connected, hacked, leaked, so clowd

This week in 53 bullets :

1 - End the data economy, yes, but you are not ready ! To be private or to be convenient, here is the question.

2 - The cloud through github decided what code is good or not for you : GitHub's new policies allow removal of PoC exploits used in attacks.

One can wonder if you really own you data !

3 - If it comes from internet, it is most likely a scam - Watch out: These online casino emails never pay what they promise

4 - Tiktok suddenly developed an appetite for your biometric data, don't worry, you posted everything on facebook already :) TikTok Quietly Updated Its Privacy Policy to Collect Users' Biometric Data

5 - Crypto wallet are only as safe as where they are stored - Criminals Stealing More Than $280 Million Per Month From Crypto Transactions

6 - When an organization pays a ransom, it finance the attack on hundreds of others, don't pay ! Don't finance cyber terrorism ! New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions

7 - Signal security number mystery analyzed : Signal app safety numbers do not always change — here's why

8 - "The concept of least privileges, network segmentation and overlapping security controls are some of the cybersecurity basics that can be employed to fight cyberattacks" - was me on the Cyber Talk Africa Podcast.

A great discussion, about the threat landscape, a bit of me, I'm always happy to share awareness and speak about best practices ! I only one listener managed to enhance its security posture following this, that's already a win !

8 - K8 or Kubernetes is under attack on windows platform, I was about to say "ah ah, what can you expect on such horrible OS", but this week, actually today, a bad 7 years old privilege escalation bug have been discovered in linux polkit...bad bad bad : New Kubernetes malware backdoors clusters via Windows containers

9 - Old tricks still make it - Google Pay-Per-Click Ads in Search Lead to download Redline, Taurus, Tesla & Amadey Malware. That's a cheap way to distribute a payload / malware.

10 - Interesting move from a country in a conflicting area where threats are constant from threat actors - The World’s Strongest HazMat Cyber Rules – Yosi Shavit | Episode #60

Feedback from the field !

11 - Another podcast came live this week, we spoke about Amazon sidewalk, I'm against, they see some pros, and cons. Is amazon sidewalk a security and privacy risk that's not worth taking.

12 - Blockchain tracking has its benefits, as you know, blockchain is the ledger behind many crypto currencies, and its integrity can't be altered, it means each and every transaction can be tracked. Privacy only rely on the fact that we don't know the owner of a wallet ... unless we do :D US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware criminals

13 - The cloud is poisoned, downloading an app from app store is like playing Russian roulette - Bad Apple: App Store Rife with Fraud, Fleeceware

14 - You better have some advanced detection and response tools - Novel ‘Victory’ Backdoor Spotted in Chinese APT Campaign

15 - Incident response plan isn't optional ! US truck and military vehicle maker Navistar discloses data breach

16 - On the same good old trick does the job topic : Chinese APT Group Leverage Microsoft Office Vulnerabilities To Attack Government Agencies

17 - Ring is an extremely invasive device, and destroy privacy of your neighbours while they have the right to privacy, I think this is way too much, 1st amazon drop parcels in front of your doors, they are stolen, and then they sell you a 24/7 spying device that helps you couple of times a week, and give them 24/7 spying on your and anything around, this is not ok : Ring Changed How Police Request Door Camera Footage: What it Means and Doesn’t Mean

18 - The cloud steal the data you put in it, to build its own products, this is theft, but not in the cloud, because the cloud don't care about the laws, and you signed for it anyways : AWS Customers are Opting in to Sharing AI Data Sets with Amazon Outside their Chosen Regions and Many Didn’t Know - Guess why !

19 - This week a lot of the cloud went down when 1 single CDN went down, so much for resilience and availability : StackOverflow, Twitch, Reddit, others down in Fastly CDN outage , nothing you can do, just be aware and plan accordingly

20 - For organization having reached a defined maturity target in their cyber security and information security journey, the next step is actually to move to quantitatively managed stage - 5 Must - Have Features of Your Security Validation Tools

Enjoy the reading, kind of a checklist to keep in mind when you look at your cyber security maturity level.

20 - Your android device should have had a patch this week : Google Patches Critical Android RCE Bug

21 - Have you patched all your Intel devices (CPUs, motherboards, cards..) : Intel fixes 73 vulnerabilities in June 2021 Platform Update

22 - Law enforcement managed an amazing coordinated take down, through an encrypted app designed by them, and made available as encrypted platform for criminals, smart : An0m’ Encrypted-Chat Sting Leads to Arrest of 800

23 - 1.5TB of data stolen from ADATA manufacturer, via ransomware attack : Computer memory maker ADATA hit by Ragnar Locker ransomware

24 - Latest trend in ransomware is efficiency, especially encrypting target content faster, do achieve this, they just encrypt the beginning of the files : A New Ransomware Dubbed BlackCocaine Uses AES & RSA Encryption Methods

25 - Wireless is weak, even when you travel, even in airport - Lax Wi-Fi Security Leaves WeWork Tenants’ Records Exposed

26 - Rich are rich because they know how to escape the systems, this IRS leak has shown that the richest don't pay taxes, and even get child support, how disgusting is that last point ? IRS investigating leak revealing Elon Musk and other billionaires paid little in federal taxes - It's fine to make a lot of money, it's not fine to abuse the system.

