Cybersecurity And Much More Newsletter — Week 08 (2022)

Greetings, friends.

Welcome to my weekly newsletter, if you are not yet subscribed, please do. It might include books, articles, tech, tips, and of course interesting stuff about cybersecurity.

Enjoy!

What’s Happening

My Unpopular Opinion of the day #1: War is War, something I wish to disappear from our world forever. But for god sake, dear security vendors, don’t take advantage of this crisis and use it as a sales pitch, show your help and value and money will come later.

🚨 HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine

On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations.

Apparently, it shows a signed driver is being used to deploy a wiper that targets Windows devices, manipulating the MBR resulting in subsequent boot failure.

Sentinel Labs shared the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack.

🚨 Potential cybersecurity impacts of Russia’s invasion of Ukraine

There are ways in which Russia’s invasion of Ukraine may impact cybersecurity, and what organizations can do to stay safe in a continually evolving crisis.

  • Increased stakes and more aggressive measures: Wiper malware is being delivered in highly targeted areas via external-facing servers using compromised accounts. This appears to be more destructive than Ransomware attacks as there is no hope for recovery.
  • Collateral Damage: disputes the highly targeted attacks, it always spread beyond that and causes collateral damage.
  • Escalation: things might get worse as countries are moving forward with sanctions against Russia and work on isolating the country financially.
  • Misinformation: we live in the age of misinformation. However, in these kinds of scenarios, it turns to another level.
  • Scams: like what happened during covid, there will always be criminals who take advantage of the crisis and scam people to donate, get access to VISAs quickly, or even be safe from the cyber-attacks, or make free international calls.
  • Distraction: while the world focuses on Ukraine, other criminal groups will take advantage of the situation to hit hard and profit from the dispersion of resources.

📰 West to cut some Russian banks off from Swift

Swift, or the “Society for Worldwide Interbank Financial Telecommunication”, is a secure messaging system that makes fast, cross-border payments possible, enabling international trade.

The intention is to “further isolate Russia from the international financial system”, a joint statement said.

Russia is heavily reliant on the Swift system for its key oil and gas exports.

The joint sanctions are the harshest measures imposed to date on Russia over its invasion of Ukraine.

📰 Facebook blocks Russian state media from advertising on the platform

Facebook is blocking state-run Russian media outlets from advertising and monetizing content on the platform amid the ongoing conflict in Ukraine (via ).

“We are now prohibiting Russian state media from running ads or monetizing on our platform anywhere in the world,” Nathaniel Gleicher, Facebook’s head of security policy announced on Twitter. “These changes have already begun rolling out and will continue into the weekend.” He also noted that Facebook will continue to add labels to “additional Russian state media,” an initiative the platform started for all state-controlled media outlets in 2020.

👾 BlackCat ransomware

AT&T Alien Labs wrote a report about recently created ransomware malware dubbed BlackCat ****which was used in a January 2022 campaign against two international oil companies headquartered in Germany, Oiltanking, and Mabanaft.

The attack was not of a great impact but for sure remains a potential threat to the global critical infrastructures.

German newspaper Handelsblatt stated the oil companies Oiltanking and Mabanaft had been affected by a ransomware attack on January 29, 2022, that impacted one of the key oil providers in the area. The attacks allegedly caused Shell to re-route their supplies in order to avoid severe impacts on the German fuel supply. Even with these actions, it’s been stated that 233 gas stations across Germany have been affected by the incident, resulting in those stations having to run some processes manually and only taking cash payments.

👾 CISA warns of cyberespionage by Iranian APT “MuddyWater”

Note: the advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 10. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have observed a group of Iranian government-sponsored advanced persistent threat (APT) actors, known as MuddyWater, conducting cyber espionage and other malicious cyber operations targeting a range of government and private-sector organizations across sectors-including telecommunications, defense, local government, and oil and natural gas in Asia, Africa, Europe, and North America. Note: MuddyWater is also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros.

🔐 Russia-Ukraine Crisis: How to Strengthen Your Security Posture to Protect against Cyber Attack, based on CISA Guidelines

CISA has created Shields-Up as a response to the Russian invasion of Ukraine. Qualys is responding with additional security, monitoring, and governance measures. This blog details how and what our enterprise customers can do to immediately strengthen their security posture and meet CISA’s recommendations.

Reminder: Most of the time, it’s not about having fancy security tools that detect, block, respond, make coffee, clean your basement, or wash your car. It’s about going back to the basics: Access control, MFA, Patching, Security Updates, Email Protection, etc.

  1. Identify your internet-facing exposed assets using SHODAN
  2. Detect, Prioritize, and Remediate CISA Catalog of Known Exploited Vulnerabilities
  3. Protect your cloud Services
  4. Continuously Detect Potential Intrusion

Note: Qualys promote their tools on this blog post.

My Favorites

📝 Article — 🧠 The Future of Mental Health Diagnosis Goes Beyond the Manual

The Diagnostic and Statistical Manual, the so-called “Bible of Psychiatry,” is approaching its 70th year. It should be its last.

