The Security Digest: #64 – Security Boulevard

Chaos unfolded for a meat producer over the weekend, likely from what else but ransomware. Suspected Solar Winds hackers are back, VPN breaches from state sponsored hackers, a wiper is masquerading as ransomware and a silicon based security issue with M1 chips. In owl news, we check in on the western screech owl in Canada and finally shoutout a rewrite of policy as code tool CloudFormation Guard.

• The NY MTA hack was due to a Pulse Secure VPN zero day but failed to get any customer or employee data via BleepingComputer. This puts a name to one of the companies affected in the report we mentioned last week in TSD-63 from Mandiant / FireEye.
• Speaking of FireEye and Mandiant, FireEye the product company that bought Mandiant in 2014 is selling the FireEye product and name to focus on Mandiant Solutions via CNBC
• The Supreme Court ruled on the CFAA limiting the scope, read more at Ars Technica
• The US government announced that they were going to treat ransomware like terrorism, read more at Mashable
• Wired has a story on how NYC has 15,000 cameras

Owl fun and facts:

Look at that owl, that owl is owlsome. You might be able to see this owl in Montana.

A Shout Out:

Jason Dyke from ScaleSec is back with a brand new project called Project Lockdown.

“Project Lockdown is a collection of serverless event-driven auto remediation Cloud Functions designed to react to unsecure resource creations or configurations. Project Lockdown is meant to be deployed in a GCP environment and has the capabilities to monitor and remediate across your entire Organization hierarchy in a matter of seconds.”

About:

TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.

Check back here every Tuesday for more TSD or sign up below to stay in the loop!

Please reach out to us directly, via [email protected] or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!

That’s owl for now!

The post The Security Digest: #64 appeared first on Cyral.

*** This is a Security Bloggers Network syndicated blog from Blog – Cyral authored by Daniel Tobin. Read the original post at: https://cyral.com/blog/tsd-the-security-digest-64/