Munish Pruthi

What an interesting and fun read about SQL lite.

But they take backward compatibility so seriously that even if they have shipped a bug, they won’t fix it

Collection of insane and fun facts about SQLite - blag

Worth a read Your Bluesky Posts Are Probably In A Bunch of Datasets Now

Anyone hosting their own photos over Google or iCloud ? Would love to know what you are using

Morning all, anyone familiar with the Immich photo back up service and tried to manage it from an external hard drive ? I would happily take on any recommendations for other services, if anyone has any

Germany drafts law to protect researchers who find security flaws

This is great for researchers and about time. However, do not touch anything. Simply report the finding.

This report and associated posts by Sophos collectively referred to as “Pacific Rim,” which details a multi-year campaign against Chinese nation-state actors targeting Sophos firewalls and other network devices.

The reports highlight the concept of Digital Detritus and its impact on the cybersecurity landscape. This term refers to the accumulation of outdated and unpatched hardware and software that presents a growing threat to cybersecurity.

The Problem of Digital Detritus

Digital Detritus arises from a combination of factors:

• Infrastructure Inertia: Customers extend the lifespan of their hardware and software to maximise their investment, leading to devices remaining in operation long after they are no longer supported with security updates. This tendency is amplified by the lack of “status” associated with owning the latest network infrastructure, unlike consumer products like phones or cars.
• Misaligned Incentives: Vendors face financial constraints in providing indefinite support for older products, leading to a gap between buyer expectations for longevity and vendor capabilities to maintain security.
• Evolving Threats: Vulnerabilities that might have been less critical in the past become increasingly “unforgivable” as attackers discover new ways to exploit underlying flaws.

The result is an expanding attack surface for adversaries who can exploit these vulnerabilities for malicious purposes.

Case Study: Sophos’s “Pacific Rim” Campaign

Sophos’s “Pacific Rim” case study provides a real-world example of the dangers posed by Digital Detritus. The reports document a series of attacks by Chinese nation-state actors targeting Sophos firewalls, starting with an intrusion into a Cyberoam office in India in 2018. A company which Sophos purchased.

The attackers utilised various tactics, including:

• Exploiting zero-day vulnerabilities to gain initial access to devices.
• Deploying bespoke malware, including rootkits
• Sabotaging telemetry systems to evade detection and hinder response efforts
• Stealing credentials to gain access to internal networks and move laterally within target organisations

These attacks targeted a wide range of organisations, including government agencies, critical infrastructure providers, and businesses across various sectors.

Key Takeaways

Sophos’s experience highlights several important lessons for companies:

• Network Devices are High-Value Targets: Edge network devices like firewalls are increasingly targeted by sophisticated adversaries for both initial access and persistence.
• State-Sponsored Attacks Target All Organisations: Targeting is no longer limited to high-value espionage targets. Attackers may use compromised devices as operational relay boxes (ORBs) to obfuscate the origin of attacks, or target organisations within critical infrastructure supply chains for potential disruption.
• Opt-Out is No Longer an Option: Vendors and their customers must work together to ensure that devices are patched promptly, secure configurations are adopted, and robust authentication measures are in place.
• No Compromise is Unimportant: Even minor compromises can reveal larger, more sophisticated campaigns. Defenders must thoroughly investigate all incidents and pursue every lead.

Mitigating the Risks of Digital Detritus

Addressing the Digital Detritus problem requires a collaborative approach involving both vendors and customers.

Vendors should:

• Embrace “Secure by Design” principles: Building security into products from the outset makes it easier for customers to maintain a strong security posture.
• Provide clear end-of-life policies: Setting realistic expectations for product lifecycles and offering support for secure decommissioning or upgrading of devices is crucial.
• Improve telemetry and analytics: This allows for better visibility into the security status of deployed devices and provides insights into potential threats.
• Proactively engage with customers: Reaching out to customers with outdated devices and encouraging them to update or upgrade to supported versions is essential.

Customers should:

• Prioritise patching and updates: Applying security patches and updates promptly addresses known vulnerabilities.
• Adopt secure configurations: Minimising the attack surface by disabling unnecessary features and services, those exposed to the internet, is key.
• Implement strong authentication: Employing robust multi-factor authentication prevents unauthorised access, for administrative accounts.
• Engage with vendors: Stay informed about security advisories and end-of-life policies for deployed products.

It looks like silly season is back - Internet Archive’s “The Wayback Machine” has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records - Bleeping Computer

Tech Times -

A cybersecurity expert, Jason Meller, confirmed that it seems the attackers exfiltrated the database of Internet Archive, meaning they could obtain control over its back-end infrastructure. Moreover, website defacement indicates that the attackers have some degree of control over the content served to users.
In another statement, Jake Moore, security consultant at ESE said that it may be technically impossible to hack the past, but hijacking the Internet Archive is the closest thing we’ve been here so far. The Internet Archive, he said, should remind users to keep unique passwords because even encrypted ones can be cross-referenced against previous uses.

At times it is worrying when the basics are not followed.

The court also heard that a subcontractor was sent 4,000 files by mistake, 13 of which were classed as “official/sensitive”, without any alarm being triggered

Sellafield ordered to pay nearly £400,000 over cybersecurity failings | Nuclear power | The Guardian

What’s app has come a long way, when it comes to data and encryption. It has taken a while though.

Alice Newton-Rex: ‘WhatsApp makes people feel confident to be themselves’

Interesting long read in the FT

If we are forced under the Online Safety Act to break encryption, we wouldn’t be willing to do it

Time will tell !

This is a test. No need to respond