The Open Source community has been one that many leverage to help build their applications. It has become a great place to find applications packages that make building out a larger application or eco systems less time consuming. We see this in just about every development space from large to small. Having helpful sources of working code can speed up the development lifecycle and allow for greater interoperability as many applications use the same dependencies and core functions. The open source community is a great resource and typically is one that you can trust to pull code from.

Blockchain, the immutable public transaction log where many say the future lies and the concept of “code is law” is often bandied about. However, the bank ending utopian promise of block chain and web3.0 has not exactly arrived and it is not as “de”centralized as it was supposed to be. Instead, the power and control of blockchain technologies, especially when is comes to currencies involved have been concentrated in a few groups while theft, scams and crime seem to be the most common things you read about it. So, what happened? The concept of Web 3.0 was not supposed to be like this.

SentinelOne’s threat team has been tracking a couple of threat groups with an unusual goal. These groups are not looking to steal money or get a ransom, instead they are looking to track, monitor and incriminate specific targets. The targets that have been identified so far have been journalists and activists that oppose government practices. So far, the countries where these groups have been identified are limited to India and Trukey but if threat groups like this have been found there, it is likely they are everywhere.

In early January 2021 North Korean hackers were in the midst of a campaign targeting western security researchers. They were looking to gather tools, vulnerability information and anything else of value they could get. The US, after learning about this attack did not have a significant response to the threat. Of course, the country was going through a bit of a political turmoil at the time, but there still should have been some sort of response to help prevent further attacks.

It seems that PC makers are not happy with the Intel’s Management Engine (IME) and the flaws that keep being found in it. The original flaw allowed attackers a clean way to compromise a system including uploading malware and exfiltrating data. This could be done in a way that bypassed most security systems and even allowed for tampering with the UEFI BIOS if the attacker was sophisticated enough. To their credit, Intel did warn people and manufacturers about this and patched it fairly quickly. The problem is, now that the cat is out of the bag about one flaw; there are sure to be more.

Def Con 25, Las Vegas, NV –
Your phone rings and you check the number as a precaution against marketing calls and it looks like it is from your office. The voice on the other end says that there is an issue on the network and they need your assistance to troubleshoot. The person is calm, friendly and helpful so you agree to assist. By the time it is all done you have in advertently given away vital information about your network to a potential attacker.

A few days ago we published an article that covered a leaked batch of emails that showed Kaspersky has worked with the Russian Government. We also covered that the pieces of the emails that were published were completely out of context, and also are nothing out of the ordinary for a company that has a contract with a Government body. Kaspersky's denial of cooperation is also nothing new, so why the big deal in the media? Well we might have found a few pieces to that puzzle which would certainly explain the big push to discredit Kaspersky.

Questionable security practices aside, it seems that just about every "big" scandal lately has had leaked emails as some sort of component. In the latest such scandal we find that leaked Kaspersky emails are at the core of the US National Security policy maker's concerns over the company and the use of the product inside the US. According to "internal company emails obtained by Bloomberg Businessweek" Kaspersky has had a rather close relationship with Russian intelligence agencies.

You have probably seen a message, or email, or even a recent Facebook post claiming that a dangerous Facebook Hacker by the name of Jayden K Smith working his way through the Facebook community and hacking user accounts with ease. In fact, this "hacker" is so good that you are at risk if even one of your friends has him in their friends list. This is quite scary and also not real at all. Yup, that message, email, or post is just like every other chain message out there, completely full of crap.

WikiLeaks is at it again with their "Vault 7" releases. This time part of the dump features a nice little took kit for continued exploitation of some Linux systems. The tool kit is called OutlawCountry and is, to be perfectly honest, not much more than a remote management, monitoring and exfiltration tool. It is intended to run in the background on a system after a vulnerability has been exploited to allow the payload to be pushed. It looks very similar to a tool that the NSA used for years and has now become the commercial product Kaseya.