The Security Digest: Week 30
Hello and welcome to TSD, your weekly blog post with top of mind security issues. TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
- In one attempt to prevent election meddling, U.S. Cyber Command began infiltrating and attempting to disrupt the botnet according to KrebsOnSecurity. KrebsOnSecurity was the first to break the news about the botnet being disrupted. Microsoft, meanwhile, went one step further and was able to seize the infrastructure related to Trickbot and dismantle it completely. Read more at KrebsOnSecurity.
- The Checkm8 vulnerability that has brought jailbreaking to iPhones now comes to MacOS and it’s T2 security chip. Luckily this can only be initiated via USB, or this would be beyond scary. Since it’s chip based, it’s unfixable. Read more at Wired.
- Vice is reporting that Customs and Border Patrol bought global location data from a vendor callled Venntel that gains location data from random apps such as weather and games. Why file a warrant when you can just buy it from third party vendors?
- Have you heard of geofence warrants? It’s a warrant for providers to provide any information about devices that were in specific geographic area at a specific time. Well, new court documents show that they are taking that 1 step further to request warrants based on keyword searches. In this particular case, ‘they requested information on “users who had searched the address of the residence close in time to the arson.”‘ Read more at CNET.
- Meanwhile, 5 years after the Hacking Team had their tools leaked, a China based group has been found to be reusing their spyware according to researchers from Kaspersky. Read more at Wired.
- It’s Patch Tuesday, so get those Microsoft patches in and prevent bad neighbors. KrebsOnSecurity has the full roundup.
Owl fun and facts:
Bay Nature has a wonderful essay from Steve Lefkovits about Short Eared Owls in the Bay Area. Some of the facts that Steve shares includes: “SEOs exist literally below human vision. They fly, hunt, and nest as close to the roots of brush as possible. Once on the ground, their camouflage makes them almost undetectable to the human eye.” Read more about these wonderful birds, some amazing photos and what Steve had to do and what he observed while getting all of these awesome shots at Bay Nature.
A Shout Out:
Kubei is “a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment.” This is another great security as code tool you can implement to scan what’s already running. Read more about it over at Portshift. Kubei is available on GitHub.
That’s owl for now!
Observability Metrics for Troubleshooting Database Performance
In this blog post, we show how Cyral’s observability metrics can be used by DevOps and SRE teams for tracking usage of and diagnosing performance …
Life at Cyral: All-Hands with Gokul Rajaram
Part two of our new Cyral community blogpost series (find part one here) finds the Parliament of Owls continuing our discussion on product leadership and …