Miscellaneous Tech News
-
Salt Bugs Allow Full RCE as Root on Cloud Servers
The open-source Salt management framework contains high-severity security vulnerabilities that allow full remote code execution as root on servers in data centers and cloud environments. And in-the-wild attacks are expected imminently.
-
-
@Danp said in Miscellaneous Tech News:
Salt Bugs Allow Full RCE as Root on Cloud Servers
The open-source Salt management framework contains high-severity security vulnerabilities that allow full remote code execution as root on servers in data centers and cloud environments. And in-the-wild attacks are expected imminently.
Looks like they weren't kidding...
https://www.zdnet.com/article/hackers-breach-lineageos-servers-via-unpatched-vulnerability/
-
US govt updates O365 security best practices
https://www.us-cert.gov/ncas/alerts/aa20-120a
Summary
CISA encourages organizations to implement an organizational cloud strategy to protect their infrastructure assets by defending against attacks related to their O365 transition and better securing O365 services.
Specifically, CISA recommends that administrators implement the following mitigations and best practices:
- Use multi-factor authentication. This is the best mitigation technique to protect against credential theft for O365 administrators and users.
- Protect Global Admins from compromise and use the principle of “Least Privilege.”
- Enable unified audit logging in the Security and Compliance Center.
- Enable Alerting capabilities.
- Integrate with organizational SIEM solutions.
- Disable legacy email protocols, if not required, or limit their use to specific users.
-
@Pete-S said in Miscellaneous Tech News:
US govt updates O365 security best practices
https://www.us-cert.gov/ncas/alerts/aa20-120a
Summary
CISA encourages organizations to implement an organizational cloud strategy to protect their infrastructure assets by defending against attacks related to their O365 transition and better securing O365 services.
Specifically, CISA recommends that administrators implement the following mitigations and best practices:
- Use multi-factor authentication. This is the best mitigation technique to protect against credential theft for O365 administrators and users.
- Protect Global Admins from compromise and use the principle of “Least Privilege.”
- Enable unified audit logging in the Security and Compliance Center.
- Enable Alerting capabilities.
- Integrate with organizational SIEM solutions.
- Disable legacy email protocols, if not required, or limit their use to specific users.
They all read as common sense to me
-
@EddieJennings said in Miscellaneous Tech News:
They all read as common sense to me
So not exactly expected from the US gov't.
-
Coronavirus: Far-right spreads Covid-19 'infodemic' on Facebook
"What if [they] are trying to kill off as many people as possible" reads one Facebook post.
"Eventually, these scum will release something truly nasty to wipe us all out, but first they have to train us to be obedient slaves" reads another. A third: "Coronavirus is the newest Islamist weapon." Many of us by now will have seen something of the "infodemic" the World Health Organization (WHO) warned is swirling across society. Whether popping into your online timeline or maybe forwarded by a relative, it would have been a rumour or revelation so eye-grabbing, so shockingly different from the norm, that they're hard to ignore. -
BackBlaze B2 now offers S3 API.
-
-
Latvian drone fuelled for days goes missing, restricting airspace
Latvian authorities are hunting a 26kg (57lb) drone that went missing mid-flight, causing air-traffic problems.
The aviation authority has restricted flights below 19,500ft (6,000m) in the region while they search for it. While officials say it is likely the drone, which took off on Saturday, has landed, it had enough fuel to fly until 19:10 local time on Tuesday (17:10 BST). Many members of the public reported sightings but none has been confirmed. The non-military drone is understood to belong to a local unmanned aerial vehicle (UAV) manufacturer. During a test flight, the company lost communications with the drone and lost track of its location, Latvian media reports. -
Uncle Sam to agencies: No encrypted DNS for you!
The US federal government has been protecting its users by blocking malicious destinations for years, but it won’t let them take advantage of the latest protective measure in DNS – encryption – just yet. Last month, the US Department of Homeland Security warned government agencies that they’re legally bound to use an internal system that won’t support this feature.
-
https://exchange.xforce.ibmcloud.com/#/collection/705fd7c8cc1111e72979c5fc52611775
Kaiji - New Chinese Linux Malware
Summary
A new report from Intezer details a new Chinese malware, named Kaiji, that is brute forcing servers and IoT devices. Its name is based on function, the botnet was built from scratch using Golang programming language, a rare occurrence within the IoT botnet arena. -
28,000 GoDaddy Hosting Accounts Compromised
"On May 4, 2020, GoDaddy, one of the world’s largest website hosting providers, disclosed that the SSH credentials of approximately 28,000 GoDaddy hosting accounts were compromised by an unauthorized attacker."
-
Hackers hide web skimmer behind a website's favicon
The trick, according to Malwarebytes, was that the MyIcons..net website served a legitimate favicon file for all a website's pages, except on pages that contained checkout forms.
On these pages, the MyIcons..net website would secretly switch the favicon with a malicious JavaScript file that created a fake checkout form and stole user card details.
-
Microsoft confirms Windows 10X is coming to laptops amid big jump in Windows usage
More people are turning to Windows PCs during the pandemic
Microsoft is confirming that it’s planning to refocus Windows 10X on single-screen devices. “The world is a very different place than it was last October when we shared our vision for a new category of dual-screen Windows devices,” explains Panos Panay, Microsoft’s Windows and devices chief. “With Windows 10X, we designed for flexibility, and that flexibility has enabled us to pivot our focus toward single-screen Windows 10X devices that leverage the power of the cloud to help our customers work, learn and play in new ways.” Microsoft isn’t saying exactly when single-screen devices like laptops will support Windows 10X, nor when dual-screen devices will launch with the OS. However, Windows 10X will launch on single-screen devices first. “We will continue to look for the right moment, in conjunction with our OEM partners, to bring dual-screen devices to market,” says Panay. -
Zoom buys the identity service Keybase as part of 90-day security push
Keybase serves as a secure home for online identities
Zoom has acquired Keybase, an encryption and security service meant to serve as a secure home for your online identities. The acquisition is meant to quickly add a team of security-focused developers to Zoom, which has been widely criticized in recent weeks for lapses in security inside its increasingly popular videoconferencing software. Keybase co-founder Max Krohn will now lead Zoom’s security engineering team. -
-
-
Coronavirus: NHS reveals source code behind contact-tracing app
The NHS has released the source code behind its coronavirus contact-tracing app.
More than 40,000 people have installed the smartphone software so far. The health service is targeting the Isle of Wight only, at this stage, but it says this is the first stage of the app's rollout - not a test. Tests carried out on behalf of BBC News confirm the developers have found a way to work round restrictions Apple places on the use of Bluetooth in iPhones. In a related development, Health Secretary Matt Hancock has announced that Baroness Dido Harding will head up the wider test, track and trace programme. -
Coronavirus: 'Plandemic' virus conspiracy video spreads across social media
Major social networks are rushing to take down a new coronavirus conspiracy theory video which has rapidly spread across the internet.
The so-called "Plandemic" video is edited in the style of a documentary, with much higher production standards than many conspiracy videos. The video is filled with medical misinformation about where the virus came from and how it is transmitted. Despite efforts to remove it, users are constantly re-uploading the clip. Since the 26-minute video first appeared earlier this week, it has exploded across YouTube, Facebook, Twitter and other websites, prompting an attempt to remove it. Among its claims are that the virus must have been released from a laboratory environment and could not possibly be naturally-occurring; that using masks and gloves actually makes people more sick; and that closing beaches is "insanity" because of "healing microbes" in the water.
