-
World Cybersecurity Forum (1st Quarterly Clubhouse Edition)
We held the first World Cybersecurity Forum this past week and it was a great success! The World Cybersecurity Forum was a 24-hour event held for the first time this year on Clubhouse! The event featured cyber experts from around the world, and was an event open to all with the mission of demystifying cyber, creating awareness and answering the public’s questions. The World Cybersecurity Forum believes that cybersecurity is EVERYONE’S responsibility. Organized by Jacqueline Jayne, Security Awareness Advocate at KnowBe4, Jacqueline or, JJ, for short, can be found on LinkedIn. The session aimed to bring the best minds together from around the world to talk about all things cyber.…
-
News & Notes: July 30, 2021
Estonia arrests hacker who stole 286K ID scans from govt database. Mozilla Firefox to roll out DNS over HTTPS for Canadian users Windows 11 includes the DNS-over-HTTPS privacy feature – How to use
-
News & Notes: July 29, 2021
U.S. President Joe Biden: Severe cyberattacks could escalate to ‘real shooting war’ with a major global power: “You know, we’ve seen how cyber threats, including ransomware attacks, increasingly are able to cause damage and disruption to the real world,” Biden said during a speech at the National Counterterrorism Center of the Office of the Director of National Intelligence. “I can’t guarantee this, and you’re as informed as I am, but I think it’s more likely we’re going to end up — well, if we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great…
-
News & Notes: July 28, 2021
Twitter will soon let you log in with your Google account. “Twitter has started testing a new feature that allows users to sign up for an account using their existing Google account.” via Bleeping Computer eScan’s Mobile Security Application Capable of Detecting and Blocking Pegasus Spyware. The Global Spyware Market Index Report from Top10VPN.com revealed some startling statistics: 74 countries have bought and/or used invasive spyware technology since 2015. Spyware firms: 86% are based in countries considered full or flawed democracies by the EIU. Suspected customers: 55% are authoritarian or hybrid regimes, with only 7% considered full democracies. FinFisher has the most reported state customers (34), followed by Circles (25),…
-
News & Notes: July 27, 2021
Apple Issues Patches for CVE-2021-30807 Just about a week after Apple issued a series of patches for macOS, iOS & iPadOS devices, yet another series of patches has been released this week. Yea Ching, ISC Handler (Twitter: @poppopretn) posted a diary alerting us to this new bug discovered by an anonymous researcher. The issue revolves around the IOMobileFrameBuffer. ”This update resolves an issue with IOMobileFrameBuffer which could allow an application to execute arbitrary code with kernel privileges. This issue may have bee actively exploited.” For macOS Big Sur 11.5.1: IOMobileFrameBuffer Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is…
-
News & Notes: July 26th, 2021
Wireshark 3.4.7 released. ’PetitePotam’ ADCS Domain Admin Vulnerability This one come from Bojan Zdrnja (@bojanz) and a great diary he posted to ISC about the entire issue. Bojan’s piece is a must-read to wrap your head around everything going on. At the core is NTLM (New Technology LAN Manager) relay, in which an attacker has a “machine-in-the-middle” position and is able to intercept credentials being sent. This gets into Microsoft’s encrypted file system remote protocol, and no further authentication is required, making matters worse. Summed up, Don’t use NTLM for authentication! Particularly, on Active Directory Certificate Services, make sure that IIS is not allowing authentication via NTLM. Mitigation documentation from…
-
News & Notes: July 23, 2021
Cyberattacks on critical infrastructure are dangerous, increasing. And they could soon turn deadly. This is a topic that has been talked about more frequently on various internet channels of when cyberattacks will cross into the physical realm and have deadly consequences. At what point does cyber warfare trigger actual, real-life, kinetic warfare? via ZDNet Over 80 U.S. Municipalities Suffer Data Breach via Misconfigured Amazon S3 buckets “WizCaze uncovered a data breach that affected the residents of over 100 U.S. cities that used a product from PeopleGIS. Over 1000 GB of data and over 1.6 million files were held in 80 misconfigured Amazon S3 buckets. WizCase’s investigation revealed multiple reasons due…
-
What is Zero Trust?
Zero Trust Castle & Moat construct (which assumes that all security threats come from outside an organization) is outdated & problematic. Shift in attitude from trusted to untrusted. Trust is a vulnerability. Workers (users) are our weakest link No trust-by-default… Instead, Why don’t we inherently distrust everything? The user today needs a variety of access methods to a multitude of systems (while simultaneously NOT trusting them). The ‘Zero Trust’ model allows workers to perform their roles & responsibilities in a much more secure, much less trusted environment. The framework was conceptualized by Forrester Research in 2010. Not “Trust, but verify” rather, “Verify, then trust…but only a little.” No person is…
-
Akamai DNS Massive Global Internet Outage Takes Down Major Websites, Online Services
In a System Status, Akamai has acknowledged the incident as an “Edge DNS Service Incident”. Bleeping Computer reported that, “Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, Cloudflare, AWS, Amazon, Google, and Salesforce.” They have mitigated the incident as of July 22, 2021-17:09UTC. According to the System Status on Akamai’s site: “We are aware of an emerging issue with the Edge DNS service. “We are actively investigating the issue. If you have questions or are experiencing impact due to this issue, please contact Akamai Technical Support. In the interest of time, we are providing you the most current information…
You May Also Like
World Cybersecurity Forum (1st Quarterly Clubhouse Edition)
-
News & Notes: July 22, 2021
Microsoft ACL Privilege Vulnerability dubbed “#SummerOfSAM”, this is a permissions-related fiasco for SAM & SYSTEM hives. Dubbed the “Summer of SAM” there is CVE 2021-#36934 issued for incorrect permissions on Windows 10/11 hives. Bojan Zdrnja (@bojanz) posted to the ISC (Internet Storm Center) first alerting the public here. The issue revolves around SAM and SYSTEM hives. SAM is Security Accounts Manager. SYSTEM User Account is like ‘root’ in Linux, as this account has more privileges than even the admin. SYSTEM users: see & do things the admin can’t. it can stop processes the admin can’t. has a higher integrity level that the admin. can bypass most policies. As Microsoft published…
