This Week's Reading 5/15/2022 #infosec #cybersecurity

 Work Stuff

Pentagon’s China Warning Prompts Calls to Vet U.S. Funding of Startups

https://www.wsj.com/articles/pentagons-china-warning-prompts-calls-to-vet-u-s-funding-of-startups-11652014803

Cisco warns of premature DIMM failures

https://www.theregister.com/2022/05/09/cisco_server_dimm_failure/

Beautiful Basics - Series

https://malicious.link/post/2022/beautiful-basics/

The stakes 'could not be any higher': CISA chief talks about the tech challenges ahead

https://www.zdnet.com/article/the-stakes-could-not-be-any-higher-cisa-chief-talks-about-the-tech-challenges-ahead/#ftag=RSSbaffb68

Google Created 'Open-Source Maintenance Crew' to Help Secure Critical Projects

https://thehackernews.com/2022/05/google-created-open-source-maintenance.html

A year later, Biden’s cybersecurity executive order driving positive change

https://www.csoonline.com/article/3660769/a-year-later-biden-s-cybersecurity-executive-order-driving-positive-change.html#tk.rss_all

NIST Cybersecurity Framework update comments highlight a gamut of needed changes

https://www.csoonline.com/article/3660068/nist-cybersecurity-framework-update-comments-highlight-a-gamut-of-needed-changes.html#tk.rss_all

Utility industry continues to deny that control system cyber incidents are occurring

https://www.controlglobal.com/blogs/unfettered/utility-industry-continues-to-deny-that-control-system-cyber-incidents-are-occurring/

The Texas electric grid can barely keep the lights on

https://twitter.com/The_Michael_Lee/status/1525533811873914880

6 top network security threats and how to beat them

https://www.networkworld.com/article/3660057/6-top-network-threats-and-how-to-beat-them.html#tk.rss_security

ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities

https://www.securityweek.com/ics-patch-tuesday-siemens-schneider-electric-address-43-vulnerabilities

What to Patch Now: Actively Exploited Windows Zero-Day Threatens Domain Controllers

https://www.darkreading.com/application-security/what-to-patch-now-actively-exploited-zero-day-threatens-domain-controllers

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/13/cisa-temporarily-removes-cve-2022-26925-known-exploited

May's Patch Tuesday updates make urgent patching a must

https://www.computerworld.com/article/3660511/mays-patch-tuesday-updates-make-urgent-patching-a-must.html#tk.rss_security

Training on understanding, protecting, and securing Industrial Control Systems (ICS) from cyber-attacks.

https://www.eventbrite.com/e/301v-ics-cybersecurity-training-june-13-registration-302762389457?mc_cid=6baf7c4394&mc_eid=UNIQID

===========================================================================================

Non - Work Stuff

Bitcoin falls to 10-month low as stock markets tumble

https://www.reuters.com/business/finance/bitcoin-falls-lowest-since-january-line-with-tumbling-stock-markets-2022-05-09/

Satoshi-Era Bitcoin Wallet Awakens with BTC in It Worth 62x in USD

https://techtelegraph.co.uk/satoshi-era-bitcoin-wallet-awakens-with-btc-in-it-worth-62x-in-usd/

Layoffs and a Silicon Valley Sell-Off Create Shaky Low-Valued 'Unicorn Zombies'

https://slashdot.org/story/22/05/09/0249204/layoffs-and-a-silicon-valley-sell-off-create-shaky-low-valued-unicorn-zombies?utm_source=rss0.9mainlinkanon&utm_medium=feed

Uber CEO Tells Staff Company Will Cut Down on Costs, Treat Hiring as a 'Privilege'

https://tech.slashdot.org/story/22/05/09/1632209/uber-ceo-tells-staff-company-will-cut-down-on-costs-treat-hiring-as-a-privilege?utm_source=rss0.9mainlinkanon&utm_medium=feed

The End of Industrial Society

https://palladiummag.com/2021/03/24/the-end-of-industrial-society/

It Began as an AI-Fueled Dungeon Game. It Got Much Darker

https://www.wired.com/story/ai-fueled-dungeon-game-got-much-darker/?utm_medium=social&utm_brand=wired&utm_source=twitter&utm_social-type=owned&mbid=social_twitter

