• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

InfoSec News From Last Week October 18th, 2021

October 18, 2021 By Josh Stuifbergen

Azure, BitBucket, GitHub, and GitLab revoke SSH Keys After GitKraken Vulnerability

Git software client GitKraken disclosed an SSH key generation flaw in a post this past Monday. The flaw was discovered in versions 7.6.x, 7.7.x, and 8.0.0 for releases available between mid-May to late-June this year. GitKraken uses the library keypair to generate SSH keys for connecting code repositories to the GitKraken App. The public SSH key was a weaker form than expected and could be vulnerable to key duplication. GitKraken published version 8.0.1 to rectify this issue, and major code hosting platforms such as Azure and Gitlab mass-revoked keys out an abundance of caution. The keypair library was updated as well.

Missouri Governor Confuses Public Facing HTML with Hacking

A journalist from the St. Louis Post-Dispatch newspaper followed the responsible standard procedure for data breaches. They notified the Missouri state Department of Elementary and Secondary Education about the public facing exposure of SSNs. This was then reported on by Post-Dispatch AFTER the department’s website administrators fixed the issue. More can be read about this at Trevor Collins Secplicity post.

EU’s Proposed Change to Domain Registrant Anonymity

The European Union is in the process of updating the EU Network and Information Security (NIS) directive for the European Union Agency for Cybersecurity (ENISA). The overhaul from NIS1 to NIS2 involves a collection of amendments to address the changing security environment since the first directive was adopted in 2016. Among those in the draft is Amendment 17 to increase transparency for registered domains. Domain registrars would be required to collect multiple details on the registrant that could then be used to verify their identity. Current requirements are minimal, and only require a name and address, but no verification. The ease for which someone can avoid accountability through the anonymity of lax registrant requirements has been linked to (but not wholly responsible for) the proliferation of short-term malicious domains. There are counterarguments to the changes, as it may stymy freedom of speech for those who require anonymity.

Microsoft Publishes their annual Microsoft Digital Defense Report (MDDR)

The report digs into the growing popularity of Ransomware-as-a-Service (RaaS). As the ransomware business model continues to mature, so will the need to counter it. Unsurprisingly, phishing attacks are still going strong, and Microsoft has seen an increase since June 2020. Additional details have been summarized here and for those looking to get into the details, the full 134-page report can be found here.

Federal Agencies will Require Sufficient Endpoint Detection and Response

Federal agencies will be required to host sufficient Endpoint Detection and Response (EDR) solutions. In a memo issued by the Shalanda Young, Director of the Office of Manage and Budget (OMB), the agencies will be required to coordinate with the OMB and the Cybersecurity Infrastructure Security Agency (CISA). The EDR data will feed into CISA to expand visibility. Any agencies lacking in EDR implementation will work with CISA to meet deployment guidelines.

Share This:

Related

Filed Under: Editorial Articles Tagged With: Cybersecurity Infrastructure Security Agency, EDR, ENISA, EU, EU Network and Information Security, European Union Agency for Cybersecurity, GitKraken, HTML, Microsoft, Microsoft Digital Defense Report, Missouri, Office of Manage and Budget, RaaS, SSH key

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use