Read Time:11 Second
Today I have some squid geopolitical news.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Daily Archives: December 9, 2022
Hacking Trespass Law
Read Time:1 Minute, 9 Second
This article talks about public land in the US that is completely surrounded by private land, which in some cases makes it inaccessible to the public. But there’s a hack:
Some hunters have long believed, however, that the publicly owned parcels on Elk Mountain can be legally reached using a practice called corner-crossing.
Corner-crossing can be visualized in terms of a checkerboard. Ever since the Westward Expansion, much of the Western United States has been divided into alternating squares of public and private land. Corner-crossers, like checker pieces, literally step from one public square to another in diagonal fashion, avoiding trespassing charges. The practice is neither legal nor illegal. Most states discourage it, but none ban it.
It’s an interesting ambiguity in the law: does checker trespass on white squares when it moves diagonally over black squares? But, of course, the legal battle isn’t really about that. It’s about the rights of property owners vs the rights of those who wish to walk on this otherwise-inaccessible public land.
This particular hack will be adjudicated in court. State court, I think, which means the answer might be different in different states. It’s not an example I discuss in my new book, but it’s similar to many I do discuss. It’s the act of adjudicating hacks that allows systems to evolve.
CVE-2022-23477 (xrdp)
Read Time:15 Second
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade.
CVE-2022-23468 (xrdp)
Read Time:15 Second
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade.
Truebot Malware Activity Increases With Possible Evil Corp Connections
Read Time:4 Second
The campaigns observed by Cisco Talos have resulted in the creation of two botnets
BEC Attacks Expand Beyond Email and Toward Mobile Devices
Read Time:4 Second
Scammers typically obtain mobile numbers from data breaches, social media and data brokers
Rackspace customers rage following ransomware attack, as class-action lawsuits filed
Read Time:12 Second
As ever, what matters most is not so much whether an organisation gets hit or not by a ransomware attack, but how well it handles the aftermath and recovery.
Read more in my article on the Hot for Security blog.
Cobalt Mirage Affiliate Uses GitHub to Relay Drokbk Malware Instructions
Read Time:5 Second
Secureworks said the malicious code is written in .NET and comprises a dropper and a payload
Software Supply Chain Attacks Leveraging Open-Sources Repos Growing
Read Time:4 Second
ReversingLabs found an increasing number of malicious packages in three popular repositories
Uptycs launches agentless cloud workload scanning
Read Time:28 Second
CNAPP (cloud native application protection platform) and XDR (extended detection and response ) provider Uptycs announced Friday that it has added agentless scanning to its existing cloud workload protection platform, which it said will open up a range of new use cases and attract new potential customers.
The company said that its agentless workload scanning system will be fully interoperable with its agent-based Uptycs sensors, providing security metadata in the same format and letting users manage both systems from the same management console.