Security Leftovers

• Go read this report about the US military endangering passenger jets by blocking GPS

  The military is carrying out the testing, ironically, to help develop technology to counteract GPS jamming. To be fair, it’s an understandable goal, as the article details the troubles that pilots face when a technology they heavily rely on goes away. But when that happens, the pilot at least has visual cues and other instruments. The article also goes into how, instead of completely cutting out the pilot’s GPS signal, the testing can end up feeding the pilot incorrect information, leading to thinking they’re somewhere they’re not.

  Each tangent the article goes on reveals worrying new details, like how pilots are warned that testing may be happening, often leading to smooth flights and a “Chicken Little” situation where pilots have heard false warnings so many times that they’re not prepared for when it actually happens. There are also hints that the problem may be happening more often than even the Federal Aviation Administration realized.

• Powershell Dropping a REvil Ransomware

  This is a classic bypass for logging and AV detection[3]. Then, a second RunSpace is started: [...]

• World Economic Forum pegs cybersecurity failure as a major global risk [iophk: Windows TCO]

  Against such sophisticated threats, the vast majority of defenders don’t stand a chance, Clements added. “It’s often shocking to the security professionals tasked with protecting an organization and its data just how easy it is to bypass or defeat security controls like antivirus or how fast attackers can crack passwords,” he said.

• Department of Defense appoints John Sherman as acting CIO

  The Department of Defense (DoD) has replaced outgoing CIO Dana Deasy with deputy CIO John Sherman, who will head up the DoD's cloud strategy until a long-term replacement is in place.

  Sherman, who’s served as the deputy CIO at the DoD since June 2020, steps into the role Deasy left as America welcomed the Biden administration. Before that, Sherman was the intelligence community CIO, where he began in 2017 coordinating IT modernization across 17 agencies. From 2014 to 2017, he was the Deputy Director of the CIA's Open Source Enterprise (OSE). In his role, Sherman enhanced the CIA's open-source intelligence (OSINT) initiative.

  He’s also served at the National Geospatial Intelligence Agency (NGA) and was the Deputy National Intelligence Officer for Military Issues on the National Intelligence Council.

• Thanks for the data, suckers: How information insecurity endangers Russian Railways passengers and risks prison for the company’s I.T. workers

  On January 13, a hacker dubbed “LMonoceros” posted proof that he broke into the private network of Russian Railways (RZD) and accessed surveillance from cameras at train stations, on railway platforms, along rail tracks, and inside company offices. RZD employees contacted the hacker and together they patched the weakness in the network. This isn’t the first time Russian Railways has had problems with information security: In the past year and a half, the personal information of 700,000 employees and 1.3 million passengers has leaked, and the Wi-Fi aboard highspeed Sapsan trains was hacked in just 20 minutes. Meduza explains how RZD security problems threaten company employees.

• What is a Distributed Denial of Service Attack? | TheITstuff

  What is a Distributed Denial of Service Attack? also termed DDos Attack. The question is very common among computer or programming students who are learning about hacking techniques. This question is also asked by willing to be a white hat hacker one day. If you have the same question as well, let’s understand what this is. Disclaimer – I will be simplifying the DDoS process massively in this article just to give you an outline of the DDoS attacks. In reality, the DDoS attacks can be extremely complicated. After every DDoS attack, a team of engineers sit together and check logs of all network devices to figure out how the attack happened.

Android Leftovers

• Samsung Galaxy S21 Ultra review: the new king of Android phones

• Mozilla will make it easier to install extensions in Firefox 85 for Android

• Oppo A9 2020 Android 11 beta build now slated for Q2 2021, says support

• Verizon’s Visible begins supporting 5G on Android, starting w/ Galaxy S20 series

Open source is still not a business model

If you thought 2021 was going to be the year without big drama in the world of open source licensing, you didn’t have to wait long to be disappointed. Two stories have already sprung up in the first few weeks of the year. They’re independent, but related. Both of them remind us that open source is a development model, not a business model. A few years ago, it seemed like I couldn’t go to any sysadmin/DevOps conference or meetup without hearing about the “ELK stack“. ELK stands for the three pieces of software involved: Elasticsearch, Logstash, and Kibana. Because it provided powerful aggregation, search, and visualization of arbitrary log files, it became very popular. This also meant that Amazon Web Services (AWS) saw value in providing an Elasticsearch service.