Hello and welcome to TSD, your weekly blog post with top of mind security issues. TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
- President Biden issued an executive order on Cybersecurity. We broke down what the order means for cybersecurity and cloud security
- The Darkside ransomware operators that hosted the Ransomware-As-A-Service infrastructure that hit Colonial Pipeline announced they were going dark. In just 9 months, they supposedly collected $90 million split among the affiliates and developers (BleepingComputer). What’s interesting is that portions of the announcement were tied to the REvil ransomware group. There was speculation that they had overlapping members but nothing confirmed. REvil also announced they would vet potential victims before allowing affiliates to use their service via KrebsOnSecurity.
- Relatedly, Try This One Weird Trick Russian Hackers Hate (install a Russian keyboard on Windows to maybe not get infected)
- An insurance agency dropped support for ransom payments and was later hit with ransomware and DDoS’d offline via BleepingComputer
- Conti ransomware targeted 2 different health providers in Ireland, and succeeded with one via BleepingComputer
- Rapid7 and Monday.com are the latest to announce that they were affected by the Codecov supply chain hack via BleepingComputer
- Did you see the one about WiFi FragAttacks? The IoT declarations in the executive order can’t come soon enough with long tail issues like this. Read more at The Register.
- Buzzfeed found President Biden’s Venmo and mapped everything out. The EFF says #FixItAlready
- Did you know that TV maker Vizio “makes nearly as much money from ads and data as it does from TVs”? Read more at Engadget
Owl fun and facts:
The Eurasian Scops Owl is a rather small owl and is the size of a sparrow according to the The Scottish Owl Centre. Eurasian Scops owls can be seen at various parts of Europe, Asia and Africa with a focus around The Mediterranean Sea. “The scientific name is from the Latin otus for an eared owl and Ancient Greek skopos, “watcher”‘ via Wikipedia.
A Shout Out:
As fans of Security as Code (SaC), we are super excited for all of the recent development around Infrastructure as Code (IaC) security scanning tools. We most recently featured KICS in TSD-55 for example. The CEO and founder of Indeni, Yoni Leitersdorf, has just recently put out a comparison of these tools out on GitHub comparing Checkov, Indeni, KICS, Snyk, Terrrascan and Tfsec with a number of test cases. Even though this is from a vendor, you can see that all of the tools have their own pros and cons. If you are interested and have not taken the leap yet with IaC scanning, take a look at the test cases and results on GitHub.
That’s owl for now!