By Anna Hammond
January 1, 2021
Security Snacks is a weekly digest of the most notable InfoSec news.
Its purpose is to provide a one-stop source for getting a high-level view of the state of security and hacking.
This is it! The first day of a hopefully “normal” year. Security-wise, this has been a relatively slow week. Though cybercrime never stops and we continue hearing of new Solorigate developments, the Internet seems to have embraced a slower pace to bid 2020 farewell. So, what better time to reflect on the past year’s unforeseen events and what may come next?
Here is a roundup of our favorite retrospective articles and predictions, on various cybersecurity topics (threats, breaches, ransomware, Work From Home, etc).
Good reading and happy new year! 🎊
2020 had its share of memorable hacks and breaches. Here are the top 10
Fines against banks for data breaches and noncompliance more than doubled in 2020
CVE-2020-10148 SolarWinds Orion API authentication bypass and RCE
Researchers uncovered this new vulnerability in SolarWinds Orion. Simply by adding a parameter to an API request, attackers can bypass authentication and obtain remote code execution. As this is critical and is exploited in the wild, CISA is urging US government agencies to update Orion systems or take them offline.
Microsoft’s investigations revealed that some of their source code repositories were accessed by attackers. The impact was limited as they could only read and not modify it, and Microsoft plans security with an “assume breach” philosophy.
The SolarWinds attackers’ goal is also known now. According to Microsoft, it was leveraging the Solorigate (aka Sunburst) backdoor to compromise victims’ cloud infrastructure.
Interesting resources for defenders include this Timeline of the Supply-Chain Attack, Solorigate Resource Center by Microsoft and SolarWinds Security Advisory that are regularly updated as new technical information emerges.
Vietnam targeted in complex supply chain attack
Vietnam is also suffering a supply chain attack. ESET discovered that attackers backdoored a toolkit distributed by the Vietnam Government Certification Authority (VGCA). Any private companies and government agencies that want to submit files to the Vietnamese government have to sign them digitally, which makes the compromise of this toolkit an opportunity for APT groups.
Corellium notches partial victory in Apple iOS copyright case
A judge ruled in favor of Corellium in the case that had ethical hackers worried for a while. Corellium’s software helps hackers find vulnerabilities in Apple products, but Apple accused them of violating copyright law. The court rejected this claim, a big win for security researchers. However legal proceeding around Apple’s second claim, that Corellium circumvented their DRM unlawfully, will continue in 2021.
Citrix confirms ongoing DDoS attack impacting NetScaler ADCs
FBI: Recent Swatting Attacks Targeting Residents With Camera and Voice-Capable Smart Devices
Multi-platform card skimmer found on Shopify, BigCommerce stores
Kawasaki Heavy Industries reports data breach as attackers found with year-long network access
The Russian cryptocurrency exchange Livecoin hacked on Christmas Eve
6 Questions Attackers Ask Before Choosing an Asset to Exploit
GoDaddy apologized for insensitive phishing email sent to its employees offering a fake bonus
Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company
Into The Breach: How Data Is Driving The New U.S.-China Cold War
NSO used real people’s location data to pitch its contact-tracing tech, researchers say
From Antivirus to Zero-day exploit: 20 cybersecurity terms you need to know