This week’s Cyber Security Headlines Week in Review, January 25-29, 2021, is hosted by Steve Prentice @stevenprentice with our guest, Steve Zalewski, Deputy CISO, Levi Strauss.
Tesla fires new software engineer for allegedly stealing Python scripts
Tesla has fired and sued a software engineer for trade secret theft and breach of contract after discovering that he had allegedly copied thousands of files to his personal Dropbox account just days after being hired. A complaint, filed on Friday in US District Court in San Jose, California, claims that Alex Khatilov, transferred Warp Drive files from Tesla’s secure internal network to his Dropbox account that Tesla has no access or visibility.” Khatilov said he was unaware of the lawsuit and insisted that the transfer was a mistake – the result of Dropbox automatically copying Python files he installed as part of his onboarding process.
Google’s Threat Analysis Group warns of social engineering hack aimed at security researchers
The hackers, allegedly based in North Korea, have been targeting individual security researchers who work on “vulnerability research and development.” They are using a cybersecurity blog focused on writing up vulnerabilities that were already public and amplifying this with a series of Twitter accounts and YouTube videos to build credibility with the targets. The campaign asked researchers to collaborate on their work, which enabled the hackers to transmit malware disguised as sample data files. Although Google’s TAG could not confirm a direct motive for this activity, they suggest the attackers may be trying to learn more about non-public vulnerabilities that they can use in future state-sponsored attacks. They have listed the specific hacker accounts in their its January 25 blog post and suggest that anyone who’s interacted with these accounts should scan their systems for any indication they’ve been compromised and move their research activities onto a separate computer from their other day-to-day usage.
(The Verge and Google TAG)
Reddit stock traders cause outages for online trading apps
Earlier this week we reported on potential hacking allegations involving stock traders on Reddit squeezing hedge fund short sellers. The intensity of trading around the GameStop stock and other subreddit favorites like AMC Entertainment have seen site and app disruptions on most of the major trading platforms, withRobinhood Markets, E*Trade, Fidelity, and Charles Schwab reporting issues. TD Ameritrade went so far as to limit transactions on some of the stock, citing “an abundance of caution amid unprecedented market conditions.”
Our sponsor Nucleus Security brings you “The Top 5 Antipatterns in Vulnerability Management”:
Twitter Birdwatch pilot launches
Birdwatch was previously confirmed by Twitter last year, and is a system that lets users flag and discuss tweets believed to be misleading or false. Birdwatch is a standalone section of Twitter, initially rolling out to a small group of users with accounts tied to real phone numbers and email addresses. Tweets get flagged in Twitter’s main interface, then notes can be added to the Birdwatch section for context. Users can also rate others’ notes to prevent bad-faith usage. Twitter says eventually it wants notes to appear on Tweets themselves for its global audience with Birdwatchers acting as moderators. A sample UI and waitlist are available at birdwatch.twitter.com.
The case for standalone password managers
PCWorld Senior Editor Brad Chacos makes the case that while password managers integrated into modern browsers have come a long way, users would be better off, and more secure, using a discrete third-party solution. He notes that additions like two-factor authentication and strong password generators have made browser-based solutions certainly a better password manager than nothing, they also lock you into just one browser. This results in either fragmented password vaults across multiple ecosystems, or requires cumbersome logins to different accounts to access passwords, especially kludgy on mobile. Third-party password managers usually have secure tools to share passwords, are built to work on the OS level rather than in one particular app, and are broadly now supported on iOS and Android.
Verizon outage started in Brooklyn
A major internet outage struck the US eastern seaboard yesterday affecting a range of services including Verizon, Google, Slack, Microsoft Teams, and Azure. The affected area ranges from Massachusetts to Washington DC. In a tweet, Verizon identified the cause of the outage to a fiber that had been accidentally severed in Brooklyn, although it is not clear that this single event was responsible for the entire outage.