Cybersecurity has a desperate skills crisis. Rural America could have the answer

https://www.zdnet.com/education/professional-development/cybersecurity-has-a-desperate-skills-crisis-rural-america-could-have-the-answer/

Texas law that allows users to sue social networks for censorship is now in effect

https://www.engadget.com/texas-law-hb-20-in-effect-053504592.html?src=rss

The EU Commission is planning automatic CSAM scanning of your private communication – or total surveillance in the name of child protection.

https://tutanota.com/blog/posts/eu-surveillance-csam/

Hawley introduces bill to strip 'woke' Disney of special copyright protections

https://www.yahoo.com/news/hawley-introduces-bill-strip-apos-110648775.html

Cracking the Code: Sneakers at 30

https://letterboxd.com/journal/cracking-the-code-sneakers/

Just finished Tokyo Vice #books

 I've spent time in Japan so when I saw the Tokyo Vice TV series on HBO Max I was intrigued.  Watched the series and it was good enough I decided to read the book.

 The book is very interesting.  Quite a bit of background on Japanese society and on the Japanese underworld.  Some very sympathetic characters and some real scumbags too.  I recommend it, it's a good casual read but not lightweight and you might expand you're horizons a bit.

This Week's Reading 5/8/2022 #Infosec #Cybersecurity

 Work Stuff

U.S. Passes New Cybersecurity Law for Critical Infrastructure Reporting

https://www.nuspire.com/blog/u-s-passes-new-cybersecurity-law-for-critical-infrastructure-reporting/

The new cybersecurity mandate - Parsing the White House’s cybersecurity directives.

https://www.csoonline.com/article/3658980/the-new-cybersecurity-mandate.html#tk.rss_all

CISA Extends Recommendations to Non-Federal Organizations - Keeping malware from entering networks through web browsers

https://blog.ericom.com/cisa-extends-recommendations/

NIST Releases Updated Cybersecurity Guidance for Managing Supply Chain Risks

https://thehackernews.com/2022/05/nist-releases-updated-guidance-for.html

Russia is losing the cyberwar against Ukraine, too

https://www.computerworld.com/article/3658951/russia-is-losing-the-cyberwar-against-ukraine-too.html#tk.rss_security

Cybersecurity metrics corporate boards want to see

https://www.csoonline.com/article/3658118/cybersecurity-metrics-corporate-boards-want-to-see.html#tk.rss_all

Hackers are exploiting 0-days more than ever

https://arstechnica.com/information-technology/2022/04/hackers-are-exploiting-0-days-more-than-ever/

How Log4j Reshaped Cloud Security Thinking

https://securityboulevard.com/2022/05/how-log4j-reshaped-cloud-security-thinking/

Here's a New Tool That Scans Open-Source Repositories for Malicious Packages

https://thehackernews.com/2022/05/heres-new-tool-that-scans-for-malicious.html

Compromising WSUS for lateral movement

https://labs.nettitude.com/blog/introducing-sharpwsus/

Kaspersky Warns of Fileless Malware Hidden in Windows Event Logs

https://www.securityweek.com/kaspersky-warns-fileless-malware-hidden-windows-event-logs

Finding the Real "Last Patched" Day (Interim Version)

https://isc.sans.edu/diary/rss/28610

Botnet that hid for 18 months boasted some of the coolest tradecraft ever

https://arstechnica.com/information-technology/2022/05/how-hackers-used-smarts-and-a-novel-iot-botnet-to-plunder-email-for-months/

Revisiting the Colonial Pipeline Cyberattack, One Year Later

https://securityboulevard.com/2022/05/revisiting-the-colonial-pipeline-cyberattack-one-year-later/

Flaws in Avast, AVG Antiviruses Could Have Facilitated Attacks on Millions of Devices

https://www.securityweek.com/flaws-avast-avg-antiviruses-could-have-facilitated-attacks-millions-devices

How masscan works

https://rushter.com/blog/how-masscan-works/

California Says It Needs More Power to Keep the Lights On

https://www.usnews.com/news/us/articles/2022-05-06/california-says-it-needs-more-power-to-keep-the-lights-on

