Hello and welcome to TSD, your regular blog post with top of mind security issues! Today, we mark GA for Cyral and welcome you to our redesigned website! TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
Please reach out to us directly, via security@cyral.com or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!
- Yes, your Mac can get malware / ransomware too. ZDNet has a good writeup of ThiefQuest formerly known as EvilQuest, an all in one malware and ransomware strain targeting Macs. So far it has mostly been distributed in pirated software and will immediately encrypt your files. As researchers have dug into it, the ransomware portion seems to be the flashy portion and the real intent is stealing files, remote execution and a keylogger. According to Patrick Wardle from Jamf, signatures are rolling out to Mac’s built in protections, but as mentioned in that thread you may have to force an update and it only finds the original version.
- KrebsOnSecurity has been touting creating your own accounts on government websites before scammers do it for you, but has found that the E-Verify SSN lock site does not function as it seems to be designed.
- Positive Technologies announced they had found a vulnerability in F5 devices that had major companies scrambling to patch ASAP over the weekend. The vulnerability, known as CVE-2020-5902, was given the maximum score of 10, was remotely exploitable, and a sample URL to trigger the vulnerability could fit into a Tweet. According to ZDNet, as of July 4th, there were already reports of it actively being exploited.
- Katie Moussouris and Luta Security just published highlights of their time with Zoom. “Luta Security helped flatten the curve of Zoom’s bug cases by 37% in less than 10 weeks, targeting and eliminating imminent zero-day risks for those cases. We also provided a vulnerability handling maturity gap analysis and roadmap for Zoom.” Katie will also continue on as a security advisor to Zoom’s CEO. Thank you to Katie and Luta Security for helping all of us that use Zoom so much now!
- On the encryption front, a tale of opposites. According to Vice, police in Europe seem to have hacked an encrypted phone network called Encrochat arresting hundreds and conducting a number of high profile raids. Meanwhile, in the US, the EARN IT act was amended and advanced in a procedural vote.
Owl fun and facts:
Researchers based out of Oregon State University have been placing digital audio recorders into the forest and processing the output on supercomputers in order to track declining spotted owl populations. They have over 1 million hours of audio at this point and are starting to learn more about their communication. Their research has shown “that spotted owls have at least 13 different call types and can inflect their pitch.” Read more about this important research on OPB.
A Shout Out:
CISOfy has released version 3.0 of Lynis. “It helps with auditing systems running UNIX-alike systems (Linux, macOS, BSD), and providing guidance for system hardening and compliance testing.” Download Lynis from GitHub today.
That’s owl for now!
