Jump to content

Unusual threat surfaces


munin
 Share

Recommended Posts

Something that I like to think about once in a while is unusual angles for threats to occur and how to defend against them. You'd expect, for example, your LAN to have a certain set of network-based attacks from outside of the LAN; those are addressed with controls like firewalls or rejecting connections that try to initiate TLS sessions without having the right certificate - but perhaps you might not expect your local ISP being acquired by another corporation and changing how traffic gets routed to you, which might be considered to be a financially-based upstream attack in certain circumstances.

One particularly oddball one that I saw once involved a Password Manager - that was the guy's job title; this one bank in ASIAPAC had a policy that all logins had to be performed by this one individual via remote desktop connections to each of the tellers' workstations. In this case, the org regarded -the tellers themselves- as a threat surface that could impact their organization's stability.

What are some unusual threat surfaces that you've seen? And how were they mitigated?

  • Like 1
Link to comment
Share on other sites

I had a coworker that bought one of those 16TB USB sticks and he tried to use it on his work machine. We also get a lot of malicious mails from company's we work with (They got hacked).
One of them was sending outlook meetings with bots that spammed malware to everyone :classic_biggrin: It was super annoying. But for the most part its always user related.

  • Haha 2
Link to comment
Share on other sites

Facebook's "Prineville problems" immediately come to mind.  They ended up having to bury miles of power and fiber lines that feed their Prineville data center because people kept shooting the insulators on the towers.  Sort of a variation on the traditional "fiber seeking backhoe" problem.

  • Like 2
Link to comment
Share on other sites

16TB USB sticks

On 11/9/2022 at 5:10 PM, Chauke said:

16TB USB sticks

The OSI layer 8 and how much trouble they can give. 

Best example of a USB drive I saw was LNK file which executes a cmd (pretty common) but the malware was in the recycle bin and the cmd command then opend a real folder with user data on it. Which was the best malicious USB drive I have ever seen.

Cracked software is sometimes not easy to find when malicious either. Thank god for behavior detctions, without it hard to see that one of the dll or tmp file in photoshop isn't the right one

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...

https://twitter.com/_ChezDaniela/status/1594428625516134400

Poster was charging their EV overnight when the charger got hit by freezing rain which locked their charging cable to the charger.  Those cables are expensive enough you don't want to abandon
one, so they were stuck waiting for a service tech to come free their cable.

In other news, new denial of service technique for EVs in cold climates just dropped
https://www.homedepot.com/p/HDX-2-Gal-Pump-Sprayer-1502HDXA/307766539

  • Haha 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...