Cybersecurity Newsletter, October 5 - 11
Qrator

Hello and welcome to the regular networking and cybersecurity newsletter! Relevant articles published between October 5 and October 11, 2020, are following. 

We Hacked Apple for 3 Months: Here’s What We Found

"Apple pays $288,000 to white-hat hackers who had run of company’s network" - ArsTechnica.
 

Report: U.S. Cyber Command Behind Trickbot Tricks

"A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military's Cyber Command." - Brian Krebs.
 

GitLab's security trends report – our latest look at what's most vulnerable

"The percentage of projects finding issues with dependent libraries in use has significantly increased over the last year, from 26 per cent to 69 per cent," said Wayne Haber, engineering director, in the report. "This reinforces that updating dependent libraries should be prioritized based on the risks those libraries pose." - The Register.
 

Chrome is deploying HTTP/3 and IETF QUIC

"QUIC is a new networking transport protocol that combines the features of TCP, TLS, and more. HTTP/3 is the latest version of HTTP, the protocol that carries the vast majority of Web traffic. HTTP/3 only runs over QUIC."
 

Are you filtering for inbound spoofed packets? Chances are you're not

"At least half of all Autonomous Systems (ASes) on the Internet are vulnerable to Denial of Service (DoS) attacks because they are not deploying a 20-year-old filtering mechanism."
 

Computer Scientists Break Traveling Salesperson Record

"Now, in a paper posted online in July, Klein and his advisers at the University of Washington, Anna Karlin and Shayan Oveis Gharan, have finally achieved a goal computer scientists have pursued for nearly half a century: a better way to find approximate solutions to the traveling salesperson problem."
 

Repository of the week - Earthly - Build automation for the post-container era

 

Thanks for reading!

For feedback or any suggestions, please write to us at cybersec@qrator.net.