SMS Routing Company Syniverse Discloses Breach Spanning 5 Years
Syniverse claims to be “the world’s most connected company” serving so many large telecommunication companies that it should be assumed that your provider is one of their customers. Their reach is significant, acting as the intermediary for text messages between carriers and routing calls between networks. The breach stretched from May 2016 to May 2021. Motherboard journalist Lorenzo Franceschi-Bicchierai discovered in the most recent U.S. Securities and Exchange Commission (SEC) filing this piece of information, “Syniverse’s investigation revealed that the individual or organization gained unauthorized access to databases within its network on several occasions, and that login information allowing access to or from its Electronic Data Transfer (“EDT”) environment was compromised for approximately 235 of its customers.” We can likely expect to learn more about this incident over time, as a compromise from an organization of this magnitude deserves intense scrutiny and available post-mortem details to ensure this doesn’t happen again. Companies that rely on SMS for two-factor authentication (2FA) should seriously consider an alternate option such as authenticator applications.
Google Moves to Auto-enroll Two-step Verification (2SV) for 150 Million Accounts
Google intends to auto-enroll users (many but not all) into 2SV who have the technical requirements, but have not enabled it yet. This is a positive step forward. People are increasingly becoming aware and accustomed to using two-factor authentication, and Google’s decision to auto-enroll users in a move in the right direction. Google’s implementation of two-factor authentication is considered less burdensome as you only need to accept the verification on your phone, rather than entering a one-time code from an authentication application. While there are risks, this is an improvement over using only passwords as protection of accounts.
CISA’s National Cybersecurity Summit Begins
The Cybersecurity & Infrastructure Security Agency (CISA) hosted their first of four presentations on Wednesday. This aligns with Cybersecurity Awareness Month, which is October. The first presentation focus was on Vulnerability Management Ecosystem. The stream of the presentation can be viewed on their YouTube channel. There will be three additional presentations throughout October.
Microsoft Will Disable Excel 4.0 Macros by Default
Macros have always been a thorn in the side of IT and security personnel. The ability for users to easily enable macros on their enterprise Excel applications left a serious hole in security. Users could simply download and open an Excel file from a phishing email, unaware that it contained malicious code. Even with the newest version, Excel 5.0, Excel 4.0 was still being supported. This was a problem known to Microsoft as far back as March 2021 when they released Excel 4.0 macro support for their Anti-Malware Scan Interface. The feature will be disabled automatically for paying Microsoft 360 customers—an important feature that enterprises have been waiting for.