Week in Review: Hiring slows, new infrastructure woes, Tik Tok grows

This week’s Cyber Security Headlines – Week in Review, June 6-10, is hosted by Rich Stroffolino with our guest, Renee Guttmann, Former CISO, Campbell Soup, Coca Cola, Time Warner

Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com

Dozens of cities and towns are paying tech workers to abandon Silicon Valley

A growing number of cities and towns all over the U.S. are handing out cash grants and other perks aimed at drawing skilled employees of faraway companies to live there and work remotely. In October there were at least 24 such programs in the U.S., today there are 71, according to the Indianapolis-based company MakeMyMove, which is contracted by cities and towns to set up such programs. Companies whose employees have participated in one remote worker incentive program in Tulsa, Okla., include Adobe, Airbnb, Amazon, Apple, Dell, Meta, Google, IBM, Microsoft, Lyft, Netflix, Oracle and Siemens. Local governments are offering up to $12,000 in cash, along with subsidized gym memberships, free babysitting and office space.

(Wall Street Journal)

Canadian airlines suffer delays and cancellations due to Zayo outage

In another Canadian internet outage story, air travel across Western Canada was impacted Thursday by an internet outage affecting the country’s air navigation service provider Nav Canada. This was due to a disruption in the network of Zayo, a telecommunications provider based in Colorado, that Nav Canada uses in parts of the country’s western region. This was not a cyberattack, but was instead caused by a train derailment that disrupted two key fiber lines managed by one of Zayo’s fiber providers in Canada.

(The Record and the Toronto Star)

Heatwave forced Google and Oracle to shut down in London

As record temperatures hit much of the UK on Tuesday, tech giants Google and Oracle suffered outages as cooling systems failed at London data centers. Oracle reported overheating problems just before 4:00 BST. The company pointed out how the unseasonably high temperatures in the London forced the data center units to operate “above their design limits,” the company wrote on a status page first spotted by The Register. Overheating also hit a Google Cloud data center in London at 6:00 p.m. Only a “small set of customers” were affected.

(BBC News)

Vendors not patching for speculative execution

The firmware security company Binarly issued a report finding that many enterprise vendors are not patching with mitigations for a variety of speculative execution attacks. We recently reported on one such attack called Retbleed, which found a way to get around existing Return Tramoline, or repoline mitigations. But Binarly found that 339 firmwares from HP, Dell, and Lenovo didn’t even use the repoline mitigations in the first place, calling it a “failure in the firmware supply chain.” The report also said that in cases where firmware was updated to add mitigation, it found implementation mistakes that spawned subsequent security issues. 

(The Hacker News)

Thanks to this week’s sponsor, 6clicks

6clicks is your AI-powered GRC platform, featuring a fully-integrated content library. 6clicks provides organizations with a powerful GRC platform to build highly scalable risk and compliance functions and advisors with the tools to streamline and scale their services, saving everyone enormous time and money. Reimagine risk. Improve cybersecurity. Demonstrate compliance. For more information visit 6clicks.com/cisoseries.

Now we have to worry about SATA cables

There are few pleasures in life as pure and absolute as the air-gap defeating techniques from the mad scientists/security researchers at Ben-Gurion University. The researchers documented how SATA cables in a PC can be used as an antenna to exfiltrate data. As usual for these types of exploits, the technique requires an already infected machine, making it somewhat academic. The researchers used the cables to deliver data over radio channels around 5.9995 GHz during read and write operations at ranges up to 3.9 feet. Speeds weren’t great, peaking at 1 bit per second. The paper also proposes a countermeasure, adding noise during read/write operations.

(Bleeping Computer)

Car GPS tracker exposes location data

Security researchers at BitSight found six vulnerabilities in a GPS tracker from the company Micodus. This tracker includes a hardcoded password that can be used to remotely control it, access real-time location data, past routes, and even cut off fuel. The tracker also ships with a default user password of “123456,” with researchers finding 95% of sampled devices didn’t change it. The company claims to have over 1.5 million hardwired GPS trackers in use across vehicle fleets, national governments, militaries, and law enforcement. BitSight characterized these vulnerabilities as “not difficult to exploit” and suggest that other trackers from the company may have similar vulnerabilities. Impacted trackers largely reside in Ukraine, Russia, Uzbekistan, and Brazil, as well as across western and central Europe. 

(TechCrunch)

Russian malware groups spoof pro-Ukraine apps

Researchers at Google’s Threat Analysis Group discovered that the pro-Kremlin threat group Turla created an app called Cyber Azoz, which references Ukraine’s far-right military unit. Last year the same group compromised EU and American organizations with malware. The app claims it launches a denial-of-service attack against Russian websites. Instead the app installs a trojan on a device. The app must be sideloaded and not available on the Play Store. Google researchers believe only a small number of people installed this spoofed app. 

(The Verge)

Microsoft cuts security jobs amidst weakening economy

Microsoft announced it plans to eliminate open jobs, affecting its Azure cloud business and security software unit, as the economy continues to weaken. The company said it’s honoring job offers that have already been made for open roles. The move follows similar hiring slowdowns announced by Google and Apple. Next Tuesday, Microsoft will announce the Azure unit’s percentage growth rate, a closely watched indicator in Microsoft’s quarterly earnings.

(Bloomberg)

TikTok is fastest growing news source for UK

The social video platform is the fastest growing news source for UK adults, according to a survey conducted by the UK Government’s Office of Communications. Nearly half of people using it for current affairs turn to fellow TikTokers rather than conventional news organizations for their updates. TikTok is used by 7% of adults for news, according to the UK’s communications watchdog, up from 1% in 2020. The growth is primarily driven by young users, with half of its news followers aged 16 to 24. A quarter of US adults say they always use TikTok to get the news, with nearly half of US millennial and Gen Z adults – under-41s and under-25s respectively – indicating the same, according to the analysis firm Forrester Research. 

(The Guardian)