Jan 13, 2023

                            January 13, 2023

                Jan 13, 2023

𝓦𝓾𝓵𝓯𝓼𝓲𝓰𝓮 🐺 @wulfsige79
Stay diligent my fellow network engineers!  These things are out there! 

Context: bootleg compromised network gear in our corporate environment.  This was found on the underside of the board. (about 70ish compromised Cisco 2960x’s  that were “certified refreshed”) 
1:51 AM ∙ Jan 12, 2023
1,578Likes448Retweets
𝓦𝓾𝓵𝓯𝓼𝓲𝓰𝓮 🐺 @wulfsige79
This got some attention!  So someone was able to link more context which apears to be exactly what this is: 

2:25 PM ∙ Jan 12, 2023
156Likes17Retweets
𝓦𝓾𝓵𝓯𝓼𝓲𝓰𝓮 🐺 @wulfsige79
I'll add one more link here.  This is how Cisco is trying to address this situation and is probably the easiest way to identify the issue (in the event you still have these in your support wheelhouse) 

cisco.comField Notice: FN - 72399 - Catalyst 2960X/2960XR: Counterfeit Detection With the SUDI Verification Feature Supported in Release 15.2(7)E4 o…In order to detect and mitigate device counterfeiting and malicious attacks on hardware and software, Cisco uses Hardware Trust Anchor, Secure Unique Device Identifier (SUDI), digitally signed software images, secure boot, and other multilayered security approaches to verify the authenticity and int…3:59 PM ∙ Jan 12, 2023
69Likes9Retweets
-
Subscribe now

-
Wahlid Mohammad @Wahlid
7:44 PM ∙ Jan 12, 2023
38,850Likes2,990Retweets
-
Lukasz Olejnik (@LukaszOlejnik@Mastodon.Social) @lukOlejnik
I analyse, and explain the severity of a single cyber-enabled information operation that happened one year ago. I explain how it may have signaled the ensuing escalation/war in Ukraine, how serious/severe it should be assessed today.  techletters.substack.comTechLetters Cyber Insights: Cyberoperation as a prelude to Ukraine 2022+ war, a year afterCyberoperations gradually escalated the situation, and were a signal. Especially one.12:07 PM ∙ Jan 13, 2023
-
GUARD Hunter @HUN2R
This guy accidentally called the cops while he was playing Rainbow 6 Siege

They heard him say “I killed 2 people” over the phone and thought it was a double homicide 
9:34 PM ∙ Jan 6, 2023
68,587Likes3,680Retweets
-
Jan Lemnitzer @JanLemnitzer
Turns out Royal Mail's 'cyber incident ' is a ransomware attack by the Lockbit group. Big question now is what kind of data they have stolen and how good the backups are but I would not expect Royal Mail to pay anything. @ciaranmartinoxf
@thegrugq
theguardian.comRoyal Mail ransomware attackers threaten to publish stolen dataPostal service has been unable to send letters and parcels overseas since Wednesday due to hacking8:16 AM ∙ Jan 13, 2023
1Like6Retweets
Ciaran Martin @ciaranmartinoxf
Are the Royal Mail hackers wading into Northern Ireland’s sectarian divide? 
4:52 PM ∙ Jan 12, 2023
30Likes5Retweets
-
Rory Cormac @RoryCormac
I have thoughts on this list! 

1. It treats “planned” very loosely. An off-the-cuff proposal doesn’t constitute a plan. 
2. It mis-assumes the objective of each was regime change 
3. It overplays UK agency in some of these, when UK role was negligible 
4. Some lack evidence 
9:54 AM ∙ Jan 12, 2023
42Likes10Retweets
-
Lukasz Olejnik (@LukaszOlejnik@Mastodon.Social) @lukOlejnikDrivers of interstate conflict in @wef Global Risk Report. @wefCybersec #Davos23. The part on cyberwarfare norms is quite poor, for example existing norms are ignored and not even mentioned. It didn't have to be this way, but for some reason it is. zurich.com/-/media/projec… 
4:55 PM ∙ Jan 12, 2023
3Likes2Retweets
-
Sir Michael @Michael1979
Here's my tech tutorial on how to be more efficient in your use of spreadsheets 👍 
8:04 PM ∙ Jan 12, 2023
1,091Likes152Retweets
-
Jack Hurley @loudribs
“Completely safe and harmless” 
8:10 AM ∙ Jan 13, 2023
70Likes15Retweets

                            Don't miss what's next. Subscribe to the grugq's newsletter: