24
June
2022

Security

Security Scene: June 2022 Edition

Subscribe for more like this

Share

Array

By Adair Thaxton - Internet2 Cyberinfrastructure Security Engineer

Estimated reading time: 2 minutes

Security Scene is a monthly roundup of cybersecurity news highlights compiled by Internet2 Cyberinfrastructure Security Engineer Adair Thaxton. Adair connects recent headlines to security best practices, within the lens of the research and education community and our broader digital society. Plus, she’s got jokes!

Security Scene illustration with lock

It’s definitely summer. The heat can go away now, thank you very much! I hope you’re all managing to stay cool and wearing sunscreen.

ARIN, RIPE NCC, LACNIC, and APNIC have issued a statement in support of AFRINIC following its recent lawsuits, as have the African NRENs. If you’re like me and wondering, “What lawsuits?”, I have some links for you! There are great summaries from Federal News Network and ARIN. Basically, someone working for AFRINIC made unauthorized sales of AFRINIC IP space to a businessman in Hong Kong. Upon discovering that African IP addresses were being used outside Africa, AFRINIC took steps to reclaim that address space. The Hong Kong buyer is disputing whether AFRINIC has the authority to reclaim that space, as that power is not explicitly stated in their contracts.

You may have heard of the new Hertzbleed vulnerability. That write-up is rather technical, and IFLScience’s article is a bit more accessible. Almost all Intel and some AMD processors are vulnerable, but the application of the vulnerability is expected to be narrow. The vulnerability focuses on observing when dynamic frequency scaling is being used to encrypt or decrypt information, and then inferring what that information is based on the frequency and elapsed time. Intel and AMD are suggesting a performance-impacting workaround but are not releasing patches.

Microsoft has a blog entry that covers using Python and Jupyter notebooks to analyze leaked communications within the Conti malware group and use that analysis to gain information on targets and infrastructure. Their MSTICPy tool is available on Github and can be used to connect to several threat intelligence providers to provide context and analyze logs. A VirusTotal module is also available to investigate your findings.

Have a happy Fourth of July weekend! Remember to drive, swim, and grill safely!

Read previous Security Scene blog posts.

About the Author(s)

View Author Articles
Adair Thaxton sthaxton@internet2.edu

Internet2 Cyberinfrastructure Security Engineer

Adair Thaxton is a Cyberinfrastructure Security Engineer for Internet2. She has her master's degree in Information Science from UNC-Chapel Hill and worked there for 13 years as a network engineer. She has presented at NANOG, EDUCAUSE, and multiple Internet2 conferences on routing security topics. She has her CISSP, is a third-degree black belt in tae kwon do, and has a wonderful husband and son.