Did you miss Cyber Security Summit - Miami? Check out our session →·Watch on Demand
Cyral
Blog

The Security Digest: #78

The SEC is conducting investigations related to SolarWinds which could dredge up other unreported breaches, it’s Patch Tuesday so patch all the things as Microsoft, Chrome and Apple have all patched zero days being exploited in the wild, 2 big ransomware names are back, a cross account Azure container vulnerability was fixed and finally the largest DDoS yet has been observed. Meanwhile there is a guide to attracting owls to your yard and finally OWASP is celebrating their 20th anniversary and have their Top 10 in draft form.

  • The SEC is conducting a wide ranging probe dealing with the SolarWinds incident and “the requests may reveal numerous unreported cyber incidents unrelated to the Russian espionage campaign”. Numerous sources have said many companies have unreported breaches which could lead to even more fines and litigation. Read more at Reuters.
  • Fully patched Windows users are actively being exploited with a zero day according to Microsoft. The bug is in Internet Explorer but the same mechanism is also used in Office as well. The patch should be out today with Patch Tuesday. Read more at KrebsOnSecurity.
  • Patch Tuesday is out for Microsoft and it indeed does contain the fix for the above zero day and another not known to be currently exploited along with nearly 60 others. Update ASAP and then read more at BleepingComputer.
  • Meanwhile, Chrome patched their 10th zero day exploited in the wild on Monday with updates rolling out now. Be sure to click the Update ASAP and then read more at The Hacker News.
  • And Apple released their own patches for iOS 2 zero days exploited in the wild with one known to be used for delivery of NSO’s Pegasus malware. Update ASAP and read more at BleepingComputer.
  • In ransomware news REvil is back after shutting down after they Kaseya incident according to Bleeping Computer. Meanwhile, BlackMatter, suspected to be a rebrand of DarkSide, is suspected to have hit part of Olympus which they have said is now contained. Read more at BleepingComputer.
  • In a coordinated release, Unit 42 from Palo Alto Networks announced a cross account Azure container takeover with Microsoft announcing they had fixed it. Read full details of the escape from Unit 42 and an overview and more about the fix at BleepingComputer.
  • Finally, Yandex and KrebsOnSecurity were both hit with an IoT botnet called Meris. The attacks against Yandex were record shattering with nearly 21 million requests per second. Read more at KrebsOnSecurity.

Owl fun and facts:

Henry Dinardo / Unsplash

Popular Science has a resource for how to attract owls to your own backyard. Key suggestions include providing a nest box and leaving your yard more wild.

A Shout Out:

The OWASP Top 10 is out for Peer Review! “There are three new categories, four categories with naming and scoping changes, and some consolidation in the Top 10 for 2021.” Read more about the OWASP Top 10. The official Top 10 will be debuting at the free OWASP 20th anniversary celebration on September 24th. Register today!

About:

TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.

Check back here every Tuesday for more TSD or sign up below to stay in the loop!

Please reach out to us directly, via security@cyral.com or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!

That’s owl for now!