What I'm Reading 3/11/2020 - Why do we even try edition

Books

Network Forensics Tracking Hackers Through Cyberspace

The Ten-Day MBA 4th Ed.: A Step-By-Step Guide To Mastering The Skills Taught In America's Top Business Schools

Wired for War: The Robotics Revolution and Conflict in the 21st Century


Blogs / News

MIT Technology Review - The $2.5 Trillion Reason We Can’t Rely on Batteries to Clean up the Grid -

The authors of the 2016 study found steeply diminishing returns when a lot of battery storage is added to the grid. They concluded that coupling battery storage with renewable plants is a “weak substitute” for large, flexible coal or natural-gas combined-cycle plants, the type that can be tapped at any time, run continuously, and vary output levels to meet shifting demand throughout the day.

Not only is lithium-ion technology too expensive for this role, but limited battery life means it’s not well suited to filling gaps during the days, weeks, and even months when wind and solar generation flags.

Related:



 Microsoft - ADV200005 | Microsoft Guidance for Disabling SMBv3 Compression -

Microsoft is aware of a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target SMB Server or SMB Client.

The Hacker News - Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed -

Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol.

...

Despite the severity of the SMB bug, there's no evidence that it's being exploited in the wild. But it's also necessary to draw attention to the fact that this is far from the only time SMB has been exploited as an attack vector for intrusion attempts.

The previous two items are about the same issue just wanted the differing perspectives 

Sydney Morning Herald - Boris Johnson faces party rebellion over Huawei decision -

While the government ultimately prevailed, the rebels' result was stronger than expected. Many more MPs are understood to agree with the rebels but not their tactic of pushing it to a vote on an unrelated bill.

"This shows the huge strength of feeling among the Conservative party that the government needs to get Huawei out of our essential infrastructure," the former deputy prime minister Damian Green told The Sydney Morning Herald and The Age immediately after the vote.

The Verge -  FCC under fire from senators over rural broadband funding limitations - 

On Tuesday, two dozen senators — Republicans and Democrats — wrote to FCC Chairman Ajit Pai denouncing the agency’s new Rural Digital Opportunity Fund, or RDOF. This new program would establish a $20.4 billion fund to bring high-speed broadband access to rural homes and businesses that are currently going without. According to the senators, however, that money won’t be made available to communities that have already been awarded funding through the US Department of Agriculture’s ReConnect program or other broadband development or subsidy programs run by the states themselves. 

CNN - Google has asked all of its North America employees to work from home to prevent coronavirus spread - 

Google parent company Alphabet is recommending that all of its North America employees work from home through April 10 due to coronavirus, according to an email shown to CNN.

"Out of an abundance of caution, and for the protection of Alphabet and the broader community, we now recommend the you work from home if your role allows," the Tuesday email from Chris Rackow, Google's vice president of global security, reads in part. 

 Dark Reading - How Network Metadata Can Transform Compromise Assessment -

Taking the metaphor of a house a step further, doors and windows represent both points of ingress and egress for a potential intruder. Network IP addresses, proxy servers, and email boxes are the doors and windows of the enterprise network that digital prowlers exploit to gain access and exfiltrate data. But because these intruders must use the network itself, they also can't help but leave traces of their presence in the form of network metadata.

Metadata is often defined as data about data, or information that makes data useful. Every digital photograph includes metadata that offers detailed information about the photo — when it was taken, the type of camera used, even its GPS coordinates, all attached to the digital file as metadata, providing us with a simple way to sort and organize our photo libraries.

ZDNet - Intel CPUs vulnerable to new LVI attacks -

LVI's position in all these attacks is, technically, of a reverse-Meltdown. While the original Meltdown bug allowed attackers to read an app's data from inside a CPU's memory while in a transient state, LVI allows the attacker to inject code inside the CPU and have it executed as a transient "temporary" operation, giving attackers more control over what happens.

 Security Boulevard - New AMD Processor Bug Breaks Encryption -

AMD CPUs have yet another flaw, it’s been revealed. Researchers say they’ve shown “Take A Way” techniques to steal private AES keys, leak kernel memory, set up covert cloud channels and other dirty, dark deeds.

AMD appears to have its head in the sand: It’s just telling people there’s nothing to see here. But the team that discovered the flaw says the chip maker’s response is hokum.

These aren’t just any old researchers. They’re some of the same academics behind Meltdown, Spectre, ZombieLoad, etc.

“Use safe computer practices,” is AMD’s ostrich-like advice. In today’s SB Blogwatch, we try not to panic (again).

ZDNet - Microsoft shares nightmare tale: 6 sets of hackers on a customer's network -

Microsoft's first report from its Detection and Response Team (DART), which helps customers in deep cyber trouble, details the case of a large customer with six threat actors simultaneously on its network, including one state-sponsored hacker group that had been stealing data and email for 243 days. 

ThreatPost - Critical Bugs in Rockwell, Johnson Controls ICS Gear -

Bugs affecting programmable logic controllers (PLC) and physical access-control systems for facilities are rated 9.8 in severity.

Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems (ICS) gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure.

IT Security Guru - Cybersecurity Overhaul recommended by Congress -

A yearlong congressional study of American cyberspace strategy concludes that the United States remains ill-prepared to deter attacks, including from Russia, North Korea and Iran. It calls for an overhaul of how the United States manages its offensive and defensive cyberoperations. 

Reuters - U.S. government commission rolls out doomsday plan for cyberwar -

The report, authored by a U.S. government-funded bipartisan group, named the Cyberspace Solarium Commission, advises that Congress pass a series of bills to create new or reorganize existing government offices to improve the nation’s cyber defenses. It also offers other initiatives that the authors say could bring foreign allies and private sector partners closer to the U.S. government on cybersecurity efforts. 

Again same issue but two perspectives.

ThreatPost - Necurs Botnet in Crosshairs of Global Takedown Offensive -

 A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world’s most prolific and globally dispersed spam and malware infrastructure.

The move came after Microsoft and partners across 35 countries cracked Necur’s domain generation algorithm, which is what generates random domain names to allow the botnet to distribute malware and infect victim computers around the world. Details of the coordinated effort were unveiled by Microsoft in a blog post published Tuesday.