Captain's Log, Stardate 2021.07.30

circle
circle

Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack

J1_Ambassador Hunter @2x

Dissecting the Colonial Pipeline Incident | Jibran Hasnain Jalaliode
Colonial Pipeline reportedly paid the DarkSide ransomware-as-a-service (RaaS) criminal group close to $5 million in cryptocurrency to decrypt locked systems earlier this month. But cyber experts warn that more potential damage may still be festering undetected deep within the company’s network. Read the full story...


22 Levels of Cardistry: Easy to Complex (video) | Dan and Dave Buck at Wired

Sometimes you just have to take a break to clear your brain for the next round. Keep a pack of playing cards next to your work station, as Cardistry pioneers Dan and Dave Buck explain cardistry in 22 levels of difficulty. From a foundational Z-Grip to complicated cuts like the Leno, watch how these two card innovators demonstrate and break down everything that goes into the art of card handling. Read the full story...

30 Top Routinely Exploited Vulnerabilities | CISA
This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI). This advisory provides details on the top 30 vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—routinely exploited by malicious cyber actors in 2020 and those being widely exploited thus far in 2021. Read the full story...


Novel Meteor Wiper Used in Attack that Crippled Iranian Train System | ThreatPost
An attack earlier this month on Iran’s train system, which disrupted rail service and taunted Iran’s leadership via hacked public transit display screens, used a never-before-seen wiper malware called Meteor that appears to have been designed for reuse, a security researcher has found. SentinelLabs researchers reconstructed most of the attack chain in the train-system and discovered the novel wiper, which the threat actors—who also appear to be a new set of adversaries still finding their attack rhythm. Read the full story...

AWS, Cobalt, & PagerDuty Integrate with JupiterOne to Improve Cyber Asset Context | Jennie Duong
Silos are a thing of that past. And we truly believe that at JupiterOne. We’re big advocates of creating people-centric solutions that actually connect cyber assets and add context-driven security to teams and workflows. That’s why we’re excited to announce that three industry partners have added or extended their technology integrations with the JupiterOne’s platform. New integrations with Cobalt, and PagerDuty have been released along with an extension of our existing integration with Amazon Web Services, (AWS)! . Read the full story...

Resources

Modern Visibility in Cyberseccurity

avatar

Posted By Mark Miller

Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain.

Mark actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU. He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne.

As well, Mark is Executive Producer of the DevSecOps Podcast Series (300K+ listens), and the Executive Editor of the LinkedIn DevOps Group (124K+ members).

To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

PREVIOUS ARTICLE

cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.