Cybersecurity 🔐 And Much More Newsletter 📪 — Week 24 (2022)

Greetings, friends.

Welcome to my weekly newsletter, if you are not yet subscribed, please do. It might include books, articles, tech, tips, and of course interesting stuff about cybersecurity.

Enjoy!

What’s Happening

🚨 New Linux Malware Dubbed “Almost Impossible” To Detect Found

  • A new form of Linux malware that is “almost impossible” to detect has been found in a joint research effort by BlackBerry Threat Research & Research team and Intezer security. It has been called Symbiote because of its “parasitic nature”.
  • Instead of trying to compromise a running process, it acts as a shared object library (SO) that’s loaded on all running processes. This provides the attackers with rootkit functionalities.
  • The scary part is that when exploited it provides the ability to instruct the kernel on the packets that should be captured and the ones that shouldn’t be and associated malware can be not only concealed but also untraceable. [1]

📰 Social Media 👀 Monitoring Applications are Struggling to Appear Legitimate

  • While Social Media companies fail to prevent disasters caused by the information shared by subscribers or just fail to correlate information shared by deranged individuals, other tech companies climbed the wagon of making money out of our data and private lives and pretend that they can help fill up the gap and offer surveillance capabilities that will help prevent tragedies or collect signals that can be used for good causes.
  • Schools are one of the main use cases where this kind of social media monitoring tool can be leveraged to mitigate cyberbullying or prevent other incidents, especially in the absence of minimum physical security controls.
  • Two main aspects surface when discussing this kind of tool, the legal and the technical aspects. How can they be legitimate? how does it work? and how effective it is? [2]
  • When combining both aspects we will land on a more complex question “It can be authorized if it’s proven to be effective” but unfortunately it’s not the case, it is effective and it’s invading K-12 student’s privacy, something that will impact their development and ability to express themselves, and this is due to the false positives that these social media surveillance platforms generate and the degree of integration it can have with the different social media websites.
  • Concluding with an open-ended question could be: What if we use the same resources leveraged for influencing voters during the political campaigns to make our schools safe(r). [3]

🩹 Chrome Patches for Four (04) High Severity Vulnerabilities

Google this week announced the release of a Chrome browser update that resolves seven vulnerabilities, including four issues reported by external researchers.

  • CVE-2022–2007: a vulnerability rated as High, that’s a UAF (Use After Free) in WebGPU.
  • CVE-2022–2008: a vulnerability rated as High, that’s an Out of Bounds Memory Access in WebGL.
  • CVE-2022–2010: a vulnerability rated as High, that’s an Out of Bounds Read in compositing.
  • CVE-2022–2011: a vulnerability rated as High, that’s a UAF (Use After Free) in ANGLE. [4]

👾 Potent Emotet Variant Spreads Via Stolen Email Credentials

  • Emotet is returning from the dead in 2022 and still using many of the known attack vectors it used to leverage in the past, but it is more sophisticated and updated to bypass the most recent security controls. [5]
  • According to Proofpoint, the threat actor TA542 returned in April after a 10-month break to leverage Emotet. [6]
  • It’s used to deliver ransomware and is targeting more regions than before, and since it leverages malicious email attachments, there was a 900% increase in MS Excel Macros used in phishing emails than it was last year.

Security Bites and Tips

👋 Tips — 🔐 Tech — Enable Live Caption for Any Video or Audio

  • If you are like me and always watch videos at 1.5x or 2x, live caption comes very handily to not miss important pieces of the conversations. Well, the good thing is that it’s available for both audio and video.
  • Since your browser knows more about you than you or your mom do, it can read all the audio and video you’re consuming and give you the caption.
  • The caption feature is natively available on your chrome browser and can be enabled by going to settings > advanced >Accessibility > Live Cation (slide the toggle on), this will download the speech recognition files that this feature will use.
  • Once activated a small popup at the bottom of the screen will show the live caption and you can still close it when you don’t need it without having to go back and disable the feature.

👋 Tips — 🔐 Tech — Isolate, Copy, and Share Subjects From Photos on iOS 16

  • I am very excited about this new feature, it will make content creators and everybody’s life easier when needing to add subjects from a photo. This reduces the burden of looking for the perfect photo to use for presentations, blogs, or just messages you are sending to your friends.
  • The feature has visual lookup capabilities for photos which makes it possible to isolate subjects of a picture from their background and offers the ability to export them elsewhere.
  • You will be able to do this by just pressing and holding on a subject from one of your images, then choosing copy or share from the popup menu. You can also drag and drop those same objects to other applications like note-taking or messaging applications.

👋 Tips — 🔐 Security — Why Browsers are your worst enemy when securing an organization?

