Thinking outside the code: How the hacker mindset drives innovation

Keren Elazari is an internationally recognized security analyst, author, and researcher. Since 2000, Keren has worked with leading Israeli security firms, government organizations, innovative start-ups, and Fortune 500 companies. She is the founder of … Continue reading Thinking outside the code: How the hacker mindset drives innovation

Sisense breach exposes customers to potential supply chain attack

The Cybersecurity and Infrastructure Security Agency is urging Sisense customers to reset credentials and report any suspicious activity.

The post Sisense breach exposes customers to potential supply chain attack appeared first on CyberScoop.

Continue reading Sisense breach exposes customers to potential supply chain attack

Backdoor in XZ Utils That Almost Happened

Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery: The security of the global Internet depends on countless obscure pieces of software written and maintained by even more obscure unpaid, distractible, and sometimes vulnerable volunteers. It’s an untenable situation, and one that is being exploited by malicious actors. Yet precious little is being done to remedy it…

Continue reading Backdoor in XZ Utils That Almost Happened

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

The US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails of senior US government officials.

From the executive summary:

The Board finds that this intrusion was preventable and should never have occurred. The Board also concludes that Microsoft’s security culture was inadequate and requires an overhaul, particularly in light of the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations. The Board reaches this conclusion based on:…

Continue reading US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Supply chain attack sends shockwaves through open-source community

An operation to undermine the software utility XZ Utils has exposed the fragile human foundations on which the modern internet is built.

The post Supply chain attack sends shockwaves through open-source community appeared first on CyberScoop.

Continue reading Supply chain attack sends shockwaves through open-source community

Cyber review board blames cascading Microsoft failures for Chinese hack

The Cyber Safety Review Board concluded in a report that Microsoft’s corporate culture has inappropriately deprioritized security.

The post Cyber review board blames cascading Microsoft failures for Chinese hack appeared first on CyberScoop.

Continue reading Cyber review board blames cascading Microsoft failures for Chinese hack

XZ Utils Backdoor

The cybersecurity world got really lucky last week. An intentionally placed backdoor in XZ Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica:

Malicious code added to XZ Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption key could stash any code of their choice in an SSH login certificate, upload it, and execute it on the backdoored device. No one has actually seen code uploaded, so it’s not known what code the attacker planned to run. In theory, the code could allow for just about anything, including stealing encryption keys or installing malware…

Continue reading XZ Utils Backdoor

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

It’s pretty devastating:

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries. By exploiting weaknesses in both Dormakaba’s encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel—say, by booking a room there or grabbing a keycard out of a box of used ones—then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock’s data, and the second opens it…

Continue reading Security Vulnerability in Saflok’s RFID-Based Keycard Locks

Chinese hackers target family members to surveil hard targets

To surveil security conscious politicians and dissidents, hackers linked to Beijing are increasingly targeting their spouses and relatives. 

The post Chinese hackers target family members to surveil hard targets appeared first on CyberScoop.

Continue reading Chinese hackers target family members to surveil hard targets