720-891-1663

Security News for the Week Ending June 4, 2021

Freaking Ooops: Us Nuke Bunker Security Secrets On Public ‘Net Since 2013

Details of some US nuclear missile bunkers in Europe, including secret duress codewords have been exposed publicly on the Internet. Journalists discovered it by using simple search queries. The information was on training flashcards, which should not have been public. It includes “intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the identifiers that a restricted area badge needs to have”. The information has now been deleted. It was exposed since 2013. Good job, folks! Credit: The Register

If You Can’t Spy Yourself, Ask Your Friends for Help

It takes a village – even if that is a village of Spies. The NSA got help from Denmark in spying on top politicians and other high ranking officials in Germany, Sweden, Norway and France. They did this by asking the Danes to let them tap into an underwater fiber optic cable in 2012. Targets include Angela Merkel. Generally, politicians cyber hygiene habits are really poor, so the NSA probably found a lot of unencrypted data. Credit: The Hacker News

Watch Your Words When Discussing Breaches

If your company is in the unfortunate situation of dealing with a cyber breach, the lawyers say watch what you say in emails or Slack or similar channels because it can come back to bite the company later. If you say to a coworker “oh, yeah, we knew about that bug for months” and the bug wasn’t fixed and that contributed to the breach, well, you can see, that could be a problem for the company. Obviously, it goes without saying that social media is definitely off limits for that kind of conversation. Unless, you don’t like your job or the company. Read details in SC Magazine.

ARIN Plans to Take Down Part of the Internet – This is Just a Test

ARIN, the American Internet IP authority, plans to take down the RPKI infrastructure some time in July, without notice, just to see what breaks. In theory, if RPKI is implemented correctly, the fact that this goes down should be a big yawn. We shall see. Credit: Bleeping Computer

FBI and DoJ to Treat Ransomware Like Terrorism

Since ransomware *IS* terrorism, it is nice to hear that the DoJ is going to treat it as such. Unlike the last administration, this time the FBI took direct aim at Russia as the culprit in a lot of the ransomware attacks. The US Attorney’s offices in every state have been directed to investigate ransomware attacks the same way that they treat other forms of terrorism. While they don’t have the resources to investigate every ransomware attack, any big attack or one that hits a critical industry will be handled just like a terrorist bombing. While this won’t fix the problem, more attention is good. Credit: ZDNet

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *