Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack.
Decoding the hidden language and signs of ‘Squid Game’ for non-Koreans | The Washington Post / Michelle Yee Lee
So you just finished watching “Squid Game,” the global sensation that has become the most watched show on Netflix. Or maybe you’re binge-watching it now. If you’re not a native Korean speaker, or you watched the dubbed version, you may have missed a few important things that could enrich your viewing experience. We are here to share the Easter eggs that non-Koreans may have missed. Read the full story...
(Added bonus: Recipe for Korean Sponge Candy so you can hold your own competition.)
Modern Cybersecurity: Tales from the Near-Distant Future | Book Release
On Tuesday, we released a new book, featuring seven security practitioners telling their stories. They tell the details of major business problems they experienced when implementing cybersecurity - and how they overcame them. Chapters include:
- Security for Modern Cyber Assets - Sounil Yu (JupiterOne)
- How You Know Your Organization is Ready to Adopt a Security Practice - Yolonda Smith (sweetgreen)
- The Future of Security Cloud Native - Caroline Wong (Cobalt.io)
- Reinventing the Workforce - Sushila Nair (NTT DATA Services)
- Hardening the Value Stream - Bryan Finster (DoD USAF)
- Metrics that Matter: The Business Context of Cyber Risk Management - Keyaan Williams (Cyber Leadership Forum)
- It’s Not What You Know; It’s What You Do - Jennifer Czaplewski (Target)
On October 24, 2021, some time-keeping systems are going to take a trip back in time to March 2002, unless you update your GPSD programs. Some systems rely on Global Positioning Systems (GPS) appliances and the GPSD daemon to tell the exact time, and a nasty bug's been uncovered in GPSD that's going to pop up on October 24, 2021. If left unpatched, it's going to switch your time to some time in March 2002, and your system will crash with a resounding kaboom. Here's how it works... Read the full story...
An EU cybersecurity think tank looks at 24 recent supply chain attacks, and warns that defences against them are not good enough. ENISA's analysis found that attackers focused on the suppliers' code in about 66% of reported incidents. The same proportion of vendors were not aware of the attack before it was disclosed.
ENISA focuses on Advanced Persistent Threat (APT) supply chain attacks and notes that while the code, exploits and malware was not considered "advanced", the planning, staging, and execution were complex tasks. It notes 11 of the supply chain attacks were conducted by known APT groups. Read the full story...
A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles. The hack, which took place last month, targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons.
The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen’s personal information.
- Over 400 pre-built JupiterOne queries (free)
- Join us on Slack to continue the discussion
- Gartner and Hype Cycle® for Security Operations, 2021
- JupiterOne Platform (free) to setup your own queries and asset discovery
Posted By Mark Miller
Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain.
Mark actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU. He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne.
As well, Mark is Executive Producer of the DevSecOps Podcast Series (300K+ listens), and the Executive Editor of the LinkedIn DevOps Group (124K+ members).
To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.
Subscribe to our newsletter!
Get updates from JupiterOne Mission Control
Fresh content and cool cybersecurity news alerts delivered to your inbox at least 2x a month! Just let us know where to send it.