Hello and welcome to TSD, your weekly blog post with top of mind security issues. TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
- Grindr had a major security flaw that allowed anyone to hijack a user’s account by only knowing their email email address as the password reset page was leaking the reset token to the browser. Wassime Bouimadaghene, a French security researcher, reported the flaw directly to Grindr but never heard back and so enlisted the help of Troy Hunt and Scott Helme who then shared their findings with TechCrunch. This follows up on a report from last year about treasure trove of data sent from Grindr to 3rd parties and more including HIV status.
- Facebook is in the news and it has nothing to do with politics! Attackers merely hijacked accounts and spent $4 million of victims’ money to buy ads for “diet pills, fake designer handbags, and more” via Wired
- A Philadelphia health tech company that makes software used in clinical trials was hit by ransomware. They reported no patient data was affected but some companies had to resort to pen and paper to track their trials via NYTimes
- The 5th largest school district in the US, based in Las Vegas, was hit by ransomware. When they didn’t pay, the attackers released a raft of information reportedly including employee SSNs via ThreatPost
- Meanwhile if an organization does pay, the US government just warned they could face steep fines from the Treasury Department if the ransomware operators are already under sanctions KrebsOnSecurity. Rock meet hard place. We can all reflect now on good old days of ransomware where we could just say, all you need are backups!
- The FBI has announced that they’ll working together with a number of government agencies to fight foreign cyber attacks. “The National Cyber Investigative Joint Task Force, or NCI-JTF, will serve as a nerve center for the federal government’s efforts to monitor and counter hacks. The task force is home to specialists from more than 30 federal agencies, including the Central Intelligence Agency, National Security Agency, and Secret Service.” Just today the FBI put out a statement together with CISA, NCSC and NSA promoting the safety of the upcoming election. This may only cover a portion of the “clarity of leadership” GAO report that we mentioned in TSD-28, but it sure seems like an end around the elimination of the White House based cybersecurity coordinator.
Owl fun and facts:
Above is Aztec, a Spectacled Owl who just experienced his first rainstorm while at the Scottish Owl Centre. Check him out to see what he looks like dry! In TSD-12 we featured Coba a grown up spectacled owl so you can compare the differences in color. Aztec won’t grow to be too much bigger as they grow up to 2.75 pounds and a little over 20 inches. The Scottish Owl Centre boasts over 100 owls from around the world and the largest collection.
A Shout Out:
Ashish Kurmi recently open sourced a new tool called S3 Insights. S3 Insights scans all your S3 buckets across all of your accounts at scale collecting metadata to give you better insights into everything you own. Read more about the project here. Also be sure to check out Ashish’s Uber post on CMON, their continuous monitoring solution here.
That’s owl for now!