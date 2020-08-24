Proprietary Software and Security Issues
Hackers use legit tool to take over Docker, Kubernetes platforms [Ed: Bleeping FUD clearly does not understand what "hacker" means and is just eager to spread fear, not of proprietary software with back doors but software without back doors]
In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it.
They used an opensource tool specifically created to monitor and control cloud environments with Docker and Kubernetes installations, thus reducing their footprint on the breached server.
Keyfactor Expands End-to-End Crypto Capabilities with SSH Key Management
Keyfactor, the leader in crypto-agility solutions, today announced the release of SSH Key Manager for Keyfactor Command, its complete certificate lifecycle automation and PKI as-a-Service platform. The solution replaces manual management methods, automating access and distribution of SSH (Secure Shell) keys across machines, applications and devices within the enterprise.
Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor [Ed: Mostly proprietary software as a 'backdoor']
The FTC Is Investigating Intuit Over TurboTax Practices
The Federal Trade Commission has been investigating Intuit and its marketing of TurboTax products, following ProPublica’s reporting that the Silicon Valley company deceived tax filers into paying when they could have filed for free.
The FTC probe, run out of the commission’s Bureau of Consumer Protection, centers on whether Intuit violated the law against unfair and deceptive practices in commerce. One focus of the investigation is whether TurboTax marketing misdirected customers who were eligible to file their taxes for free into paid products.
Mullvad vs. NordVPN: Two popular VPNs do battle
Before plunking down your cold hard credit card number, however, there are many questions to ask. Can you trust the company? What are the speeds like? Is there a desktop app and is it easy to use? How many country locations are there, and can you still watch Netflix while connected?
Magecart’s Success Paves Way For Cybercriminal Credit Card ‘Sniffer’ Market
The Magecart threat group has dominated headlines for its use of malicious JavaScript code, which is injected into e-commerce websites to exfiltrate customer payment card data. But new research points to a growing industry on underground forums where so-called “sniffers” are being advertised, sold and regularly updated.
Slack Tumbles After Quarterly Billings Miss Estimates
In the fiscal second quarter, Slack reported revenue jumped 49% to $215.9 million, beating analysts’ projections of $209.2 million. Excluding some items, the company broke even, while analysts, on average, estimated a loss of 3 cents.
Apple will seek damages from Epic Games for breach of App Store contract
Epic Games sued Apple in August, after the company’s hit game Fortnite was removed from the iOS App Store over the implementation of an unauthorized payment system. The complaint, filed August 13th, alleges that Apple is violating antitrust law, using its total control over iOS to extract a commission for all software that passes through the App Store.
Apple’s filing comes in response to an exhaustive motion for a preliminary injunction, filed by Epic over the weekend. Tuesday’s filing lays out a range of defenses against that motion. Among other claims, Apple maintains there were legitimate business justifications for all of the actions it undertook, which would undercut a broader antitrust claim. “At all times, [Apple’s] conduct was reasonable and ... its actions were undertaken in good faith to advance legitimate business interests and had the effect of promoting, encouraging, and increasing competition,” the complaint reads.
[Old] Leveraging Digital Certificates to secure cellular communication networks
For over 10 years I have been identifying and testing a number of exploits in cellular protocols that leverage what I refer to as “pre-authentication message”. In parallel, I have been witnessing the rise of a number of excellent academic teams doing outstanding research in this area and identifying further security issues in cellular protocols, mst of which are root-caused by pre-authentication messages.
Lessons Learned from SSH Credential Honeypots
For the past few months, I’ve been running a handful of SSH Honeypots on some cloud providers, including Google Cloud, DigitalOcean, and NameCheap. As opposed to more complicated honeypots looking at attacker behavior, I decided to do something simple and was only interested in where they were coming from, what tools might be in use, and what credentials they are attempting to use to authenticate. My dataset includes 929,554 attempted logins over a period of a little more than 3 months.
If you’re looking for a big surprise, I’ll go ahead and let you down easy: my analysis hasn’t located any new botnets or clusters of attackers. But it’s been a fascinating project nonetheless.
