Happy Tuesday, y’all! While we’ve all been busy this week debating the merit of single-possession overtime in organized ball sports (the correct answer is: “it’s stupid; fix it”), quite a few interesting things have been going on in the security world. I guess that’s becoming standard, but there were reports of some pretty newsworthy stories that I didn’t see on either the 7am, 10am, Noon, 4pm, 5pm, 6pm, or 10pm news - and as a middle-aged white dude, I watch them all!
So here are a few stories that seemed worthy of mention this week, at least by me:
Google Drive now warns you of suspicious phishing, malware docs
Today in “Lol, it’s about time”-news...Google has announced that Drive will finally start showing warnings about malicious files that are shared with your account. From the article: "Google will automatically evaluate any files that are shared with you from outside of your organization for phishing or malware. If detected, Google will block your access to the file in order to protect you." As someone who actually pays for Drive, this is pretty good news, as long as it works.
Senators Introduce Bill to Protect Satellites From Getting Hacked
As we rely more and more on commercial satellites for things like global telecommunications and watching Australian Netflix, they’re obviously going to become bigger targets for bad actors. This bill would basically give CISA the authority to require specific security standards in commercial satellites, to help prevent hacks/etc. “...hackers could shut satellites down, denying access to their service or jam signals to disrupt electric grids, water networks, transportation systems, and other critical infrastructure.”, according to Homeland Security. Sound serious enough? Speaking of serious stuff...
Hacktivists say they hacked Belarus rail system to stop Russian military buildup
And finally, in “hack heard ‘round the world news”...if this is true, well...get ready. This would be a pretty unprecedented use of ransomware, at least in the public record. This kind of thing has obviously happened before, but not quite so loud and proud. The group claiming responsibility calls itself “Cyber Partisans”, and their representative had this to say for the article: "This network has many entry points and is not well isolated from the Internet….Cyber partisans entered from one of these points and then opened many other entry points from within.” Things are getting pretty hot on that border, y’all. Stay safe out there!