Vlog - Security Snark
Security Snark - Episode 7 (December 13, 2021)
This week's episode covers the Log4j/Log4Shell vulnerability, two new car theft attacks, and how a cyber attack is threatening to ruin your cream cheese holiday plans.
Log4j / Log4Shell
CISA Website - Vulnerability Guidance
Attack Type:
What To Know: Literally half the world’s web servers are affected by a major new bug that is very bad, and very easy to exploit.
Why You Should Care: This bug affects everything of consequence – iCloud, Minecraft, Steam, etc. This will remain in the news for many months to come as more is learned.
Yorkshire gang's Game Boy device could unlock car in seconds
BBC News
Attack Type:
What To Know: A gang of car thieves used a handheld device disguised as a Nintendo Game Boy to steal vehicles worth $240,000
Why You Should Care: This goes to show that car thieves are hardly stupid, and are willing to go to some pretty impressive technical lengths to steal valuable cars.
Hackers Blamed For Cream Cheese Shortage Currently Afflicting The US
Zero Hedge
Attack Type:
What To Know: Hackers have attacked Schreiber foods, the largest cream cheese manufacturer in the U.S.
Why You Should Care: Because cream cheese, duh. But seriously, the cyber attack on Schreiber halted production and threw off the balance of cream cheese supply and demand across manufacturers during one of the busiest seasons for the product. The supply chain has been so challenged that Kraft Foods has offered consumers $20 to not buy cream cheese and instead opt to make a different dessert this holiday season.
VEHICLE THEFT WARNING AND PREVENTION TIPS
York Regional Police
Attack Type:
What To Know: Car thieves are using Apple Air Tags to track vehicles they want to steal.
Why You Should Care: Bad actors are always looking for ways to leverage seemingly innocuous and useful technology toward malevolent ends.