This week in the Security News: Military intelligence, Chrome updates, an exploit for the firewall, racing the kernel, creepy spyware goes away?, weaponizing security complexity, same old tricks, the largest crypto hack, suing journalists, targeting your battery backup, the teenager behind Lapsus$, spring exploits just in time for spring, and hacking your Honda Civic, & more!
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Executive Director at RM-ISAO
Product Security Research and Analysis Director at Finite State
An Estonian man was sentenced today to more than five years in a U.S. prison for his role in at least 13 ransomware attacks that caused losses of approximately $53 million. He is also ordered to pay $36 million in restitution.
Researchers have found a vulnerability that can be exploited through a replay attack to unlock and remotely start certain Honda and Acura vehicles made between 2016 and 2020. The attack captures radio frequency signals sent to the car from a key fob and replays them at a later time. The researchers recommend that the car manufacturers use “rolling” or “hopping” codes.
Microsoft is adding a Vulnerable Driver Blocklist to Windows Defender on Windows 10, Windows 11, and Windows Server 2016 or newer. The blocklist will comprise information from Microsoft and from OEM partners.
The FBI has issued a TLP: White Private Industry Notification warning that Triton malware, also known as Trisis, is still a threat to critical infrastructure industrial control systems (ICS) around the world. The bulletin describes the threat, including the 2017 Triton attacks targeting a petrochemical company in the Middle East.
The Ukrainian Security Service (SSU) has revealed it has shuttered more than 100,000 bogus social media accounts that were part of a bot farm operated out of Kharkiv, Cherkasy, Ternopil, and Zakarpattia that was spreading fake news over social media designed to instill fear and discourage Ukrainian citizens from defending their country.
Ukrainian national telecommunications operator Ukrtelecom says it is now trying to restore Internet service in Ukraine after being hit by a "major cyber-attack" that resulted in connectivity dropping to just 13 percent of pre-war levels throughout the country.
Service is being restored on a priority basis.
What would you do if your ISP was offline? Do you know where you fit on their service restoration plan?
Google on 3/25 shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited. Updates are also available for chromium browsers such as Brave and Edge.
Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has released a hotfix that can be automatically installed.
There are no mitigations for this flaw. Make sure you're on a supported firmware revision.
The Federal Air Transport Agency Rosaviatsiya is responsible for overseeing the civil aviation industry in Russia. Its website favt.ru went offline on Monday and has been unreachable since.
"Due to the temporary lack of access to the Internet and a malfunction in the electronic document management system of the Federal Air Transport Agency, the Federal Air Transport Agency is switching to a paper version," reads the Rosaviatsiya statement signed by the agency's head Alexander Neradko.
The general public has varied opinions of biometric authentication, and an increasingly reluctant relationship with it, as more and more facial recognition is forced upon us (especially those of us that travel frequently). Facial recognition doesn't work for everyone, so what other options do we have?
In this interview, we'll explore accessibility...
On this segment, we talk a lot about AI, new technologies, and the future from a personal and consumer standpoint. Not a lot of enterprise-relevant stuff in the news today, but consumer products and AI will have a HUGE long-term impact, so that's how we're justifying today's topical focus ;)