This month, multiple hacks have show that MFA is becoming a main target for attacks in many organizations’ authentication processes. A stark reminder to replace time-based one-time passwords (TOTP) with man-in-the-middle resistant forms of MFA like U2F.

Uber Hacked - MFA Weakness I

Ride-sharing giant Uber took some of its operations offline after it discovered that its internal systems have been compromised. An attacker was able to social-engineer his way into an employee’s VPN account before moving deeper into the network. “They pretty much have full access to Uber,” Sam Curry, a security engineer at Yuga Labs. >read<

Rockstar Games Hacked - MFA Weakness II

The video game publisher Rockstar Games released a statement revealing a network intrusion and informing fans that details about their new Grand Theft Auto game had been leaked. Reliable details of the hack are not available yet. It is rumored the attack was performed by the same threat actor that is behind the Uber breach. >read<

Rockstar Games Hacked
Grand Theft Auto / Credit: Rockstar Games

Transitioning to multiple AWS accounts

Many companies struggle with applying the least-privilege principle to their existing single-account AWS environment. Justin Plock discusses transitioning from a single-account environment to a multi-account environment, including decisions you need to make about network, user management, security, access control, and architecture. >read<

Russian official says civilian satellites may be a legitimate military target

while SpaceX’s Starlink satellite Internet has proved valuable in Ukraine, new threats are coming from Russia. Without mentioning Starlink by name, Russia’s representative at a United Nations meeting on threats from space and possible countermeasures spoke of an “extremely dangerous trend”. He was referring to the use of civilian or commercial infrastructure in space for military purposes by “the United States and its allies.” Quasi-civilian infrastructure can thus become a legitimate target for retaliation”, he said. >read<

Microsoft investigates Iranian attacks against the Albanian government

The Microsoft Detection and Response Team (DART) has released an in-depth analysis after being engaged by the Albanian government to lead an investigation into the attacks. According to the report, Microsoft assumes that “with a high degree of probability” several Iranian actors were involved in the attack, which was carried out in several phases. Tools and a digital certificate that had previously been used by actors from Iran were seen in action against the Albanian government. >read<

San Francisco’s subway only runs thanks to Windows 98 and DOS

The newspaper The Mercury News reports on the 50th anniversary of the Bart (Bay Area Rapid Transport) subway and the numerous technical difficulties in keeping the old trains running. According to the report, some of the problems are due to completely outdated technology. This apparently includes Windows 98. >read<

BART trains / Credit: Jose Carlos Fajardo/Bay Area News Group

The Most Damning Allegation in the Twitter Whistleblower’s Report

The claimed lax security at Twitter is bad news. But one clearly captures the extent of systemic issues. Engineers had extensive access to the social network’s live, deployed software platform with minimal logging and monitoring. >read<