Breaches and leaks
As I wrote last week, I'm starting to filter this section a bit more strictly, to prevent it from overwhelming the newsletter.
Please don't let that stop you from securing all your Elasticsearch databases, s3 buckets and MongoDB instances. Thank you.
- Swedish Healthcare Guide service: exposed recordings of 2.7 million phone calls on an open webserver since 2013. Slow, bitter clap.
- Indian LPG gas company: Leaked personal data, including the Adhaar biometric ID numbers, of 6.7 million people.
- 137 US restaurants had their point-of-sale systems (= the payment terminals) compromised with malware, which had access to credit cards used in January: link.
- Speaking of point-of-sale systems: Wendy's has to pay $50 million in settlements for a POS breach in 2015: link.
Lot's of news on this one. It's very interesting research, and it's awesome that it's being done. But don't panic: this is only a threat when someone completely owns your machine. At which point they can get almost everything anyway.
So for the love of <insert divine presence>, don't let it stop you from using a password manager. Or 2fa, which is a great extra layer of defence for this.
Hackernews has a good thread, and 1Password as well. (Disclaimer: 1Password is a sponsor of mine).
If you have Drupal 8 and the REST module enabled, you definitely want to update.
That's right, WinRAR is still a thing. The flaw has existed for 19 years, and allows for a malicious archive to execute code on your machine. If you use WinRAR, make sure you patch.
A specially crafted HTTP/2 request can cause the CPU to spike to 100%. Microsoft has released patches. I haven't seen anything about it being used in the wild, but I imagine you'll want to patch it before that happens.
Clickbait-y title aside, it shows an interesting bit of research to find out how long it takes state actors (and other hacker collectives) to spread out laterally across the network once one machine is compromised. They call this metric the "breakout time".
It seems it's hard these days to not mention Russia several times. I can only hope that my EU government is defending itself properly against these attacks.
Very interesting. They train to handle IT attacks on critical infrastructure and combat Russian propaganda.
Open source and very cool.
Solid overview of NPM related security tips.
Jakub sends a weekly newsletter with 5 links to C# related news. Very nice and clean way to stay up to date in the C# world.