Let’s do a security potpourri section.
An update to that Florida water treatment facility “hack”… and hack is in quotes. Turns out the plant did not issue individual passwords and had a shared password.. that any employee could use… from any location. Oh, and the plant stopped using TeamViewer six months ago, and just left it installed.
Microsoft is warning that the Emotet disruption is no reason to lower your guard. The servers were taken down, but previous take downs of botnets have seen a restoration, and the company is warning not to stop watching.
Unrelated, Microsoft is also updating Defender for Office 365 around impersonated users and domains, where a threat actors uses a sender or domain that’s close but not the same.
Apple has patched that sudo bug reported last week.
New data from threat intelligence firm Kira says that access to networks isn’t that expensive – generallky sold around seven thousand dollars, with prices starting as low as $1500.
Finally, a researcher has managed to breach 35 major companies – Microsoft, Apple, Netflix, Tesla, Shopify all on the list – in a novel supply chain attack. How? Malware into open source repositories, and then that managed to get into the company’s internal applications.
Why do we care?
Two extremes – on hand, you have absolute insanity of shared passwords and a resource that isn’t there. And on the other side, all that screaming about SolarWinds and supply chains… yeah, seems like anyone can fall.
When I say we’re losing the war, there’s my data. If you want to change the direction, we’re going to need to take different actions.