The Security Digest: #55
Hello and welcome to TSD, your weekly blog post with top of mind security issues. TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
- 533 million Facebook user’s data was leaked for free on a hacker forum. The data is originally from 2019 and was sold for progressively lower amounts over the past 10 months until being released for free. BleepingComputer has more.
- The Accellion data breach continues to spread as companies are now being hit with ransomware and their customers are being sent email from the ransomware operators to convince the companies to pay the ransom. KrebsOnSecurity has a screenshot from a rewards member for RaceTrac Petroleum that received one such message.
- Finally, another way CBP and ICE are tracking people is via GM OnStar technology and similar companies and has requested location data from these companies in their investigations according to a report in Forbes.
Owl fun and facts:
Above is an adult Boreal owl, Tengmalm or Richardson Owl. “Small owl with a large square head without ear tufts. It has a stocky body and a short tail…Larger than a Northern Saw-whet Owl, smaller than a Barred Owl.” These owls are found across North America and northern Eurasia. Read more at AllAboutBirds.
A Shout Out:
KICS is a security as code tool for your infrastructure as code tools.
“Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx…KICS stands for Keeping Infrastructure as Code Secure, it is open source and is a must-have for any cloud native project.”
KICS supports Terraform, Kubernetes, Docker, CloudFormation, Ansible and Helm. Get started with it on GitHub today.
That’s owl for now!
The Security Digest: #56
Hello and welcome to TSD, your weekly blog post with top of mind security issues. TSD began as an internal newsletter that our Security Lead, …
How to Simplify and Secure On-Call Access Management
A New Approach to On-Call Access Management Imagine the following scenario — an SRE gets alerted in the middle of the night about an incident …