Cybersecurity Newsletter, July 13-18
Qrator

As always, greetings within the latest cyber- and networking security newsletter brought to you by Qrator Labs. This time we are going to take a look at the most important and relevant stories published between July 13 and 18 of the year 2020.
 

An update on our security incident, from Twitter

"Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control." - New York Times.

"Twitter was thrown into chaos on Wednesday after accounts for some of the world's most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. Twitter says the attack happened because someone tricked or coerced an employee into providing access to internal Twitter administrative tools. This post is an attempt to lay out some of the timeline of the attack, and point to clues about who may have been behind it." - Brian Krebs.
 

Cloudflare suffers an outage related to the BGP configuration error on July 17

"This afternoon we saw an outage across some parts of our network. It was not as a result of an attack," the company said in a statement. "It appears a router on our global backbone announced bad routes and caused some portions of the network to not be available. We believe we have addressed the root cause and monitoring systems for stability now. We will share more shortly—we have a team writing an update as we speak." - TechCrunch.
 

SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers

"Old-school security hole perfect for worms and remote hijackings found lurking in Windows Server DNS code.
You'll want to patch that – and all these other bugs fixed by Microsoft, Oracle, Adobe, VMware, SAP, Google" - The Register.

"Researchers have warned organizations to patch their Microsoft Windows Server builds to protect their networks against a critical wormable vulnerability that has existed in the system's code for 17 years" - ZDNet.
 

Understanding the landscape around network automation

"Automation allows for scaled activities that simply would not be possible using humans. Network engineers are at the forefront of this technology, and with it, have the opportunity to reshape their organization’s capabilities."
 

THE HEART OF THE INTERNET - DE-CIX 25th anniversary

"From an old post office to the world’s leading interconnection provider: 25 years after being founded, DE-CIX continues to grow worldwide. Without DE-CIX and its connected networks, the development of the Internet in Germany and worldwide would have been an entirely different story."
 

The Fake Cisco

"Producing counterfeit products is, and always was, a great business if you don't mind being on the wrong side of things. No need to invest in a costly R&D process, no need to select the best performing and looking materials; the only criterion is the cost of manufacture. This is why we see a lot of counterfeit products on the market, and will likely continue seeing them being made and sold at a fraction of the price of the original. Network hardware designed, manufactured, and sold by Cisco is a very good example. Having an excellent reputation due to great engineering, these products sell at a premium price point. Naturally, this motivates people to attempt producing counterfeits to try and make easy money."
 

Academics research paper of the week - NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives

 

Repository of the week - Process Monitor (Procmon) is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows


Thanks for reading. If you appreciate the newsletter, do not forget to forward it to your friends and colleagues!

For feedback, please write to us at cybersec@qrator.net.