Advent Calendar, IPA alert, Active Cyber Defense, call ChatGPT

Merry Christmas and Happy Holidays to all.

Notable news for the week of Dec 15–21,  2024. This week, your editor is Koichi from F5 Security Incident Response Team. In this edition, I have security news about Advent Calendar, IPA alert, Active Cyber Defense, and ChatGPT.

We at F5 SIRT invest a lot of time to understand the frequently changing behavior of bad actors. Bad actors are a threat to your business, your reputation, your livelihood. That’s why we take the security of your business seriously. When you’re under attack, we’ll work quickly to effectively mitigate attacks and vulnerabilities, and get you back up and running. So next time you are under security emergency, please contact F5 SIRT.

 

Advent Calendar (security)

Merry Christmas. An Advent calendar is a calendar used to count the days leading up to Christmas. Following this tradition, computer engineers have a custom of posting an article a day on a technical topic between 12/1 and 12/24. In most cases, articles are posted on programming techniques and other topics, but there are also advent calendars on cybersecurity.
Google “advent calendar security 2024” and you may find cybersecurity-related advent calendar articles in your language. For example : (search result) 

 

Alert for the Year-end and New Year's Holidays

IPA (Information-technology Promotion Agency) is an information technology promotion agency focused on IT Security in Japan. On December 17th, they issued a "Cyber security alert for the year-end and New Year holidays". In Japan, most businesses and government offices are closed from the end of December to January 4. This is called the Year-End and New Year holidays. Generally speaking, fewer-than-usual employees, including network/security engineers, work during this period.
The alert calls for strengthening countermeasures against “Network penetration attacks” that exploit vulnerabilities in routers and VPN devices at the boundaries of an organization's network, since fewer employees are at work.

They warn of the threat of “Network penetration attacks”, in which a targeted attack or APT attack breaches network defenses, resulting in information leakage, tampering, ransomware attacks, as well as being exploited as a step device for springboard attacks, and more
The measures they advocate are not special. As usual, reinforcing measures such as daily log monitoring, vulnerability/threat intel collection, and checking the normal status of devices, and furthermore, developing a system based on information from product vendors, formulating procedures for responding to zero-day vulnerabilities, and confirming and improving the operability of the system and procedures.

The introduction of “Attack Surface Management (ASM)” is also introduced as an effective countermeasure; ASM is a service to understand the company’s IT assets from the attacker’s perspective from the outside and manage vulnerabilities. This would include security audits.

Source: Cyber security alert for the year-end and New Year holidays(Japanese)

Source: Attack Surface Management Implementation guidance (Japanese)

 

"Active Cyber Defense" continued.

In a former TWIS article, I wrote about the “Active Cyber Defense” bill that the Japanese government is trying to introduce, and on December 19, the outline of a bill of that nature was revealed. The main pillars of the bill are to strengthen the protection of key infrastructures such as electricity and railroads, and to establish a third-party organization to check the appropriateness of the collection of communications information. The Cabinet is expected to approve the bill in late January next year and submit it to the ordinary parliamentary session.

To be consistent with the “secrecy of communication” (Article 21 of the Japanese Constitution), which has been pointed out as an issue, the third-party organization will be defined as a highly independent “Article 3 Committee” based on Article 3 of the National Government Organization Law. The Committee will be responsible for inspecting whether the government is collecting information more than the necessary limits and whether it is properly disposing of information that is no longer needed.

The new law is tentatively called the “Bill on Prevention of Damage to Critical Computers” and it specifies a policy to promote the use of communications, information, and cooperation between the public and private sectors to prevent damage from cyber attacks. In addition, a bill to amend related laws to give the police and the Japanese Self-Defense Forces (JSDF) the authority to take detoxification measures will also be submitted.

Source: Government to Strengthen Protection of Critical Infrastructure Cyber Defense Bill (Japanese)

 

Call ChatGPT

ChatGPT is well-known for its chat service. However, OpenAI has launched a new service with ChatGPT: Calling and Messaging ChatGPT with your phone. If you call 1-800-ChatGPT (or WhatsApp message) and talk with ChatGPT as if you were talking to a human being. Languages other than English are supported. At least Japanese is supported, with a slight delay in response, but it was a natural response.

Source: Calling and Messaging ChatGPT with your phone

Published Dec 23, 2024
Version 1.0
f5 sirt
security
twis
  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Dec 26, 2024

    Hi Koichi ...thanks for the advent of cyber search! I'll need to add one of those to next year's slate. I've attempted the Advent of Code for several years now, but I haven't attempted a security related one.