Patching Won't Prevent Compromise & Repos Hijacking June 18th – 24th This Week in Security
This week in Security editor is Lior R. some weeks are low with security news and thank you for this. This might indicate that overall, we are doing a good job and the security industry is in a good position probably even then before. Yet, pathing CVE is not always solving the problem. This was the case with Black Lotus where a patch was released but a bypass can be done. The NSA published an advisory with hardening and guidance on this issue which reflects the security mindset to go above and beyond to keep system up and running.
NSA: BlackLotus BootKit Patching Won't Prevent Compromise
The US National Security Agency (NSA) is urging systems administrators to go beyond patching in order to protect Windows 10 and 11 machines from the BlackLotus bootkit malware.
"Protecting systems against BlackLotus is not a simple fix," said NSA platform security analyst Zachary Blum, in the advisory. And indeed, the advisory offers extensive hardening advice, but fully implementing the NSA's guidance is a process unto itself, notes John Gallagher, vice president of Viakoo Labs."Given the manual nature of NSA's guidance, many organizations will find that they don't have the resources needed to fully remediate this vulnerability. Additional measures like use of network access control and traffic analysis should also be used until Microsoft can provide a more complete fix," he says.
Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking
Millions of enterprise software repositories on GitHub are vulnerable to repojacking, a relatively simple kind of software supply chain attack where a threat actor redirects projects that are dependent on a particular repo to a malicious one instead.
The issue has to do with how GitHub handles dependencies when a GitHub user or organization changes the name of a project or transfers its ownership to another entity, researchers at Aqua Security said in a report this week.
British Twitter Hacker Sentenced to Prison in US
According to court documents, between March 2019 and May 2019, O’Connor and others engaged in a SIM swapping attack resulting in the theft of $794,000 worth of cryptocurrency from a Manhattan-based cryptocurrency company.
According to court documents, O’Connor used SIM swapping to access without authorization two accounts on TikTok and Snapchat, threatening to release sensitive, personal materials about both victims.