Giving old dams new life could spark an energy boom

https://www.msn.com/en-us/news/us/giving-old-dams-new-life-could-spark-an-energy-boom/ar-AAWZKra

==========================================================================

Non-Work Stuff

This ugly t-shirt makes you invisible to facial recognition tech

https://www.wired.co.uk/article/facial-recognition-t-shirt-block

Logging and monitoring can be a form of bullying, and make for lousy infosec

https://www.theregister.com/2022/05/02/surveillance_security_is_bullying/https://www.theregister.com/2022/05/02/surveillance_security_is_bullying/

The Seven Different Types of Jerks at Work (and How to Deal With Them)

https://lifehacker.com/the-seven-different-types-of-jerks-at-work-and-how-to-1848847911

103 Bits of Advice I Wish I Had Known

https://kk.org/thetechnium/103-bits-of-advice-i-wish-i-had-known/?mc_cid=6eae91b051&mc_eid=99d4cae3b4

How big companies kill ideas — and how to fight back, with Tony Fadell

https://www.theverge.com/23053632/tony-fadell-build-decoder-apple-iphone-google-alphabet-steve-jobs

Announcing the public availability of the Cisco Cloud Controls Framework (CCF)

https://blogs.cisco.com/security/announcing-the-public-availability-of-the-cisco-cloud-controls-framework-ccf

The Crypto Elites Are Plotting a Wall Street Merger

https://concoda.substack.com/p/the-crypto-elites-are-plotting-a?s=r

IBM's asshole test

https://johnpublic.mataroa.blog/blog/the-asshole-test/

Demystifying Database Performance for Developers

https://www.crunchydata.com/blog/demystifying-database-performance-for-developers

Edward Snowden in Hindsight

https://www.zdziarski.com/blog/?p=11127

Hitting the Books: US regulators are losing the fight against Big Tech

https://www.engadget.com/hitting-the-books-access-rules-mayer-schonberger-ramge-uc-press-140054547.html?src=rss

Opinion: Do poison pills work? A finance expert explains the anti-takeover tool that Twitter hopes will keep Elon Musk at bay

https://www.marketwatch.com/story/do-poison-pills-work-a-finance-expert-explains-the-anti-takeover-tool-that-twitter-hopes-will-keep-elon-musk-atbay-11650384088?link=sfmw_tw&twclid=212egz7h2kw0hi3yuv5top0dxd

Agile and the Long Crisis of Software

https://logicmag.io/clouds/agile-and-the-long-crisis-of-software/

Conference Review S4x22 #infosec #cybersecurity

Over the past 5 years I have been to quite a few conferences and S4 has been in my top 3 since I first attended at S4x20 (for the record the other two are the April 2018 mini-conference put on by Scoop News Group and Layer One).  This year was no exception.

S4 has a few things going for it that separate it from a lot of other conferences that I have been to:

1.  The venue - Usually S4 is held at the Filmore Theatre in Miami Beach (next year it will still be in Miami Beach but a different location due to remodeling).  The Filmore is pretty accessible, comfortable to spend time in, and large enough to handle the number of attendees, with some overflow across the street.  It's close to the beach, the conference hotels and various restaurants and other nightlife.  So all in all a plus

In addition the are some associated events at the Miami Beach Botanical Gardens and a Welcome aboard party that add to the attractiveness of the location.

2.  Conference Size - this year it was about 800 people.  Large enough for variety but no so large you get lost in the pack. This also means if you want to see a talk you can get in to see the talk.

3.  Very Focused - this conference is focused on ICS cyber security so everything revolves around that. So unlike larger more general conferences you aren't constantly pouring over talk schedules trying to figure out what really applies to you.

4.  Format - there is a very good balance of technical / non-technical talks and activities.  This relates back to number 3.

5.  The People - usually at a conference there is at least one jerk trying to make people miserable.  I haven't seen that at either of my two outings to S4.  All the people I ran into - if not friendly at least weren't unfriendly.  Makes everything much more relaxing.

