The FBI was sitting on the Kaseya ransomware decryption key, update your Netgear home router, Treasury issued sanctions related to ransomware, ransomware has hit a grain cooperative during harvest season, AI can write code just like us, Walgreens left a COVID-19 vax site unprotected and a victim of the Exchange attacks revealed themself during a breach notification. In owl news we look at the long eared owl and finally, AWS has automated remediation templates for Security Hub.
- A breaking story today from The Washington Post says that the FBI had the key for the Kaseya attack for weeks but was sitting on it in advance of taking down the REvil group that never happened when they took down their own servers. The FBI eventually shared the key 19 days after the initial attack.
- If you have a Netgear router at home, you will want to look at updating as they just fixed a high severity bug. Read more at BleepingComputer
- The Treasury Department issued sanctions against Russia-based cryptocurrency exchange Suex. Read more at CyberScoop.
- Another ransomware story we’ll be watching is that of BlackMatter hitting an Iowa grain cooperative the week of the harvest moon. A snippet of the chat with the group was posted online highlighting their role in critical infrastructure. Read more at BleepingComputer
- GitHub’s AI assisted code generation tool is good at writing code just like humans with bugs and all. In an NYU study, security bugs were introduced up to 40% of the time. Read more at Wired
- Vox’s Recode has the scoop on how a poorly designed website for Walgreen’s exposed sensitive information for anyone that received a COVID-19 shot at one of their pharmacies. A new authentication step has since been added to prevent scraping. Read more at Recode.
- Remember the Exchange that hit in March? The Republican Governors Association (RGA) political organization just revealed via a breach notification that they were compromised. Read more at BleepingComputer
Owl fun and facts:
A reporter for the Eagle Times based in New Hampshire examines an unsolved owl mystery in his own backyard. The reporter hears a unique owl call and posits whether it might be a long-eared owl which is not known to frequent that area.
From Wikipedia: “The long-eared owl (Asio otus), also known as the northern long-eared owl[2] or, more informally, as the lesser horned owl or cat owl…The long-eared owl is a medium-sized owl, which measures between 31 and 40 cm (12 and 16 in) in total length.[36][37] Their wingspan is relatively large for their size, measuring 86 to 102 cm (2 ft 10 in to 3 ft 4 in)”
A Shout Out:
AWSLabs has released a new set of playbooks to automatically remediate key security issues for those using AWS Security Hub. The playbooks “execute steps to remediate security issues, such as unused keys, open security groups, password policies, VPC configurations and public S3 buckets.” The standards are “defined as part of CIS AWS Foundations Benchmark v1.2.0 and for AWS Foundational Security Best Practices v1.0.0”. Get started today on GitHub
About:
TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
Please reach out to us directly, via security@cyral.com or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!
That’s owl for now!