There are a ton of cyber stories to cover today, so let’s do the commercial ones first.
I didn’t want to miss this story from last week. One guy saved us all from a massive supply chain attack. Andres Freund, a software engineer at Microsoft, inadvertently discovered a backdoor hidden in a piece of software that is part of the Linux operating system. This backdoor could have led to a major cyberattack with significant damage. His findings were sent to open-source software developers, who quickly developed a fix. If undetected, the backdoor would have given its creators access to millions of computers worldwide. The attacker’s identity remains unknown, but the sophistication of the attack suggests the involvement of a nation with advanced hacking capabilities.
The price of zero-day exploits is rising as companies strengthen their products against hackers. Startup Crowdfense is offering millions of dollars for tools to hack iPhones, Android devices, WhatsApp, and iMessage. These “zero-days” rely on unpatched vulnerabilities in software and are commonly acquired by companies like Crowdfense and Zerodium to be resold to government agencies or contractors. The price increase is attributed to the improved security measures implemented by companies like Apple, Google, and Microsoft. As exploiting vulnerabilities becomes more challenging, the cost of zero-day exploits is expected to continue increasing.
A misconfigured SaaS application caused a recent data breach at Home Depot. The breach exposed employee information and highlights the growing problem of SaaS-based attacks. Security experts emphasize the need for firms to improve their SaaS security practices and implement controls to prevent data breaches.
Why do we care?
If you ever wonder about “Can one person make a difference,” remember that just one guy spotted a massive issue. See something say something is a cliché for a reason.
SaaS misconfigurations are an area of interest for ongoing security management. My continued interest in cloud and SaaS management is because of this issue. This is an ongoing monitoring and management problem and one that’s still significantly difficult to handle in a multi-tenant, multi-customer way.