Ninth US telecom breach confirmed. 3 million email servers without TLS. 2024 wrap-up.  

News

Hi folks,

Nothing major this week, except for a continued set of breaches by Chinese state hackers. Nine US telecoms breached in total now, dozens of telecoms in other countries, and the US bureau for economic sanctions as well. The digital battles continue!

There's quite a few other interesting reads that I wanted to share too of course. Enjoy!

Dieter

White House links ninth telecom breach to Chinese hackers

Quite the hacking spree. The same group also breached the US sanctions department through a compromise of the BeyondTrust support platform: link.

bleepingcomputer.com

Over 3 million mail servers without encryption exposed to sniffing attacks

Research from the Shadow Foundation found that 3.3 million IMAP and POP3 servers don't have TLS enabled, exposing usernames and passwords in plaintext. That number definitely surprised me, 3.3 million servers is a lot. I can't imagine they are all actively used? But then they shouldn't be open to the web in the first place I guess.

bleepingcomputer.com

Massive healthcare breaches prompt US cybersecurity rules overhaul

"These stricter cybersecurity rules would require healthcare organizations to encrypt protected health information, implement multifactor authentication, and segment their networks to make it harder for attackers to move laterally through them.". It's a shame that such basic things need to be put into law, and also that they aren't put into law yet. The sooner the better.

bleepingcomputer.com

The biggest cybersecurity and cyberattack stories of 2024

Great wrap-up list for 2024. For me, the Crowdstrike outage definitely tops the chart.

bleepingcomputer.com

Why it's hard to trust software, but you mostly have to anyway

An interesting deep dive on supply chain security.

educatedguesswork.org

Passkey technology is elegant, but it’s most definitely not usable security

Great opinion piece on where we are with passkeys and what the pitfalls still are. Reading this really brings home the "security is hard" problem.

arstechnica.com

T-Pot - The all-in-one multi honeypot platform

This is one hell of an impressive looking honeypot platform. I haven't tried it out, but damn. I figured it was worth sharing :-)

github.com

Breaches and leaks

  • Customer data from 800,000 electric cars and owners exposed online: link.
  • Hackers steal ZAGG customers' credit cards in third-party breach: link.
  • Hackers leaked data from Rhode Island ransomware attack: link.

Issues and fixes

  • Hackers exploit DoS flaw to disable Palo Alto Networks firewalls: link.
  • Thousands of industrial routers vulnerable to command injection flaw: link.

1Password for developers: secrets, SSH keys, and more

I don't think most developers realise how valuable 1Password can be. It doesn't just hold passwords, it also hold your SSH keys, signs your Git commits, injects token and other secrets in CLI scripts when you want, and much more. (Sponsored)

1password.com

No spam, ever. We'll never share your email address and you can opt out at any time.