My Unpopular Opinion of the day #2: We live in a world where a lot of people are spoiled and struggle to prioritize long-term consequences over short-term gratification and find ways to label themselves with stuff like ADHD and OCD. For sure, neurodevelopment disorders exist but don’t put all the blame on them. Maybe your solution is just to do the hard work and stop complaining, or maybe to be grateful and don’t believe that you’re special and deserve all the good in this world.

This article from wired addresses the rules and methods that mental health professional follows and why it’s not that simple to label patients.

📝 Note — 📡 Using 5G in Manufacturing Requires a Better Security

Companies are consuming more and more 5G, and are all heading toward private 5G networks for more security, privacy, efficiency, and control. However, securing 5G isn’t different from security IT or even OT.

A lot of fortune 500 companies adopted the Purdue Reference Architecture from the 1990s and map it to other security maturity models to come up with a security maturity plan for manufacturing sites. But this same hybrid model needs also to be adapted to 5G. Why? because 5G devices don’t need to go through the different layers to send/receive data, they can their own flow.

This seems like an additional problem besides the main one that a lot of big companies are struggling with, securing OT.

But the approach is the same, private 5G networks should be isolated from IT and external environments to shield them from external and internal risks.

Will share more about this in the coming weeks, stay tuned.

📚 Book -

📚 🤔 Books I’m Currently Reading

Wireless Wars by Jonathan Pelson

  • Wireless Wars: China’s Dangerous Domination of 5G and How We’re Fighting Back, author Jon Pelson explains how America invented cellular technology, taught China how to make the gear, and then handed them to the market. Pelson shares never-before-told stories from the executives and scientists who built the industry and describes how China undercut and destroyed competing equipment makers, freeing themselves to export their nation’s network gear and their surveillance state. He also reveals China’s successful program to purchase the support of the world’s leading political, business, and military figures in their effort to control rival nations’ networks.
  • What’s more, Pelson draws on his lifelong experience in the telecommunications industry and remarkable access to the sector’s leaders to reveal how innovative companies can take on the Chinese threat and work with counterintelligence and cybersecurity experts to prevent China from closing the trap. He offers unparalleled insights into how 5G impacts businesses, national security, and you. Finally, Wireless Wars proposes how America can use its own unique superpower to retake the lead from China.
  • This book is about more than just 5G wireless services, which enable self-driving cars, advanced telemedicine, and transformational industrial capabilities. It’s about the dangers of placing our most sensitive information into the hands of foreign companies who answer to the Chinese Communist Party. And it’s about the technology giant that China is using to project its power around the world; Huawei, a global super-company that has surged from a local vendor to a $120 billion-a-year behemoth in just a few years.
  • For anyone curious about the hottest issue at the intersection of technology and geopolitics, Wireless Wars offers an immersive crash course and an unforgettable read.

📚 🤩 Books I Recommend Reading

What It Is by Lynda Berry

  • How do objects summon memories? What do real images feel like? For decades, these types of questions have permeated the pages of Lynda Barry’s compositions, with words attracting pictures and conjuring places through a pen that first and foremost keeps on moving.
  • What It Is demonstrates a tried-and-true creative method that is playful, powerful, and accessible to anyone with an inquisitive wish to write or to remember. Composed of completely new material, each page of Barry’s first Drawn & Quarterly book is a full-color collage that is not only a gentle guide to this process but an invigorating example of exactly what it is: “The ordinary is extraordinary.”

Outwriting the Devil by Napoleon Hill

🎙 Podcast — I don’t know if you’re already listening to Tim Ferriss Podcasts, but here is a summary of his Jan-22 episodes. Link

🎙 Podcast — This week Jack Rhysider talks to MLT from TeaMp0isoN.

TeaMp0isoN was a hacking group that was founded by TriCk and MLT ( twitter.com/0dayWizard). They were responsible for some high-profile hacks. But in this story, it’s not the rise that’s most interesting. It’s the fall.

🌲 Nature — Do birds have language? It depends on how you define it.

Scientists find some parallels with the human speech in cheeps and trills of birdsong.

Human language is made possible by an impressive aptitude for vocal learning. Infants hear sounds and words, form memories of them, and later try to produce those sounds, improving as they grow up. Most animals cannot learn to imitate sounds at all.

But among the scattering of nonhuman vocal learners across the branches of the bush of life, the most impressive are birds-hands (wings?) down.

🎥 Videos — A Gamer Drank 12 Energy Drinks in 10 Minutes.

It sounds stupid for sure, but what would really happen to the human body after drinking 1, 2, or why not 12 energy drinks. Well, it might cause Acute pancreatitis which is the most common gastrointestinal cause of hospitalization in the US. Link

Quote of the Week

If you’re interested in starting a career in Cybersecurity, watch this one, and don’t forget to subscribe to my channel and leave a comment if there are any topics you’re interested in seeing on my next videos.

Check my other stuff here.

Originally published at https://www.linkedin.com.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store