The only slight downsides are:

1.  Travel - It's a pain to get to Miami Beach from Portland at a reasonable price.

2.  The Cabana Sessions - Just my opinion but way to crowded for that pool space.  

3.  Swag - This is my fault entirely, but I always end up with too much of it and hauling it home is a pain.  :-).  Bring an extra bag because you'll definitely be able to fill it. (In case it isn't clear I am not really complaining about too much free stuff)

Anyway if you work in industrial cybersecurity or an adjacent field I highly recommend this conference.

This Week's Reading 1 May 2022 #infosec #cybersecurity #books

 Work Stuff

CISA - 2021 Top Routinely Exploited Vulnerabilities

https://www.cisa.gov/uscert/ncas/alerts/aa22-117a

Who is exploiting VMware right now? Probably Iran's Rocket Kitten, to name one

https://www.theregister.com/2022/04/26/iran_rocket_kitten_vmware_exploit/

That time we unplugged a data center to test our disaster readiness

https://dropbox.tech/infrastructure/disaster-readiness-test-failover-blackhole-sjc

Log4j Attack Surface Remains Massive

https://www.darkreading.com/threat-intelligence/l0g4j-attack-surface-remains-huge

What the ECDSA Flaw in Java Means for Enterprises

https://www.darkreading.com/dr-tech/what-the-ecdsa-flaw-in-java-means-for-enterprises

USA's plan to decouple its tech with China lacks a strategy – report

https://www.theregister.com/2022/04/26/usas_plan_to_decouple_its/

Germany's Nuclear Fumble

https://compactmag.com/article/germany-s-nuclear-fumble

Overlapping ICS/OT Mandates Distract From Threat Detection and Response

https://www.darkreading.com/attacks-breaches/overlapping-ics-ot-mandates-distract-from-threat-detection-and-response

Control system cyber incidents in electric and other sectors are frequent, often impactful, but not reported

https://www.controlglobal.com/blogs/unfettered/control-system-cyber-incidents-in-electric-and-other-sectors-are-frequent-often-impactful-but-not-reported/

Microsoft warns: These flaws could give attackers root privileges on Linux desktops

https://www.zdnet.com/article/microsoft-warns-these-flaws-could-give-attackers-root-privileges-on-linux-desktops/#ftag=RSSbaffb68

Mandiant: Attackers' Median Dwell Time Drops to 3 Weeks

https://news.hitb.org/content/mandiant-attackers-median-dwell-time-drops-3-weeks

Top 5 security analytics to measure

https://www.helpnetsecurity.com/2022/04/28/security-analytics-importance/

Experts Detail 3 Hacking Teams Working Under the Umbrella of TA410 Group

https://thehackernews.com/2022/04/experts-detail-3-hacking-teams-working.html

Non-Work Stuff

Facebook Doesn’t Know What It Does With Your Data, Or Where It Goes: Leaked Document

https://www.vice.com/en/article/akvmke/facebook-doesnt-know-what-it-does-with-your-data-or-where-it-goes

Hackers Reportedly Target Wind-Energy Companies

https://www.pcmag.com/news/hackers-reportedly-target-wind-energy-companies

Twitter Admits It Hid Tweets About HBO's QAnon Docuseries

https://gizmodo.com/twitter-hbo-qanon-censor-q-into-the-storm-1848842476?scrolla=5eb6d68b7fedc32c19ef33b4

Conservative Twitter accounts got boost in followers after Musk acquisition, data shows

https://www.theverge.com/2022/4/27/23045005/conservative-twitter-follower-boost-musk-acquisition-data

Network Scanning Techniques: Ethical Hacking Basics

https://www.sekurenetweb.com/network-scanning-techniques-ethical-hacking-basics/

How Technocrats Triumphed at Apple

https://www.nytimes.com/2022/05/01/technology/jony-ive-apple-design.html

Bonus Driven Development

https://twitter.com/richgel999/status/1520473199410135040

Iron Salt Aerosol

https://ironsaltaerosol.com/home/isa_summary

if this sounds intriguing read "Termination Shock" by Neal Stephenson

Hucksters on Parade

https://prospect.org/culture/books/hucksters-on-parade-todays-ceos/

The Last Two Week's Reading 4/24/2022 #infosec #Cybersecurity

 I missed last week because I was out of town at S4x22 in Miami Beach (good time), but I am back now.

