TWINN #129 What happens when security systems are insecure?

Nerds On Site
Article Written By David Redekop


Founded In


5-Star Reviews

4.83 / 5

Satisfaction Rating

TWINN #129 What happens when security systems are insecure?

The 5 Top Cyber Security Stories Of The Week – June 19, 2023

1. A simple bug exposed access to thousands of smart security alarm systems

“The vulnerability is known as an insecure direct object reference, or IDOR, a class of security bug that allows unchecked access to files, data, or user accounts because of weak or lacking access controls on a server.”

2. Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away

“Key-leaking side channels are a fact of life. Now they can be done by video-recording power LEDs.”

3. Mandiant says China-backed hackers exploited Barracuda zero-day to spy on governments

Further to last week’s coverage on this, “China-backed hackers are likely behind the mass-exploitation of Barracuda Networks’ email security gear, which prompted a warning to customers to rip out and replace affected devices.”

4. Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems

Significant IOC (indicator of compromise) is if your macOS has ever reached out to, not an actual GitHub-owned domain. Zero Trust connectivity for the win! We need protection before we can identify it. (edited) 

5. Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks.

All week Microsoft ignored requests for responses on Outlook, Azure problems and without referencing any of those complaints and requests, offered this response.

Did you know?

In iOS17 my favourite new feature is the live voicemail transcription that allows you to pickup the call while someone leaves a message. Powerful productivity hack for those wanting to waste no time on unproductive inbound calls.

Video version to return next week when I am back from Infosec Europe.

You May Also Like…

TWINN #120 on Juice Jacking

TWINN #120 on Juice Jacking Threats come in all shapes and sizes. Not just in a digital sense but also in the...