Security Scene: June 2022 Edition
By Adair Thaxton - Internet2 Cyberinfrastructure Security Engineer
Security Scene is a monthly roundup of cybersecurity news highlights compiled by Internet2 Cyberinfrastructure Security Engineer Adair Thaxton. Adair connects recent headlines to security best practices, within the lens of the research and education community and our broader digital society. Plus, she’s got jokes!
It’s definitely summer. The heat can go away now, thank you very much! I hope you’re all managing to stay cool and wearing sunscreen.
ARIN, RIPE NCC, LACNIC, and APNIC have issued a statement in support of AFRINIC following its recent lawsuits, as have the African NRENs. If you’re like me and wondering, “What lawsuits?”, I have some links for you! There are great summaries from Federal News Network and ARIN. Basically, someone working for AFRINIC made unauthorized sales of AFRINIC IP space to a businessman in Hong Kong. Upon discovering that African IP addresses were being used outside Africa, AFRINIC took steps to reclaim that address space. The Hong Kong buyer is disputing whether AFRINIC has the authority to reclaim that space, as that power is not explicitly stated in their contracts.
You may have heard of the new Hertzbleed vulnerability. That write-up is rather technical, and IFLScience’s article is a bit more accessible. Almost all Intel and some AMD processors are vulnerable, but the application of the vulnerability is expected to be narrow. The vulnerability focuses on observing when dynamic frequency scaling is being used to encrypt or decrypt information, and then inferring what that information is based on the frequency and elapsed time. Intel and AMD are suggesting a performance-impacting workaround but are not releasing patches.
Microsoft has a blog entry that covers using Python and Jupyter notebooks to analyze leaked communications within the Conti malware group and use that analysis to gain information on targets and infrastructure. Their MSTICPy tool is available on Github and can be used to connect to several threat intelligence providers to provide context and analyze logs. A VirusTotal module is also available to investigate your findings.
Have a happy Fourth of July weekend! Remember to drive, swim, and grill safely!