“What’s New in Sysdig” is back with the October 2023 edition! My name is Zain Ghani, based in Austin, Texas, joined by my colleague, Matt Baran, based in Los Angeles, California, to share our latest updates with you. The last few weeks have been really exciting at Sysdig.
The Fireblocks research team recently uncovered an ERC-4337 Account Abstraction vulnerability in the smart contract wallet UniPass. Fireblocks worked with UniPass to fully mitigate the vulnerability, which was found in hundreds of mainnet wallets in a whitehat operation. All funds are now safe and accounted for.
Picture yourself immersed in your favorite mystery novel, eagerly flipping through the pages as the suspense thickens. You’re enthralled, engrossed in the story of a hotel burglar with an uncanny ability to sneak into guest rooms without leaving telltale signs of break-ins or lock-picking. As you read on, you’re captivated – and stumped – by how this elusive bad actor can deftly close the doors behind them, leaving no clues.
Cloud platforms offer unparalleled scalability, flexibility, and cost-efficiency. However, the convenience and advantages of the cloud are accompanied by significant security challenges. Hackers are constantly trying to exploit weak cloud configuration settings, which is why it’s important to have visibility into the security of your organization’s cloud infrastructure.
In August 2023, Netskope Threat Labs highlighted an increase in downloads of PDF phishing attachments in Microsoft Live Outlook, caused by a series of phishing campaigns targeting users of the email service. We took a closer look and found that these campaigns are mostly Amazon-themed scams with a few Apple and IRS-themed phishing attempts sprinkled throughout. Just like in our previously reported phishing blog posts, attackers are abusing free services in these campaigns.
Earlier this month, the District of Columbia Board of Elections (DCBOE) warned that a threat actor may have gained access to the personal information of their registered voters. This would include personally identifiable information (PII) such as contact details, partial social security numbers, dates of birth, and driver’s license numbers. In an X post on Friday 20th October, the agency was keen to stress that it was only a possibility the voter roll had been accessed.
In the vast digital landscape, the flow of data across networks is akin to water coursing through a city’s plumbing system. Just as impurities in water can signal potential issues, deviations in network traffic, termed as network inserted anomalies, can hint at cyber threats. These anomalies range from overt signs like unauthorized access attempts to subtler indicators like unusual data transfer patterns.