Weekend Reads 072922

Chris Siebenmann has written a short blog piece that reflects on the trend to see Certificate Transparency (CT) as the answer to ‘the problem’; the problem being how to tell if a validly signed and current certificate has somehow had to be repudiated.

For US$2,500, threat actors can employ Matanbuchus, a malware-as-a-service (MaaS) package found delivering Cobalt Strike beacons through phishing and spam messages.

As global and societal events such as supply chain shortages occur, there’s a corresponding increase in fraud related to fake domain registrations (websites) that capitalize on the event—creating unsafe situations for consumers.

Aside from recovery costs and business interruptions — the latter of which can cost as much as USD 22,000 per minute — the most damaging effect of such attacks can be reputational, specifically the loss of customers.

This week, it came to light that gaming platform Roblox was breached via a phishing/social-engineering attack that led to the theft of internal documents and the leaking of them online in an extortion attempt.

Researchers have discovered malware that has been secretly infecting systems featuring Asus and Gigabyte motherboards for at least six years.

The most important point is to understand that there are two very different and separate categories of return you can expect from an OBP project—“hard” benefits (compensation, seized assets, substitute sales) and”soft” benefits (brand integrity, reputation, etc.).

As cloud computing grows faster than local utility grids, several of the world’s largest and most strategic data center markets are facing power constraints that pose a major challenge to the long-term growth of the Internet.

Aoqin Dragon, like the mythical character it’s named after, has recently been unearthed after nearly a decade of flying under the cybersecurity community’s radar.

Micron’s newly launched 232-layer TLC NAND modules could be a boon for data-intensive workloads like database operations and analytics.