Blog — Cybersecurity Newsletter, July 20-25

July 26, 2020, 9:33 a.m.

Welcome to our regular weekend newsletter containing every remarkable story on networking and cybersecurity published between July 20 and 25, the year 2020.

Garmin outage caused by confirmed WastedLocker ransomware attack

"An ongoing global outage at sport and fitness tech giant Garmin was caused by a ransomware attack, according to two sources with direct knowledge of the incident." - TechCrunch.

Twitter Hacking for Profit and the LoLs

"Hackers obtained Twitter DMs for 36 high-profile account holders. Hack also exposed phone numbers, email addresses, and other PI for 130 users." - ArsTechnica.

Ongoing Meow attack has nuked >1,000 databases without telling anyone why

"More than 1,000 unsecured databases so far have been permanently deleted in an ongoing attack that leaves the word “meow” as its only calling card, according to Internet searches over the past day."

Networking boffins detect wide abuse of IPv4 addresses bought on secondary market

"In a recent paper titled A first look at the misuse and abuse of the IPv4 Transfer Market [PDF], the three explain how IP address depletion saw regional internet registries establish transfer markets for the increasingly-hard-to-find IPv4 addresses."

House of Io – Remastered

"A few days ago, I (Awarau) published a blog post (link) with my analysis of the new heap mitigation, Safe-Linking, that will be introduced in GLibc 2.32. The blog post describes the mechanism, alongside an initial guide of how attackers could potentially bypass this mechanism by targeting directly the main tcache metadata that is pointed to from free()d allocations that were inserted into a tcache list.

After publishing this blog post on /r/netsec, it started a thread with @EyalItkin, the researcher that designed “Safe-Linking” and integrated it into GLibc. During our discussion, we were able to develop my initial attack into an exploit that will enable attackers to bypass “Safe-Linking”, and directly attack the tcache management mechanism. In this blog post, co-authored by Eyal, we will describe our new attack plan." - Awarau.

A look at password security, Part III: More secure login protocols

"In part II, we looked at the problem of Web authentication and covered the twin problems of phishing and password database compromise. In this post, I’ll be covering some of the technologies that have been developed to address these issues." - Eric Rescorla.

NIST’s Post-Quantum Cryptography Program Enters ‘Selection Round’

"Chosen algorithms will become part of first standard devised to counter quantum decryption threat."

India, Jio, and the Four Internets

"One of the more pernicious mistruths surrounding the debate about TikTok is that this will potentially lead to the splintering of the Internet; this completely erases the history of China’s Great Firewall, started 23 years ago, which effectively cut China off from most Western services. That the U.S. may finally respond in kind is a reflection of reality, not the creation of a new one.

What is new is the increased splintering in the non-China Internet: the U.S. model is still the default for most of the world, but the European Union and India are increasingly pursuing their own paths."