TWINN #127 Ring’ing Privacy
Article Contents
Sometimes technology is so convenient for both the users and vendors that exploitation just happens. Those of you who know me, know how much I’ve actively resisted the RING video doorbell since Amazon acquired it.
The 5 Top Cyber Security Stories Of The Week – June 5, 2023
Self custody of data is essential for modern tech. Any technology that relies on a cloud-only solution should be thoroughly vetted by policy and execution.
2. Operation Triangulation: iOS devices targeted with previously unknown malware.
There is a repeat pattern here with zero touch malwaren on iOS. Cloudflare offers a very affordable Web Application Firewall which then hides the true C&C environment. The only protection against such a zero-day is Zero Trust connectivity.
3. New MOVEit Transfer zero-day mass-exploited in data theft attacks.
Ouch. From the vendor, “To prevent exploitation, the developers warn admins to block external traffic to ports 80 and 443 on the MOVEit Transfer server.” This speaks volumes as to security posture needed for anyone using MOVEit, or a service like it.
4. Millions of PC motherboards were sold with a firmware backdoor.
“Firmware implants… analysis showed that this same code is present in hundreds of models of Gigabyte PCs”. Note that this is simply poor design that makes it easy for threat actors to take over the update process. If you have one of the models affected, best to block “mb.download.gigabyte.com” indefinitely.
5. Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
Anyone who has been using Barracuda’s Email Security Gateway may have been infected since October 2022. The attackers used it for persistent remote access and data exfiltration. Might be a good time to remind system administrators that the proper architecture for on-prem mail services is to lock down incoming mail server’s egress control and instead, smart-host it through an outbound-only host as we demonstrated in a honeypot.
Did you know?
One of the good uses of AI is when we feed it with helpful information. Anti-SPAM engines at the carrier level are getting very good, as long as we report it. Each carrier tends to have a short-code for junk reporting, but in iOS you can also tap on “report as junk” when you receive a new message.