  • With the high adoption of cloud applications, most of the tools that employees are using in their day-to-day activities are web-based, which translates into using web browsers for basically accessing any corporate tools, platform, or data.
  • Here are some simple steps to make browsers more secure without too much altering the employees’ user experience:
  • Protect users from web threats using secure web gateways and proxies.
  • Securely configure your browsers using the industry best practices and standards, such as CIS. [7]
  • Automatically apply security updates to browsers.
  • Control the extensions users can add to their browsers.
  • Make HTTPS a standard.
  • Prevent users from storing their passwords on the browsers and use a password manager instead.
  • Educate the users on the security best practices like using weak passwords, reusing passwords, Phishing emails, Risky websites, and Social engineering.
  • Prevent offline access to data when using non-corporate devices.
  • Prevent subscription to websites and cloud applications using corporate accounts.

📝 Note — 📡 Telco/IoT Security — How Cryptographic Isolation Helps Secure 5G Networks

  • Containers and Virtual Machines are important components of the 5G Infrastructures to allow the network structure to be granularly sliced.
  • Lateral Movements are one of the most imminent threats in 5G Infrastructures and despite the efforts that can be made un-secured and hardened containers, more layers need to be added to help mitigate this risk.
  • We know that most cloud vendors claim to be encrypting data in-transit and at-rest using strong encryption, but that’s not enough as it still exposed when in memory or when processed by CPUs.
  • User access can also be securely managed using RBAC (Role-Based Access Control) and Just in Time Access.
  • Networks can be isolated, encrypted, and monitored.
  • Compute isolation is also important (logical and physical isolation).
  • This brings us to today’s topic. The cryptographic isolation of containers can be done using “Trusted Execution Environments” or TEE where code and data is loaded inside a secure area within a main processor. This will guarantee the confidentiality and integrity of the data by isolating it from anything outside the TEE.
  • In addition to encryption, containers running in privileged mode with root capabilities should be limited.

My Favorites

☣️ Deep learning identifies A-to-I RNA 🧬 edits using nanopore sequencing data

  • It has always been challenging to modify post-transcriptional modifications such as Adenosine-to-Inosine RNA, but it appeared that nanopore RNA sequencing combined with some Deep Learning models can be used to detect Inosine-containing sites on native transcriptomes and estimate the modification rate of each.
  • This discovery is important to understanding the A-to-I RNA editing and its mechanism that will facilitate the development of more effective cancer therapeutics strategies.

📚 🤔 Books I’m Currently Reading

Title: The Road To Reinvention — How to Drive Disruption and Accelerate Transformation

Author: Josh Linkner

Overview: This book is about learning why reinvention is crucial in staying ahead of the competition. It translates into the fact that success is not a linear and exponentially curve you are going to be advancing through, it’s a series of ups and downs and your success only relies on your ability to stay consistent and evolve.

📚 🤩 Books I Recommend Reading

Title: No Bullshit Leadership — The World Needs More Everyday Leaders That Leader Is You

Author: Christ Hirst

Overview: There are no specific personality traits that leaders should have, nor some genetic heritage that differentiates leaders from non-leaders. Leadership can be learned like any other skill and developed by constant practice.

Title: The Nine Types of Leaders

Author: James Ashton

Overview: This book explains different types of leadership styles to help you understand which one aligns with your personality and capabilities. While leaders are not the same and come from different backgrounds, learning to be a leader or a better one relies on leveraging your strengths and empathy toward others to empower them. Leadership also must be aligned with the environment and the organization you are in.

🎙 Podcast — Responsibility-Shifting Questions

  • In the Ep.382 “Responsibility-Shifting Questions, Being a Better Manager, and Why You Might Rent a Salad Bowl” of the Happier Podcast by Gretchen Rubin, she interviews Russ Laraway the ex. marine commander and author of his new book “When They Win, you Win: Being a Great Manager is Simpler Than You think”.
  • They talk about why managers have a great influence on engagement at work, and the three elements of leadership (Direction, Coaching, and Career”.
  • Also talked about the “Three-stage Career Conversation” and how it covers their life story, long-term dream, and the tangible steps to right now to advance toward that dream.

🎥 Videos — How to become a tyrant?

  • A came across this Netflix documentary called “How to Become a Tyrant” that talks about how ruling with an iron fist requires an aspiring dictator to know the playbook for absolute power, as history’s despots prove in this sardonic docuseries.
  • The lesson I am learning from it is that regardless of what you are doing, good or bad, you will need skills, preparation, playbooks, and other smart people to support you.

Quote of the Week

“Be yourself; everyone else is already taken.” ― Oscar Wilde

If you’re interested in starting a career in Cybersecurity, watch this one, and don’t forget to subscribe to my channel and leave a comment if there are any topics you’re interested in seeing on my next videos.

Check my other stuff here.

Resources

[1] The original blogpost by Blackberry about Symbiote

[2] EFF Presentation about the Social Media Surveillance “Social Sentinel”

[3] Research Report about Social Media Monitoring for K-12 Schools

[4] Chrome Release — Stable Channel Update for Desktops

[5] HP Threat Research Report covering Emotet

[6] Proofpoint Threat Report covering Emotet

[7] Securing Google chrome

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store