October 2023 reading Roundup

Written By Kaysie Anthony

The latest trends in IT

Regional Outages with Hyperscalers

GPC, Azure and AWS suffered outages over the course of the year, which should be anticipated. Your public cloud providers will not have 100% up-time. While each did experience to outages, it’s important to understand how they respond to these incidents and make improvements. This article via The Pragmatic Engineerdocuments regional outages from the same range of time and compares each suppliers responses. Well worth the read!

1Password Suspicious Activity and Okta’s Involvement

1Password is one of the giants of password management. They recently detected suspicious activity in regards to their internal Okta instance, but confirmed that no user data/sensitive data was compromised. This reignites concerns about Okra’s response and investigation of its own breach. You can read more via TechCrunch.

Thanks for reading White Oak Solutions! Subscribe for free to receive new posts and support my work.

Subscribed

NetScaler CitrixBleed Bug

Citrix warns that you should patch in the wake of a new zero-day exploit discovered in August. After patching, be sure to clear all active and persistent sessions. These can be compromised even after a patch. You can read more via NetScaler.

Cisco IOS XE

Cisco’s IOS XE networking appliance software is still in bad shape. 50,000 + devices were compromised and allowed hackers to create privileged user accounts and backdoors. Reports indicate that these devices are still compromised, even after attempts to mass-uninstall the bug. You can read more via Cisco.

DC Voter Data Breached

DC’s Board of Elections suffered a breach through a third-party system that housed voter PI, ranging from SSN, driver’s license, DOB and contact information. DC is also facing heat due to the initial statement claiming no PI was lost. Government agencies continue to be prime targets due to low budgets, lack of qualified staffing and outdated systems. You can read more via the DC Board of Elections.

Critical VMware vCenter Patch

This is a big one. VMware released critical patches (rated 9.8 out of 10 severity) and urges users of VMware vCenter Server and Cloud Foundations products to immediately patch. It was so bad, VMware also released patches for end-of-life versions. You can read more via SecurityWeek.

23 and Me Breach

If you shipped saliva to 23 & Me for a DNA check, you should check your inbox. The DNA giant began notifying end users of a breach, which they’ve been slow to comment on. In the wake of the break, 23andMe turned down their DNA relatives tool and hackers continue to sell data for millions of compromised users. You can read more via Reuters.

FTC Guidelines Continue to Evolve the Security Landscape

The FTC has announced that it will be amending the Safeguards Rule, which will require non-banking institutions to report data breaches. The new rule will give these organizations a maximum of 30 days to report a breach, assuming it impacts more than 500 customers. You can expect this guideline to go into effect in April of 2024. You can read more via the FTC.

North Korea with the Bait and Switch

This one impacted multiple system integrators in the US. It’s such a wild story that it sounds like a spy movie, but it’s true! North Korean’s tricked US businesses into hiring them, and all the cash was funneled back to Pyongyang in a money laundering scheme that went to weapons procurement. You can read more via the Justice Department.

Tech Repair Snoopers

If you drop your laptop off with the Geek Squad (or similar services) expect your data to be raided. Reporters from CBC observed technicians accessing data unrelated to the repairs they were employed to resolve 50% of the time. You can read more via CBC.

Boeing Confirms Breach

Days after LockBit claimed a victory, Boeing confirmed a breach to its systems. The breach appears to have impacted its parts and distribution systems through a zero-day vulnerability. This story is developing. You can learn more via DarkReading.

A Practical Guide to Security

This article won’t teach you about cool products or give you technical guidance. Rather, it focuses on the human element of bettering our organizations. You can learn more about the Five C’s: Communication, Collaboration, Creativity, Confidence and Critical Thinking via SC Media.

AI Regulation

The Biden administration announced new regulation for AI, including new guidelines that would require oversight and review prior to select tools and functions being released to the wild. These guardrails would require tech companies to disclose the nature of their tools and validation by independent testing. You can read more via Forbes.

SEC Charges SolarWinds and CISO with Fraud

This is a major development in the breach that was disclosed in 2020. The SEC is leveraging these charges in a claim that SolarWinds and Timothy G. Brown were aware of vulnerabilities, but failed to take the appropriate action. Specifically, the SEC claims the CISO didn’t account for these vulnerabilities, and failed to appropriately warn executives of the danger. You can read more via TechRepublic.

Zombie Zoom Links

A large number of organizations, including some in the Fortune 500, are at risk due to a feature setting that enables bad actors to initiate a meeting while posing as a valid employee. At the root is the Zoom Personal Meeting ID, which can be used indefinitely by bad actors in social engineering schemes. This article from Krebs on Security provides three easy steps you can take to Zoom safely.

Container-based Firewalls

This was a great read. The article argues that we should take a fundamentally different approach to cloud-native workloads, because legacy security models were designed to protect traditional perimeters. Container-based firewalls wrap security around the workload, while still achieving the scalability that some need for a cloud environment. This article from SC Media is worth your time.

What is an Air Gap?

This one is from the vault. Over the last sixth months we’ve seen a large increase in the number of users who want to layer in air gaps as an effective layer of defense. While this adds more complexity, it’s a great step. You can read more via the White Oak substack.

Tech Layoffs Continue

Big tech layoffs continue. This trend also hits close to home in Alabama, where scores of tech jobs are being cut. Yet, we still see a massive talent gap in the industry. You cantrack the latest trends in tech layoffs via CrunchBase.

Security Vendors See Reduced Spending

Fortinet, Palo Alto, Zscaler and CrowdStrike saw their market evolutions drop due to reduced sales, longer sales cycles and greater deal scrutiny. The pains of recession are now being felt by vendors who soared during the pandemic and WFH boom. You can read more about market predictions via Reuters.

You’re Invited!

If you’re local to AL, you’re welcome to join us Tuesday, November 7th at Selwood Farms for a charity clay shoot. If you’d like to be our guest, please register here!

Kaysie Anthony
Previous

Mitigating Risk When Selecting a MSP/MSSP
Next

What is CMMC?