27 - it's time to stop the cloud abuses : Amazon uses its data on consumer behavior to figure out which products are worth copying and then undercuts the manufacturers of products it sells, like shoes or camera bags

28 - No one is too big or too small to be a target : Spain's Ministry of Labor and Social Economy hit by cyberattack

29 - Credentials in repositories is a usual source of leaks and hacks, so github now try to spot an report them : GitHub now scans for accidentally-exposed PyPI, RubyGems secrets .... but how are we going to hack now ?!

30 - The more you are connected, as an organization as well, the more your attack surface grows : Organizations leveraging Microsoft Teams exposed to potential risk, keeping in mind that communications in teams is not yet even encrypted. This is very very bad, ZERO confidentiality

31 - Security by design is still far away : Most mobile finance apps vulnerable to data breaches

32 - Security Guidelines for storage infrastructure, brought by Continuity software, who contributed to this NIST publication - TARGET AUDIENCE : CSO, CTO, CSP and system and storage administrators

33 - You are hacked, you don't know it yet : Mysterious Custom Malware Collects Billions of Stolen Data Points

34 - Known as the ALPACA attack. Wildcard certificate were a bad idea, they allow attackers to take visitor to any other site without warning, and target them with malware : New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites

35 - Misconfiguration, one of the main source of leaks : Five Common Storage Security Misconfigurations

36 - Bloatwares are a big threat on smartphones, and any devices : Hackers can exploit bugs in Samsung pre-installed apps to spy on users - I run an grapheneos system on my phone, some sort of Android fork, with better security, so far, happy with it (but it could be a law enforcement based system.... now that I think about it... anyway due to some clearance they know it all already :D )

37 - Any connected platform is part of the attack surface : Steam Gaming Platform Delivering Malware

38 - Prometheus, the new Revil malware : Emerging Ransomware Targets Dozens of Businesses Worldwide , innovating faster than legit economy, transnational criminal organization are very agile.

39 - A dash of cyber, our somehow monthly podcast (linkedin Live) where we cover cybersecurity best practices, what we see in the field, how to avoid issues and protect your organization, last edition was yesterday - A dash of cyber, and not a dish of caber (With Ron, Brad, Rod and myself as "residents", and Dennis as guest this time)

40 - Law enforcement taking down bad actors in a row lately, good work : Slilpp, the largest stolen logins market, seized by law enforcement

41 - The internet of threats (IoT) strikes back - STEM Audio Table Rife with Business-Threatening Bugs

42 - Through the clowd, employees account got stolen, and 1TB of source code got stolen : Hackers breach gaming giant Electronic Arts, steal game source code

43 - AWS datacenter went down, source is not yet know but some ICS fire control system went off and employees had to evacuate : AWS Frankfurt experiences major incident that staff couldn’t fix for hours due to ‘environmental conditions’ on data centre floor hopefully you had more than one availability zone !

44 - Ron Somehwere non stop ! Foodservice supplier Edward Don hit by a ransomware attack

45 - Stolen data always end up online, prevention or nothing : CD Projekt: Data stolen in ransomware attack now circulating online

46 - You all should be aware, what is really happening on these platforms. Your kids might be porn stars, or forced to do so, this is a new level of threat, this is happening IN YOUR HOME, IN YOUR KIDS BEDROOMS

47 - Google released a privacy invasive technology, no surprise, google do not even hide they're evil anyway : Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy (as they removed "do no evil" from the company motto years ago)

48 - 7 years old very bad privileges escalation bug in Linux ! polkit patch time ! Linux system service bug lets you get root on most modern distros

49 - Cyber cold war : New Cyber Espionage Group Targeting Ministries of Foreign Affairs

50 - Behind the AI and fancy stuff, good reading : Beyond the Buzzwords: Superficial Intelligence

51 - Is your encryption Quantum proof ? Quantum computing is imminent, and enterprises need crypto agility now

52 - Fast FUD, sorry, fast food : McDonald's discloses data breach after theft of customer, employee info

53 - Lateral moves, impacting IT and OT is definitely a growing trend, actually, threat and transnational cirminal organizations, and state sponsored actors, are getting ever more active and successful in their attacks. Colonial & JBS – OT Ransomware Trend Continues

And that's about it, far from the magical side of IT and technology, we went a bit down the rabbit hole, so we need to finish on a cute note, have a good weekend all, or week, depending of when you read this, if you read this, the attention economy doesn't leave much time to read anything lately. Click on what you like ! :D

Do you see a threat ?

A threat ? what threat ? hey Bob, a threat ? No thank you, I'd rather keep an eye on this threat, or maybe it's a treat !