Microsoft & Okta attacked, Invisibility Shields, BiaB Phishing & more!

March 25, 2022 by
Microsoft & Okta attacked, Invisibility Shields, BiaB Phishing & more!
Lighthouse IT Solutions, Matthew Almendinger

The Lighthouse IT Podcast - March 25th, 2022

This week, Matt & Griff discuss hacks of Microsoft and Okta, a major vulnerability in Linux, a massive outage at Apple, new phishing dangers for Chrome, a more secure Twitter, Netflix planning to charge for account sharing, and the future is now with invisibility shields.

Listen here!


Microsoft & Okta targeted by hack

  • Okta, an authentication company used by thousands of organizations around the world, has now confirmed an attacker had access to one of its employees' laptops for five days in January 2022 — but claims its service "has not been breached and remains fully operational."
  • The disclosure comes as hacking group Lapsus$ has posted screenshots to its Telegram channel claiming to be of Okta's internal systems, including one that appears to show Okta's Slack channels, and another with a Cloudflare interface.
  • Many companies, universities, and government agencies that depend upon Okta to authenticate user access to internal systems.
  • Okta responded that they believe this is due to an compromised engineer and validated the screenshot of the exposed data coincides with an isolated incident in January that was due to a compromised support engineer. Supposedly the data was isolated to the capabilities that only an Support Engineer could have and that security has since been restored.
  • Also, the same Telegram channel posted images to support a claim Lapsus$ made that it breached Microsoft systems.
  • Lapsus$ posted a BitTorrent link to a file archive that purportedly contained proprietary source code for Bing, Bing Maps, and Cortana, all of which are Microsoft-owned services.
  • The contents of the download were 37GB in size and appeared to be genuine Microsoft source code.
  • Microsoft on Tuesday said only: "We are aware of the claims and investigating."


Ransomware gang threatens to leak files stolen from tire giant Bridgestone

  • The cyberattack came to light in late February. Bridgestone at the time decided to disconnect many of its manufacturing and retreading facilities in the Americas from its network, which led to some plant operations getting shut down and employees being sent home. The company has 50 production facilities and 55,000 employees.
  • A cybercrime gang that has been using the LockBit 2.0 ransomware has taken credit for the attack on Bridgestone and is now threatening to make public "all available data."
  • Bridgestone discovered the breach on February 27
  • The LockBit 2.0 gang has taken credit for several high-profile attacks over the past months, including one that targeted Accenture. The cybercriminals published thousands of files allegedly stolen from the consulting giant.
  • The group recently also claimed to have breached systems belonging to France's Ministry of Justice. The files allegedly belonging to the Ministry of Justice have also been made public.


Linux has its most high-severity vulnerability in years

  • Dirty Pipe, as the vulnerability has been named, is among the most serious Linux threats to be disclosed since 2016.
  • "Pipe" refers to a pipeline, a Linux mechanism for one OS process to send data to another process. In essence, a pipeline is two or more processes that are chained together so that the output text of one process (stdout) is passed directly as input (stdin) to the next one.
  • The vulnerability came to light when a researcher for website builder CM4all was troubleshooting a series of corrupted files that kept appearing on a customer's Linux machine. After months of analysis, the researcher finally found that the customer's corrupted files were the result of a bug in the Linux kernel.
  • He eventually figured out how to weaponize the vulnerability to allow anyone with an account. Untrusted users can remotely access the server with an SSH window that has full root privileges.
  • The vulnerability persisted until last month.


Massive Apple outage

  • On Monday Mar 21st, Apple faced far-reaching network outages affecting pretty much all of their services
  • Users who are heavily invested in Apple's ecosystem for things like mobile payments, navigation, file transfers, streaming entertainment, and more found themselves disconnected for several hours.


Did somebody say invisibility shield

  • Yeah, that's right. Someone made an invisibility shield.
  • The panels are available now, but don't plan on solving crime just yet.
  • The panels change the direction of light passing through it horizontally, obscuring items behind, but also making the picture very hazy.
  • It works well in areas with very uniform backgrounds (think beaches and forests and whatnot)


Phishing toolkit lets anyone create fake chrome browser windows

  • When signing into websites, it is common to see the option to sign with Google, Microsoft, Apple, Twitter, or even Steam.
  • Cybercriminals can now create effective single sign-on phishing login forms using fake Chrome browser windows.
  • This attack creates fake browser windows within real browser windows (Browser in the Browser) to create convincing phishing attacks.
  • Attackers can simply download the templates, edit them to contain the desired URL and Window title, and then use an iFrame to display the login form.
  • In other words, it doesn't actually open a new stripped down login page, using CSS/HTML, it only looks like a new browser window opened.


Twitter is launching a Tor service for more secure and private tweeting

  • Twitter is launching a version of its site as a Tor onion service, optimizing it for the privacy-protecting and censorship-evading network.
  • While you could already access Twitter's ordinary website via Tor, the newly launched version adds more layers of protection to the already anonymized browsing experience and is designed specifically for the network.


Netflix tests a new feature that will raise prices for account sharing

  • Netflix will begin testing a new, opt-in feature that will prompt subscribers to pay extra if sharing the service with people outside their own household.
  • The feature will allow households to add up to two "sub accounts" for a fee that's less than the cost of the full-priced Netflix service.
  • The new option will initially be tested in Chile, Costa Rica and Peru and will roll out over the next few weeks.
  • To make this feature work, Netflix isn't relying on location-based data, like GPS. Instead, the company is leveraging the same information it uses to provide its service today to its end users, including an IP address, device IDs and other information about devices signed into the Netflix account across the household.


TikTok launches a music distribution platform, SoundOn

  • TikTok has already achieved massive influence in today's music industry, sending songs that find popularity on the app to the top of the Billboard charts.
  • Now the company is launching its own music marketing and distribution platform, SoundOn, to help more artists get their music heard.
  • This distribution is provided free of charge and all transaction fees are being waived by the platform. TikTok says SoundOn will pay 100% of royalties to music creators for an unlimited time on ByteDance-owned platforms.
  • For global streaming services, the payout is also 100% in the artist's first year, but will drop to 90% in year two and beyond.


Snapchat's new feature lets you build AR experiences for landmarks

  • Custom Landmarkers lets creators build unique AR experiences for people to experience in the Snapchat app.
  • Its accessible in Lens Studio and can be used to create fun scenes over top of places like storefronts, statues and landmarks.
  • Snapchat will moderate AR content on its platform to ensure everyone's experiences are positive.
  • 250,000 lens creators from more than 200 countries have made 2.5 million lenses that have been viewed more than 3.5 trillion times.