The Lighthouse IT Podcast - October 8th, 2021
This week, Matt & Griff discuss a potential strike in Hollywood, a big Facebook outage, an even larger Twitch hack, the latest Apple exploit, more exploits in popular software, and a little bit of good news as well.
Listen here!
News
Hollywood's behind-the-scenes crews vote to authorize strike
- On Monday, the International Alliance of Theatrical Stage Employees (IATSE) revealed that tens of thousands of its members had voted to authorize a strike against the film and television industry.
- For the first time in the union's 128-year history, members — over 98 percent of them, in fact — voted to allow a potential nationwide crew work stoppage.
- The "yes" vote does not trigger a strike but instead empowers the union's international president to call one if deemed necessary in ongoing negotiations with the Alliance of Motion Picture and Television Producers (AMPTP) for several contracts.
CISA releases Self-Assessment Tool to determine Insider Risk
- Rise in cyber incidents as a result of payout to an employee or contractor. Tool helps you understand your position and mitigation efforts.
Facebook, Instagram, & WhatsApp went down in huge outage
- Facebook and its affiliated services WhatsApp and Instagram were all down on Monday. Their DNS names stopped resolving, and their infrastructure IPs were unreachable. It was as if someone had "pulled the cables" from their data centers all at once and disconnected them from the Internet.
- Facebook released an explanation:
- "Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication. This disruption to network traffic had a cascading effect on the way our data centers communicate, bringing our services to a halt."
- Some speculate that this outage was intentional as the day prior, an ex-employee (whistleblower) went on 60mins and leaked a number of internal Facebook investigations showing the company knew its products were causing mass harm, and that it prioritized profits over taking bolder steps to decrease abuse on its platform. But who knows.
READ MORE & READ MORE & READ MORE
An anonymous hacker claims to have leaked the entirety of Twitch, including its source code and user payout information
- The user posted a 125GB torrent link to 4chan on Wednesday, stating that the leak was intended to "foster more disruption and competition in the online video streaming space" because "their community is a disgusting toxic cesspool". Woof. This link is public and can still be found.
- The leaked Twitch data reportedly includes:
- The entirety of Twitch's source code with comment history "going back to its early beginnings"
- Creator payout reports from 2019
- Mobile, desktop and console Twitch clients
- Proprietary SDKs and internal AWS services used by Twitch
- "Every other property that Twitch owns" including IGDB and CurseForge
- An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
- Twitch internal 'red teaming' tools (designed to improve security by having staff pretend to be hackers)
- Some Twitter users have started making their way through the 125GB of information that has leaked, with one claiming that the torrent also includes encrypted passwords, and recommending that users enable two-factor authentication to be safe
How to steal money via Apple Pay using the "Express Transit" feature
- If you haven't heard of Express Transit, it's one of those clever ideas that unavoidably trades off cybersecurity against convenience.
- Simply put, it lets you complete some types of touch-to-pay transaction, even when your phone is locked, for selected public transport services.
- Express Transit makes Apple Pay and your iPhone work a bit like a regular credit card, which doesn't need unlocking with a PIN code for low-value transactions.
- Just tapping your credit card on or near a payment terminal triggers a rapid and entirely automated cryptographic exchange via the chip in your card that bills your account for the amount shown on the terminal's screen.
- Every phone feature that you activate on the lock screen conspires directly against the security that the lock screen is supposed to provide in the first place.
- Should you be worried? We don't think so, but that's because we avoid all "make things work at the lock screen" features on all our mobile devices.
Europol announces two more ransomware busts in Ukraine
- Ukrainian Cyberpolice found $375k in US $100 bills in a shoebox located in a nice apartment. They also found $1.5mil in crypto and two $100k cars.
- Not that this makes much of a dent in the ransomware scene, but because of the mention of this being related to a ransom with demands of EUR 70mil, reporters are suspecting that this could be related to the Kaseya breach.
- Definitely check out the video though.
fail2ban Remote Code Execution Exploit
- Popular tool used to analyze logs to block IP addresses that are seemingly trying to brute force attack a server has an RCE exploit that manipulates the mail command and take over.
That's gotta hurt...
- The #1 search on Bing? Google
FaceTime for Windows? Kinda...
- iOS 15 lets iPhone users invite non-iOS users to calls via browser link. The iPhone must initiate the call and approve the visitor.
Amazon's New World
- Is also the name of its video game. Should I come out of retirement?
LITS talk:
We have launched Harmony Cloud, and we have a Cybersecurity self-assessment that if you turn into us, we can help you audit and fix the holes in your network, and finally, we have a Cybersecurity Essentials booklet for business owners that helps you understand the current climate of cybersecurity and how to keep your company safe moving forward.