October 5, 2020
David Redekop

This Week In Nerd News – October 5, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

YouTube video

Microsoft’s Azure AD authentication outage: What went wrong.

It’s been a rough week for Microsoft users who have first- and third-party apps that rely on Azure Active Directory for authentication. Microsoft has published a root-cause analysis of its issues.

It’s been a rough week for Microsoft users who have first- and third-party apps that rely on Azure Active Directory for authentication. Microsoft has published a root-cause analysis of its issues.

 

Read More: Microsoft’s Azure AD authentication outage: What went wrong 

 

Russia’s Fancy Bear hackers likely penetrated a U.S. federal agency.

Excellent details are provided on the attack vector and even IOCs (Indicators of Compromise). Similar strategies get used with small business cyber attacks. A gentle reminder that proper egress control stops attacks like this in their tracks.

The Cybersecurity and Infrastructure Security Agency (CISA) responded to a recent threat actor’s cyberattack on a federal agency’s enterprise network. By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.

For a downloadable copy of IOCs, see: AA20-268A.stix.

 

Read More: Analysis Report (AR20-268A) – Federal Agency Compromised by Malicious Cyber Actor

 

This Is What Palantir And The LAPD Know About You.

Fascinating read, but you may need some coping mechanisms after this wakeup call on how much more power law enforcement has with this information about us that may or may not be true.

Ahead of its Sept. 30 public listing, Palantir, a secretive data analytics company with ties to the defense and intelligence communities, has been touting itself as a tool that can “target terrorists and keep soldiers safe.” With an expected valuation of about $22 billion, it will become one of the biggest surveillance companies in the world.

Palantir promises that where “technological infrastructure has failed,” it can create clarity and order. But to deliver, its software needs data — lots of it.

Now, two never-before-seen documents, “Intermediate Course” and “Advanced Course” training manuals, reveal how the Los Angeles Police Department has taught its officers to use Palantir Gotham, one of the most controversial and powerful law enforcement tools in the world.

 

Read More: Scars, Tattoos, And License Plates: This Is What Palantir And The LAPD Know About You

 

Helping to pay off ransomware hackers could draw big penalties from the feds.

Anyone who helps ransomware victims pay off hackers who are under U.S. sanctions could face stiff punishment themselves, the Treasury Department said Thursday.

The advisory from Treasury’s Office of Foreign Assets Control served notice to financial institutions and cyber insurance companies — as well as cybersecurity firms that help ransomware victims identify and respond to attacks — that they could suffer fines if they aided payments to attackers from places like Russia, North Korea or Iran that are on the U.S. sanctions list.

 

Read More: Helping to pay off ransomware hackers could draw big penalties from the feds

 

‘It Won’t Happen to Me’: Employee Apathy Prevails Despite Greater Cybersecurity Awareness.

This is why *systems* for security continue to gain in important priority.

With remote working now part of the new business reality, cybersecurity has skyrocketed to the top of the IT to-do list. Companies are investing astronomical sums to upgrade technology, develop security processes, and boost IT staff, yet studies indicate that they may be overlooking the biggest piece of the puzzle: their employees.

 

Read More: ‘It Won’t Happen to Me’: Employee Apathy Prevails Despite Greater Cybersecurity Awareness

 

Did you know?

DNSharmony Beta Launch program was announced. Very exciting future ahead for sysadmins, business owners, parents, users. This is ADAMnetworks pivot to a freemium business model.