Vlog - Security Snark
Security Snark - Episode 5 (November 29, 2021)
This week's episode covers defense contracts and ransomware, common cloud misconfiguration exploits, theft of IP, and Android eavesdropping bugs.
Defense Contractors are Highly Susceptible to Ransomware Attacks
Help Net Security
Attack Type:
What To Know: Defense contractors are still highly susceptible to ransomware attacks, despite efforts by the Pentagon to help secure our supply chain via the CMMC.
Why You Should Care: The toil and treasure of U.S. taxpayers is being ripped off by our strategic competitors. What is worse, this could put our warfighters at risk of getting killed.
Common Cloud Misconfigurations can be Exploited in Minutes
Cyware
Attack Type:
What To Know: A new report shows that common cloud misconfigurations can be exploited in minutes.
Why You Should Care: Cloud computing is attractive for many reasons, but do not make the mistake of assuming that security is the CSP (Cloud Service Providers) problem only. Improper use of the cloud can lead to data exfiltration.
NCSC Warns Industry, Academia of Foreign Threats to Their Intellectual Property
CSO Online
Attack Type:
What To Know: The NCSC (National Counterintelligence and Security Center) has warned that American industry and academia are being targeted for intellectual property theft.
Why You Should Care: American universities remain a destination for the entire world, especially for those seeking advanced STEM degrees. Keeping these organizations secure is important if we wish to remain competitive.
Multiple Bugs Enable Eavesdropping on 37% of Android Phones
Infosecurity Magazine
Attack Type:
What To Know: Multiple bugs enable eavesdropping on 37% of Android phones.
Why You Should Care: Don’t assume that your smartphone is “secure.” It isn’t.