FCC announces ban on Chinese telecom and surveillance equipment
The total ban applies to Chinese companies Huawei, ZTE, Hytera, Hikvision, and Dahua and is due to what is being called an “unacceptable” national security threat. They are included as a directive in the Secure Equipment Act of 2021, which was signed by President Biden in November. Hytera, Hikvision, and Dahua must provide details about the safeguards they have implemented on the sale of their devices for government use and the surveillance of critical infrastructure facilities. The FCC explained that the above companies are subject to the exploitation, influence and control of the Chinese government, and the national security risks associated with such exploitation, influence, and control.
New Windows Server updates cause domain controller freezes, restarts
According to Bleeping Computer, “Microsoft is investigating LSASS memory leaks, caused by Windows Server updates released during the November Patch Tuesday, that might lead to freezes and restarts on some domain controllers.” LSASS is the acronym for Local Security Authority Subsystem Service, which oversees security policies on Windows systems, and “handles access token creation, password changes, and user logins.” When it crashes, users lose access to Windows accounts on the machine and see a system restart error followed by a system reboot. Microsoft is working on a resolution.
WhatsApp data leak: 500 million user records for sale
On November 16, an individual advertised in a hacking community forum that they had a 2022 database of 487 million WhatsApp user mobile numbers available for sale, from 84 countries, including 32 million US user records, and tens of millions of numbers from customers in Egypt, Italy, Saudi Arabia, France, Turkey, Russia and the UK. The seller was not clear on how the database was obtained, suggesting they “used their strategy” to collect the data. WhatsApp parent company, Meta has not commented on this story, but industry experts suggest that this collection of numbers could have been achieved from scraping, and not hacking.
Ransomware gang targets Belgian municipality, hits police instead
The Ragnar Locker ransomware gang made something of a faux-pas when they published data that thought was stolen from the municipality of Zwijndrecht in Belgium, but turned out instead to belong to the Zwijndrecht police unit of Antwerp. The data reportedly consisted of thousands of car license plates, fines levied, crime report files, personnel details, investigation reports, and more, all of which has the potential to expose people who reported crimes or abuse, and which could also compromise ongoing law enforcement operations. According to Bleeping Computer, “Belgian media outlets call this data leak one of the biggest of this kind that has impacted a public service in the country, exposing all data kept by Zwijndrecht police from 2006 until September 2022.”
Thanks to this week’s episode sponsor, Automox
Meta confirms U.S. military involvement in sprawling phony social media operation
People associated with the U.S. military have been found to be behind dozens of fake Facebook accounts, and Instagram accounts that pushed pro-U.S. messaging largely to audiences in the Middle East and Central Asia. This is according to a statement from Facebook’s parent company Meta, in a report published Tuesday. The Washington Post reported in September that researchers first exposed the decade-long operation in August, following which the Pentagon ordered “a sweeping audit of how it conducts clandestine information warfare” Citing unnamed U.S. officials, the paper reported that “U.S. Central Command was among the entities under scrutiny as part of their potential role in the operation.”
Dell, HP, and Lenovo devices found using outdated OpenSSL versions
According to The Hacker News, “an analysis of firmware images across devices from these manufacturers has revealed the presence of outdated versions of the OpenSSL cryptographic library, underscoring a supply chain risk.” The EFI Development Kit works as an interface between the operating system and the firmware inside the device’s hardware. Security company Binarly has stated the firmware image associated with Lenovo Thinkpad enterprise devices was found to use three different versions of OpenSSLsoem dating back to August 2014. “This clearly indicates the supply chain problem with third-party dependencies when it looks like these dependencies never received an update, even for critical security issues,” the company said.
Businesses hope to cut cyber turnover by encouraging volunteer work
An article posted in the Wall Street Journal states that “companies are encouraging their cyber employees to volunteer at nonprofits, a nudge that managers say can help businesses retain in-demand technical experts despite high turnover in security roles.” This has been helped along by the Geneva-based CyberPeace Institute, which helps nonprofits, humanitarian and healthcare organizations address cybersecurity. The institute set up a program last year to enlist professionals from the corporate world to explain concepts such as phishing to nonprofits that might lack the budget to hire their own experts. Clair Rosso, chief executive of (ISC)2, suggested that cyber volunteerism “can also bolster the team as a whole,” by gaining a fresh perspective on their own job. “There’s a case that allowing employees to go and volunteer in other organizations is actually going to strengthen the security posture of your own organization,” she said.
Automakers are locking the aftermarket out of ECUs
With more complex systems being built into vehicles, automakers are becoming more aware of the potential gains that threat actors can make in hacking cars. They want to leave no part of that equation unchecked. According to Road and Track magazine, car makers want to prevent this from becoming a potential safety or legal issue, and are consequently moving toward heavily encrypting their vehicles’ software. They recognize, however that such a lockout “presents an interesting challenge for tuners who rely on access to things like engine and transmission control modules to create their products.”