Work Related Stuff

De-anonymizing Bitcoin

https://www.schneier.com/blog/archives/2022/04/de-anonymizing-bitcoin.html

Security Zines

https://securityzines.com/

How to achieve better cybersecurity assurances and improve cyber hygiene

https://www.helpnetsecurity.com/2022/04/11/reduce-cyber-attack-risk/

Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say

https://www.cyberscoop.com/ukrainian-electrical-grid-industroyer2-russia-sandworm/

7th ever ICS Specific Malware

https://mobile.twitter.com/RobertMLee/status/1514291630383280146

US warning: Hackers have built tools to attack these key industrial control systems

https://www.zdnet.com/article/us-warning-hackers-have-built-tools-to-attack-these-key-industrial-control-systems/#ftag=RSSbaffb68

Zapped: The grid is on life support. Can AI fix it?

https://www.zdnet.com/article/zapped-the-grid-is-on-life-support-can-ai-fix-it/#ftag=RSSbaffb68

Flaws in ABB Network Interface Modules Expose Industrial Systems to DoS Attacks

https://www.securityweek.com/flaws-abb-network-interface-modules-expose-industrial-systems-dos-attacks

Microsoft details how China-linked crew's malware hides scheduled Windows tasks

https://www.theregister.com/2022/04/14/microsoft-tarrask-malware-in-windows/

You can’t protect the unprotectable – our critical infrastructures

https://www.controlglobal.com/blogs/unfettered/you-cant-protect-the-unprotectable-our-critical-infrastructures/

US warns of APT groups that can “gain full system access” to some industrial control systems

https://blog.malwarebytes.com/vital-infrastructure/2022/04/us-warns-of-apt-groups-that-can-gain-full-system-access-to-industrial-control-systems/

and two days later...

It's Pretty Easy to Hack the Program That Runs Our Power Grids, It Turns Out

https://gizmodo.com/hackers-breach-power-grid-opc-ua-pwn2own-2022-1848825967

This took place at the conference I was at (S4x22 - people were fairly excited by it)

Early Discovery of Pipedream Malware a Success Story for Industrial Security

https://www.darkreading.com/vulnerabilities-threats/pipedream-response-shows-best-case-for-industrial-security

Chernovite's PIPEDREAM Malware targeting Industrial Control Systems (ICS)

https://www.dragos.com/blog/industry-news/chernovite-pipedream-malware-targeting-industrial-control-systems/

Hackers find 122 vulnerabilities — 27 deemed critical — during first round of DHS bug bounty program

https://www.cyberscoop.com/dhs-bug-bounty-122-vulnerabilities-27-critical-hackers/

more from the conference I was at :-)

Communist China Has Thrown Out the Old Rules of War

https://www.realclearbooks.com/articles/2022/04/18/communist_china_has_thrown_out_the_old_rules_of_war_827699.html

Other Stuff

Why the Past 10 Years of American Life Have Been Uniquely Stupid

https://www.theatlantic.com/magazine/archive/2022/05/social-media-democracy-trust-babel/629369/

The Biden administration gives a green light to a fuel that could be even dirtier than regular gas

https://www.theverge.com/2022/4/12/23021146/biden-administration-ethanol-e15-gas-prices

An Argument for a Return to Web 1.0

https://vhsoverdrive.neocities.org/essays/oldweb.html

Can Corporate Sustainability Claims Be Trusted?

https://www.sdxcentral.com/articles/news/can-corporate-sustainability-claims-be-trusted/2022/04/?hit=9ae718fa-4918-44e0-9c8f-716971f1d32f&utm_campaign=twitter&utm_medium=social&utm_source=sdx.io

Here’s Why No One Wants to Talk About Sweden

https://brownstone.org/articles/heres-why-no-one-wants-to-talk-about-sweden/

Why the Past 10 Years of American Life Have Been Uniquely Stupid

 Good Article -

I don't think there is anything super new in here but it pulls a lot of disparate thoughts together and makes a more coherent whole.  Doesn't exactly paint a rosy picture for the future of life in America.