Sean Kalinich
Let’s Talk a Minute About Meta’s Threads and the Data it Wants
Yesterday (July 5, 2023) Social Networking Giant, Meta launched their competitor to Twitter. This new app is a companion app to Instagram called threads. Ironically, Twitter had a lot of buzz about the new app including from people that routinely talk about how terrible Twitter is under Elon Musk. These Twitter detractors have been posting count down timers, information on how to ensure you can be on threads as soon as it launches and more. It is interesting, if not a bit funny, to see the dialog there. However, there is a very dark cloud (heavy black and pendulous) over the green pastures of Meta’s Threads. This is the very serious concern about Privacy and Security.
NPM is back in the news as Node.js is found to be open to a Manifest Confusion Attack
It has been a few days since we talked about NPM and node.js. The popular repository has been taking a bit of a beating in recent months as attackers, hacktivists, and others seek to compromise their packages as part of a general supply chain attack. Supply chain attacks are in vouge right now and are part of the reason you might be seeing the acronym SBOM (Software Build of Materials) so much. Sure, SBOM is not a new term, but the push for it and the rise of an entire vertical in the cybersecurity industry is new and should be a bit of an indicator that there is a problem.
Microsoft Teams Flaw Leveraged by New Red Team Tool to Push Malware
There is nothing like an unresolved security flaw in a major product. Especially when the flaw is one that the developer knows about but does not consider important enough to fix in a timely manner. If the flaw is in a commonly used product, it is even better. In this case we are talking about a flaw we covered back on the 23rd of June. This is a bug that can allow an attacker to mimic an internal sender to get around file handling from external senders. In our opinion, it is significant, but Microsoft has no plans to remediate it any time soon. I guess they have other things on their plate like Privacy Investigations in the EU (Over Teams and Office) and the pending Activision/Blizzard deal in court in the US.
New Process Injection Method Found that can Potentially Avoid EDR Detection
EDR, XDR, and MDR are acronyms that are well known to most organizations. The operative letters here are DR which stands for Detection and Response. The E, X, and M stand for Endpoint, E(x)tended, and Managed respectively. Each one of these is designed to monitor a device for threats and respond according to the profile/configuration/policy enabled for the device. This is different than the traditional “anti-virus/anti-malware” application in many ways. The most common is that an EDR is intended to do more than check files against a signature list and quarantine them if identified. The modern EDR does look for malware, but it also monitors script execution, process starts/stops, file and registry reads and writes and, in many cases, network activity that can indicate potential compromise.
Microsoft’s Cloud Feature Runs at a Loss According to Testimony to FTC
So, it seems that under direct questioning Microsoft has been forced to admit that cloud gaming is not as big of a deal as they have been saying it is. We have long held that their generous 10-year cloud licensing deal for cloud gaming was not an honest attempt at competition. After all cloud gaming represents a little less than 1% of the total gaming market. Now Sarah Bond has admitted that it is not a popular option and that it is most commonly used as a feature for Microsoft consoles.
Flaws in Microsoft Teams External Tenant Handling Allow for Easy Malware Distribution
You have to love Microsoft Teams. Teams is the Frankenstein Monster of Microsoft’s Lync, which then became Skype for Business, and then morphed into the problematic service we now know as Teams. The journey from Lync to Teams has been a mishmash of features added in and removed while trying to maintain the semblance of feature parity with the products that came before it. One of the big pushes for teams was the integration of SharePoint for file storage and collection. SharePoint integration has been and continues to be a HUGE push from Microsoft in all of their MS365 products and it is not always for the better.
Crypto Mining Malware Targeting Linux and Linux Based IoT Devices Show How Little we have Progressed in IoT Security
IoT (Internet of Things) devices have long been a source of security concerns. Back in 2012-2014 we wrote a series of articles following the comedy of errors that is the IoT market. At the time I dubbed it the Internet of Fails simply because the companies making these internet connected devices were leaving them so open to compromise. Everything from a lack of encrypted communication with cloud services, to no passwords on administrative functions, to using images that had open files and folders in the firmware were found in popular connected products that were shipped to customers. Supply chain compromises were also found in generous quantities, making the mad rush to connect everything a serious concern.
Why the Microsoft Activision Blizzard Deal is such a Big Deal
Unless you have been living under a rock or just do not care about gaming at all, you have probably heard a lot about the Microsoft Activision merger/acquisition. The deal, one of the largest in history, is a monster. Microsoft wants to buy, lock, stock and barrel, the Activision Blizzard game development company for a whopping $68.7 Billion (with a “b”). The deal would give Microsoft complete control over everything Activision/Blizzard. Now for some this might not be a bad thing if you look at it from just a game perspective or if you are just a PC gamer. The problem comes when you get into how games are really developed and how game developers work with component and console makers to ensure their games work properly.
FTC Changes the Focus from Cloud to Xbox Vs PlayStation in Microsoft Activision Blizzard Deal (as it should be)
In our coverage of the Microsoft Activision/Blizzard deal we have often wondered why so many of the groups that approved the deal, and one that opposed it, focused only on cloud gaming. We saw the UK say that the deal was bad for cloud gaming while others stated that a 10-year licensing deal for cloud gaming services that Microsoft agreed to made everything all better. As we looked over the approvals and oppositions this odd focus on what represents less than 1% of the gaming market seemed so out of place that started to feel that the opposition was just a token resistance and the deal (which is a bad thing) was just going to get rubber stamped.
Apple Patches Flaw that Allowed for Spyware Which Russia Blamed on the US
Remember the iMessage flaw that allowed for a zero click installation of malware? You know, the one that was discovered by Russian cybersecurity firm Kaspersky which was allegedly targeting Russian Apple devices? The one that Russia said was a US cyber op? Yeah, that one. Well, it seems that Apple has rolled out a patch for this flaw which was part of an operation dubbed Triangulation with the backdoor actually being called TriangleBD.