News
Hi friends!
Last week felt somewhat calm on the infosec front, apart from the usual range of massive breaches and chaos of course. It's all relative.
One exciting thing I wanted to share: I'm moving away from full-time employment to taking my first steps into "being my own boss". I'm going to focus on helping multiple clients with their security, both on an advisory level (think vCISO) and from a security engineering perspective. If you have any advice for me going on this path, like good or bad experiences you previously had as a customer or service provider, I'd appreciate a ping. And if you want to work with me, make it a shout :-)
Cheers!
Breaches and leaks
- Computing giant MSI was breached and infected with ransomware: link.
- SD Worx, an HR and payroll giant, had to shut down all IT systems for its UK and Ireland services because of an attack: link.
- The owner of KFC, Pizza Hut, and Taco Bell disclosed a ransomware attack that happened in January: link.
- Kodi had its forums breached with user data and private messages stolen and offered for sale: link.
- Huyndai had a data breach impacting Italian and French customers and potential customers who took a test drive: link.
- German shipbuilder Lürssen suffered a ransomware attack: link.
No one matches vulnerabilities to your software better and easier
No one enjoys filtering through feeds or complicated dashboards, looking for vulnerabilities. With SecAlerts, choose your software from 112,000+ on our site, as well as the frequency and severity of the alerts you wish to receive - even get news matched to your software - and it's all sent in one easy-to-understand email. Vulnerability alerts just got easier. (Sponsored)
Apple fixes two zero-days exploited to hack iPhones and Macs
The fixes were also backported again, way to go Apple. Both issues are actively being exploited, so worth updating asap.
Microsoft patches 97 vulnerabilities, including actively exploited zero-day
More patches, glorious patches.
Ambitious project by Microsoft and Fortra to stop Cobalt Strike abuse
Cobalt Strike is a post-exploitation tool which helps with command and control, lateral movement, and a whole range of other things. In theory it is a legitimate, white-hat piece of software used by red teams, but cracked versions are often used by attackers. Microsoft is teaming up with Fortra, the owners of Cobalt Strike, to take down as many cracked copies as they can.
All Dutch government networks to use RPKI to prevent BGP hijacking
The Dutch government will adopt the RPKI (Resource Public Key Infrastructure) standard on all its systems before the end of 2024. BGP hijacking has been a big problem before so it's good to see this being tackled.
Nexx "fixes" remote garage lock flaw by disabling the remote part
That'll do it, sure. They consider this a "proactive" approach after ignoring the responsible disclosure for two months.
FBI and FCC warn against using public chargers
Maybe not new to most of you, but if you can avoid it then don't use public charging hubs. Once you plug in your USB cable it could be used to install malware on your phone. What was new to me was that this has a name, called "Juice Jacking". And that if you have to use the outlet you can block data transfer by using so called "data condoms". Ow my.
Printers pose persistent yet overlooked threat
Your regular reminder that printers are evil doomsday devices and should be treated as such. Also, they can be a security risk.
Hijacking cars through the headlights
Interesting read on the hijacking of some cars by breaking into the electronic control unit (ECU) of one of the headlights, of all places, and using it to move further onto the CAN bus.
Unlock any CLI with 1Password shell plugins
1Password is now available to use as a shell plugin, so you no longer need to copy-paste access keys from the browser into your cli, only to have them then be stored insecurely. There are already plugins for AWS, Github, Gitlab, Okta, Stripe, CircleCI, and many more. (Sponsored)