Hello and welcome to TSD, your regular blog post with top of mind security issues. TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
Please reach out to us directly, via security@cyral.com or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!
- Following up on the past few weeks, DDoSecrets reports one of their German authorities confiscated one of their servers.
- According to documents obtained by Vice, a company is reselling breach data to law enforcement.
- A security startup that hosts breached data, has itself been breached and had some of their databases put up for sale. The founder “believes the attack was a preemptive strike in response to a keynote he’s giving in Boston this week”. There is oh so much more to this story on KrebsOnSecurity.
- A critical bug allowing remote code execution (RCE) was found in Zoom, but it only affects Windows 7 installs. This is a good time to point out that you should update if you are still on Windows 7. Read more about it at Threatpost.
- In TSD-11 we mentioned unc0ver, an iOS zero day jail break, well, Brandon Azad of Google Project Zero took a mere 4 hours from exploit release to reporting the vulnerability it to Apple and just released a timeline of their work.
- According to The Intercept, police used Twitter affiliate Dataminr to surveil Black Lives Matter protesters.
- Thomas Brewster has written an in-depth article for Forbes about how Mitre, known for its ATT&CK and CVE projects, is involved in a number of US Government Skunk Works projects. New projects unearthed include DHS paying to hack smart watches, a social media fingerprint tool for the FBI and helping to take down the Silk Road. There is a lot here to go through.
Owl fun and facts:
The eyes of an owl are not true “eyeballs.” Their tube-shaped eyes are completely immobile, providing binocular vision which fully focuses on their prey and boosts depth perception. In fact The Northern Hawk Owl can detect—primarily by sight—a vole to eat up to a half a mile away. Both facts via Audubon.org.
A Shout Out:
We’re big fans of security as code and projects like Open Policy Agent (OPA) and their related projects Conftest and Gatekeeper, and Konstraint is a brand new project that further enhances the ecosystem and makes them easier to use. From their readme: “Konstraint is a CLI tool to assist with the creation and management of constraints when using Gatekeeper.” Not only that but you can also validate “Kubernetes manifests with Conftest on a local machine…without needing to deploy to a cluster running Gatekeeper”. Check out Konstraint on GitHub today.
That’s owl for now!
