Wednesday, March 25, 2020

What I'm Reading 3/25/2020 - Coronavirus and Chinese Hackers... Again

Books -

Network Forensics Tracking Hackers Through Cyberspace

Blogs / News - 

Fifth Domain - Trump administration must produce 5G security strategy under new law -
  President Donald Trump signed a 5G security bill March 23 that requires the executive branch to develop a strategy to secure and protect 5G and future generation networks.
The new law, titled the Secure 5G and Beyond Act, comes as the United States government struggles to convince close allies not to use what it considers risky telecom suppliers, such as Huawei, as they build their 5G networks and workers across the United States work from home due to the new coronavirus. The fifth-generation network is expected to speed up connectivity for connected users.

City Lab - When Cities Went Electric -
The point of the White City and the Chicago World Fair of 1893 was to incorporate electricity into everything, so that people could see with their own eyes how their lives were going to change and how the world was going to look. Until then, electricity was kind of invisible, so it seemed mysterious and was something most people had never seen. Around 92 million people went to the fair. There were things like electric fountains that danced and had colored lights. There was a moving walkway, the kind you see in airports today, which no one had ever seen before. There was an electric kitchen; no one had ever seen that. They’d describe these things as such pie-in-the-sky. The goal was that everything would be powered by electricity, and they succeeded. It all worked very seamlessly and was kind of invisible. And it meant the fair could be open at night.          
Dark Reading - How Attackers Could Use Azure Apps to Sneak into Microsoft 365 -
The Varonis research team encountered this vector while exploring different ways to exploit Azure, explains security researcher Eric Saraga. While they found a few campaigns intended to use Azure applications to compromise accounts, they discovered little coverage of the dangers. They decided to create a proof-of-concept apps to demonstrate how this attack might work. It's worth noting they did not discover a flaw within Azure, but instead detail ways its existing features could be maliciously used. 

Stanford University - N95 Masks can be sterilized 

CNN - FDA says it is expediting the use of a blood plasma treatment as New York begins to roll out new clinical trials -
The US Food and Drug Administration on Tuesday said it is expediting the use of a blood plasma treatment for patients seriously ill with the coronavirus, making it easier for doctors to try another tool to attack the illness.
The FDA said in a news release that it is "facilitating access" for patients with life threatening infections to blood plasma taken from a person who recovered after once testing positive for the virus.
The New York State Department of Health is also rolling out clinical test trials for anti-malaria drug Hydroxychloroquine and the antibiotic Azithromycin. The patients who are hospitalized with moderate or severe coronavirus will be eligible to receive the treatment. 
Related -  Tech Crunch - New study casts doubt on hyrdoxychloroquine’s effectiveness in treating coronavirus -
In a prime example of why President Trump shouldn’t be endorsing any unproven potential treatments for the novel coronavirus behind the current global pandemic, a new small-scale study by researchers in China indicates that the antimalarial drug hydroxychloroquine actually isn’t any more effective than standard, existing best practice for conventional care of patients with the virus.
I don't want to attribute motives to people where they may not be present, but the tone of this article comes off as almost gleeful that this treatment may not be effective.

Also Related - Al Jazeera - Doctor's Note: Can herd immunity solve coronavirus? -
To stop the spread of measles in the United Kingdom, for example, there needs to be a 95 percent vaccine take-up to reach herd immunity. In the case of coronavirus, the UK's Chief Scientific Adviser has stated that it needs to be around 60 percent. This value is derived by scientists through some very complex modelling of the virus and determining how contagious it is.  
While coronavirus has proved so far to be a fairly mild infection for the majority of young , healthy people, for the elderly or those with underlying health problems, it can be serious and potentially fatal. It is this group we are trying to protect with herd immunity.
Threatpost - Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign -
Researchers warn that APT41, a notorious China-linked threat group, has targeted more than 75 organizations worldwide in “one of the broadest campaigns by a Chinese cyber-espionage actor observed in recent years.”
“While APT41 has previously conducted activity with an extensive initial entry such as the trojanizing of NetSarang software, this scanning and exploitation has focused on a subset of our customers, and seems to reveal a high operational tempo and wide collection requirements for APT41,” wrote Christopher Glyer, Dan Perez, Sarah Jones and Steve Miller with FireEye, in a Wednesday analysis.
Related - Cyberscoop - Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign -
“Based on our current visibility it is hard to ascribe a motive or intent to the activity by APT41,” Glyer told CyberScoop. “There are multiple possible explanations for the increase in activity including the trade war between the United States and China as well as the COVID-19 pandemic driving China to want intelligence on a variety of subjects including trade, travel, communications, manufacturing, research and international relations.”
Endgadget - An enterprise SSD flaw will brick hardware after exactly 40,000 hours -
Hewlett Packard Enterprise (HPE) has warned that certain SSD drives could fail catastrophically if buyers don't take action soon. Due to a firmware bug, the products in question will be bricked exactly 40,000 hours (four years, 206 days and 16 hours) after the SSD has entered service. "After the SSD failure occurs, neither the SSD nor the data can be recovered," the company warned in a customer service bulletin.
Ars Technica - Never-before-seen attackers are targeting Mideast industrial organizations -
Researchers have unearthed an attack campaign that uses previously unseen malware to target Middle Eastern organizations, some of which are in the industrial sector.
Researchers with Kaspersky Lab, the security firm that discovered the campaign, have dubbed it WildPressure. It uses a family of malware that has no similarities to any malicious code seen in previous attacks. It's also targeting organizations that don't overlap with other known campaigns.

No comments: