Hello and welcome into the last letter on cyber and networking security for the year 2020! We want to wish you a Merry Christmas and a Happy New Year.
Now let's take a look at the articles and papers covering the week of December 14 to 20.
Of course, SolarWinds incident would be the first to mention:
Hackers used SolarWinds' dominance against it in sprawling spy campaign, by Reuters;
The SolarWinds cyberattack: The hack, the victims, and what we know by BleepingComputer;
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers by Microsoft.
Linux 5.10 Release Letter by Linux Torvalds
"Ok, here it is - 5.10 is tagged and pushed out.
I pretty much always wish that the last week was even calmer than it was, and that's true here too. There's a fair amount of fixes in here, including a few last-minute reverts for things that didn't get fixed, but nothing makes me go "we need another week". Things look fairly normal."
Ad-blocker AdGuard deploys world's first DNS-over-QUIC resolver
"The protocol is currently only a working draft at the Internet Engineering Task Force (IETF), but AdGuard says there is no reason to wait to start experimenting and providing this better and more private version of the DNS protocol to its users."
IBM presented fully homomorphic encryption services
"An innovative technology, fully homomorphic encryption (FHE), can help you achieve zero trust by unlocking the value of your data on untrusted domains without needing to decrypt it."
Google Cloud Infrastructure Components Incident #20013 RCA
"On Monday December 14, 2020, for a duration of 47 minutes, customer-facing Google services that required Google OAuth access were unavailable."
Measuring the impact of DNS Flag Day 2020
"In 2020, a second Flag Day was adopted where the intent was to modify DNS protocol behaviour to avoid relying on fragmented UDP packets."
How an obscure British PC maker invented ARM and changed the world
"1987's Acorn Archimedes was the first production RISC-based personal computer."
MAnycast²: Using anycast to measure anycast
"In a recent study headed by the University of Twente, we proposed a new measurement and inference technique, MAnycast², which relies on an anycast testbed to efficiently detect anycast prefixes.
The idea behind MAnycast² is quite simple: We send ICMP echo-requests with our anycast IP address as a source, from all of the anycast nodes in our testbed. The traffic of the ICMP echo-responses to the anycast IP will be then routed back on a single node, if the target is unicast and on multiple nodes, in case the target is anycast."
Apple, Google, Microsoft, and Mozilla ban Kazakhstan's MitM HTTPS certificate
"Browser makers Apple, Google, Microsoft, and Mozilla, have banned today a root certificate that was being used by the Kazakhstan government to intercept and decrypt HTTPS traffic for residents in the country's capital, the city of Nur-Sultan (formerly Astana)."
Papers of the week:
The Reality of Algorithm Agility: Studying the DNSSEC Algorithm Life-Cycle
and
AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers.
Repository of the week - 'I Hate C Testing': A minimal testing framework for C.
Once again, thank you for reading our newsletter!
For feedback or any suggestions, please write to us at cybersec@qrator.net.