Chaos unfolded for a meat producer over the weekend, likely from what else but ransomware. Suspected Solar Winds hackers are back, VPN breaches from state sponsored hackers, a wiper is masquerading as ransomware and a silicon based security issue with M1 chips. In owl news, we check in on the western screech owl in Canada and finally shoutout a rewrite of policy as code tool CloudFormation Guard.
The NY MTA hack was due to a Pulse Secure VPN zero day but failed to get any customer or employee data via BleepingComputer. This puts a name to one of the companies affected in the report we mentioned last week in TSD-63 from Mandiant / FireEye.
Speaking of FireEye and Mandiant, FireEye the product company that bought Mandiant in 2014 is selling the FireEye product and name to focus on Mandiant Solutions via CNBC
The Supreme Court ruled on the CFAA limiting the scope, read more at Ars Technica
The US government announced that they were going to treat ransomware like terrorism, read more at Mashable
Wired has a story on how NYC has 15,000 cameras
Owl fun and facts:
Look at that owl, that owl is owlsome. You might be able to see this owl in Montana.
A Shout Out:
Jason Dyke from ScaleSec is back with a brand new project called Project Lockdown.
“Project Lockdown is a collection of serverless event-driven auto remediation Cloud Functions designed to react to unsecure resource creations or configurations. Project Lockdown is meant to be deployed in a GCP environment and has the capabilities to monitor and remediate across your entire Organization hierarchy in a matter of seconds.”
TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
Please reach out to us directly, via [email protected] or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!
That’s owl for now!
The post The Security Digest: #64 appeared first on Cyral.
*** This is a Security Bloggers Network syndicated blog from Blog – Cyral authored by Daniel Tobin. Read the original post at: https://cyral.com/blog/tsd-the-security-digest-64/