Security Leftovers

posted by Roy Schestowitz on Oct 02, 2022,
updated Oct 02, 2022

• iTWire - O'Neil hammers Coalition over 'useless' cyber-security laws

  The Morrison Government has been raked over the coals for passing laws that claimed to be of little use in the area of cyber security, with Home Affairs Minister Clare O'Neil telling a media conference on Sunday that the laws in place were "absolutely useless to me when the Optus matter came on foot".

  She was referring to the data breach that Optus announced through the media on 22 September.

  O'Neil addressed the media along with Government Services Minister Bill Shorten. Asked about the possibility of reforming laws about data security, she did not hold back.

• iTWire - Govt says Optus dragging its feet on providing data breach details

  The federal government has accused telco Singtel Optus of dragging its feet on providing full details of users whose data was compromised in a data breach which the telco reported on 22 September.

  Government Services Minister Bill Shorten told a media conference in Melbourne on Sunday morning that a request on 27 September had sought more details about the Medicare and Centrelink data that had been leaked in the data breach.

• Elevating Women in Cyber Security to Highest Positions of Impact

  Mandiant Cyber Defense Summit (CDS) 2019 in Washington, D.C. was a fantastic event, but like so many other cyber security events, only a small percentage of registrants were women.

• Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors

  As endpoint detection and response (EDR) solutions improve malware detection efficacy on Windows systems, certain state-sponsored threat actors have shifted to developing and deploying malware on systems that do not generally support EDR such as network appliances, SAN arrays, and VMware ESXi servers.

• Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors

  In part one, we covered attackers’ usage of malicious vSphere Installation Bundles (“VIBs”) to install multiple backdoors across ESXi hypervisors, focusing on the malware present within the VIB payloads. In this installment, we will continue to elaborate further on other attacker actions such as timestomping, describe ESXi detection methodologies to dump process memory and perform YARA scans, and discuss how to further harden hypervisors to minimize the attack surface of ESXi hosts. For more details, VMware has released additional information on protecting vSphere.

• Hardening the Electoral Process: Supply Chain, Zero Trust and Insider Threats

  Some people envision election-related cyber attacks as a threat actor sitting in front of a keyboard in a windowless room trying to infiltrate voting machines while elections are happening. But, the reality is that election security is much deeper and more complex than protecting voting infrastructure.

  Ensuring the integrity of our electoral system is not “questioned” is a tall order as it may come down to small details like verifying that enough paper ballots are printed and mailed out or that everyone working in our elections has been adequately trained and vetted.

  Regardless of the scale or type of election—local, state, or even national- local and state officials bear the responsibility to secure this democratic process, making it more challenging to implement and enforce standardized security measures and procedures. Despite the effort it entails, we understand the importance of protecting the integrity of our electoral process and how cybercriminals or state-sponsored actors can disrupt our way of life by discrediting our elections.