Researcher finds 5 privilege escalation vulnerabilities in Linux kernel
- 7. Microsoft Windows Containers Privilege Escalation – Exploitalert
- 8. What we know about the attack targeting Microsoft Exchange Servers
- 9. Linux Systems Under Attack By New RedXOR Malware
OMG, it's so hidden! "After execution, RedXOR creates a hidden folder (called “.po1kitd.thumb”) inside a home folder, which is then utilized to store files related to the malware. Then, it creates a hidden file (“.po1kitd-2a4D53”) inside this folder. The malware then installs a binary to the hidden folder (called “.po1kitd-update-k”), and sets up persistence via “init” scripts."
- 10. Idaho Man Charged With Hacking Into Computers in Georgia
"Hacking" is not the term I would use here: "Between June 2017 and April 2018, Purbeck is accused of buying the usernames and passwords to computer servers belonging to multiple Georgia victims and then using that information to access their computer to steal personal information." Also, one of his handles was "studmaster", so, there's that.
- 11. “Puss in Boots” and social engineering
An outstanding example of social engineering: "The cat asks his master to bath naked in the river and hides his clothes afterwards. Then, he stops the royal carriage under the pretence that his master has been robbed and requests the king’s assistance. This event exemplifies an important stage in every scam, the “hurrah”. It is an artificially induced crisis to force the victim to take a rush decision. " Also, an extremely well-written article, a refreshing change of pace :)
- 12. New Side-Channel Attack Targets Intel CPU Ring Interconnect
- 13. 5 free network-vulnerability scanners
Free is more like a trial and not full-featured software. They all do it differently, Tenable allows you to scan 16 IP addresses, Rapid 7 has a community edition that is good for one year. I could not find a chart listing the differences between these versions, are they limited in comparison to the commercial version.
- 14. Hack of ‘150,000 cameras’ investigated by camera firm
- 15. Linux Foundation launches software signing service
LOL: "The “sigstore aims to make all releases of open source software verifiable, and easy for users to actually verify. I’m hoping we can make this easy as exiting vim,” said Dan Lorenc of Google’s Open Source Security Team, joking about the tough-to-quit text editor." Also, how do we prevent a developer who maintains a large and popular open-source project from Russians who drop a bag filled with $20 million cash from introducing a backdoor. More eyes on it? Maybe, but the codebase is so large and complex I'd bet it would go undiscovered for a really long time, long enough to buy your own island...
- 16. Technical Advisory: Dell SupportAssist Local Privilege Escalation (CVE-2021-21518)
- 17. Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
"SoC Ring interconnect is an on-die bus arranged in a ring topology which enables intra-process communication between different components (aka agents) such as the cores, the last level cache (LLC), the graphics unit, and the system agent that are housed inside the CPU. Each ring agent communicates with the ring through what's called a ring stop. To test their hypothesis, the researchers reverse-engineered the ring interconnect's protocols to uncover the conditions for two or more processes to cause a ring contention, in turn using them to build a covert channel with a capacity of 4.18 Mbps, which the researchers say is the largest to date for cross-core channels not relying on shared memory, unlike Flush+Flush or Flush+Reload."
- 18. Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities
- 19. Google Chrome to block port 554 to stop NAT Slipstreaming attacks
How would this impact enterprises? "Chrome briefly blocked port 554 before, but it was unblocked due to complaints from enterprise users. However, we have now achieved rough consensus at https://github.com/whatwg/fetch/pull/1148 to block 554"
- 20. Israeli spyware firm NSO Group faces renewed US scrutiny
How do we feel about companies such as this: "The Israeli company, which makes hacking software that it sells to foreign governments and law enforcement authorities for the stated purpose of tracking terrorist and criminals, has faced a number of allegations that its clients have used its software to target journalists, government officials and human rights campaigners."
- 21. How I Might Have Hacked Any Microsoft Account
"Putting all together, an attacker has to send all the possibilities of 6 and 7 digit security codes that would be around 11 million request attempts and it has to be sent concurrently to change the password of any Microsoft account (including those with 2FA enabled). It is not at all a easy process to send such large number of concurrent requests, that would require a lot of computing resources as well as 1000s of IP address to complete the attack successfully."
- 22. Passing a compliance audit in the cloud doesn’t have to be hard
Hrm, maybe? "Once the automation is in place in the cloud, passing audits will be a matter of routine rather than a source of anxiety."
- 23. Hackers access 150,000+ security cameras in massive Verkada hack
"It is being reported that more than 100 Verkada Inc. employees had access to thousands of cameras used by its customers whilst they were unaware that the company could peer through their cameras. This list of these customers/clients includes police departments, schools, top firms, and hospitals, etc."