Geopolitics: Yesterday the US hit back hard at Russian cyberattacks and meddling. An exec order from the Oval Office delivers wide-ranging economic sanctions that hit right where it hurts, so that Russia won’t be able to raise the funds it needs the way it has been, plus adds in some diplomatic expulsions. And it prohibits US banks from buying ruble bonds. The EO impacts several tech firms including Positive Technologies. You can read the details here. Be prepared for fallout.
Severe bug warning for OT in EtherNet/IP Stack per The Hacker News
CISA issued this advisory on Thursday for a number of severe vulnerabilities in OpENer EhterNet/IP stack that could put industrial systems at risk of RCE, DoS and data leaks. The warning extends to all OpENer commits and versions before February 10 2021. To exploit, an attacker need only send crafted ENIP or CIP packets to a device. As we now know (because I keep telling you 😊) OT and industrial systems are different and need our attention.
Codecov Possible Supply Chain compromise 😱 per Bleeping Computer
In a year of supply chain compromise, here’s another. Codecov is an online platform used by over 29,000 enterprise organizations like Atlassian, GoDaddy, proctor &Gamble. Yeah. It helps measure source code execution during testing, because stats matter.
Looks like a threat actor may have found their way into the system back in January, and tampered with the Bash Uploader script, the tool clients use to upload their code reports. The tainted version – omg does this feel like SolarWinds?!- could allow access and export of sensitive client info including credentials, tokens, keys plus services, app codes etc. If you are using this service you need to get on this asap.