A late weekly cyber, my take as usual

Hi all, here are my key news from last week, as I was on vacation, did still follow some valuable information. I'm doing things my way, because everybody else is doing like everybody else :D

• Damien published that "China aims to launch nearly 13,000 satellites to ‘suppress’ Elon Musk’s Starlink, researchers say"

• "Behind the Attack: Paradies Clipper Malware" - Clipper malware is a type of malware that specifically targets cryptocurrency wallets. It replaces wallet addresses with the attacker’s own address, effectively diverting funds to the attacker.

• "8 Easy Steps to Set Up Multiple GitHub Accounts [cheat sheet included]"

Any developer has to set up his Git config at least once. This cheat sheet will help you make this process a breeze, ensuring that you never push with the wrong profile again!

• Shut up and obey - Microsoft Defender app now force-installed for Microsoft 365 users

• VPN Alternatives - This, in the context of remote access to organization's resources. Not as VPN to appear as in another country, OR, to keep appearing connected from home, and protecting your data in transit while roaming.

• It's a question of responsibility ! Security gaps in a managed Kubernetes environment

In this article, they examine the impact of a shared responsibility model on end-user security administration in managed Kubernetes environments. They also explore typical difficulties and effective methods for securing these environments.

• Thinking of using EPSS? Here’s what you need to know - EPSS is showing promising results when it comes to threat intelligence, but there are some caveats. Here's what you need to know.

EPSS stands for "exploit prediction scoring system"

• Exposing Secrets Via SDLC Tools: The Artifactory Case

Interesting take, as this tool is designed to control your supply chain, and maintain a controlled SBOM (software bill of material) in your dev environment, it can go rogue, especially in cloud !

- When Your Secured Artifact Storage Leaks Your Secrets

- Scanning Public Artifactory Instances

• It sure needs some practical verifiable use case

"Zero Trust Makes The Leap From Buzzword To Security Reality"

Because if you think you do zero trust in the cloud, it's failed by design as you trusted the cloud platform which has 100% bypass of your security controls with direct access to everything (storage, network, vault, identity and all).

Keep it practical, own your stack, own your controls, don't fall for a cute dashboard deception like the clowd !

• Can't wait for hydrogen cars

This EV joke is getting old. And anyways, if you want one, there is an average of 3 years waiting list ! (and not enough power to charge them all)

"EV Charging Infrastructure Offers an Electric Cyberattack Opportunity"

On top of this, connected chargers are a dangerous attack surface, so as the vehicle themselves dangerously connected.

• Threat Actors: The Definitive 2023 Guide to Cybercriminals

No, it's not an ad to get access to cyber criminals to buy their services !!! I know it sounds like this, but in fact, it's more like a threat landscape overview. A sort of how to, who's doing what and how kind of threat intelligence approach. From this, you may do some threat modeling for your organization, and apply the outcome to the risk factor in your risk register !

• Email security should not be handled by your email provider, monoculture is inefficient and bring more risks than benefits.

"Malicious Office Macros: Detecting Similarity in the Wild"

In this blog, Perception point focus on similarity in the context of Microsoft Office macros, which are widely exploited by attackers to deliver malware.

• Nothing protected in the cloud ! Even encrypted with TPM 2 management

"New TPM 2.0 flaws could let hackers steal cryptographic keys"

"Users are recommended to limit physical access to their devices to trusted users" - Good discussions in linked post comments.

• Keep your connected crap up to date, reduce the attack surface, especially if you are in the dangerous cloud.

"8 Patch management best practices to secure your business"

On the surface, patch management sounds like a straightforward task, but it quickly grows complicated. This blog explores the best practices for production IT operations.

That's about it for last week catches on my end ! I hope your week starts well, a bit delayed newsletter, hope you'll find value is some of it !