[Some Interesting] Cloud ‘n Sec news: 8th July 22
What’s worth your reading time
Skipping them this week.
Microsoft at RSA 2022
A summary of everything Microsoft announced/made at RSA 2022 has been made available.
The post highlights the announcement of Entra, activities throughout the fair, a look at the importance of protecting from Shadow IT with a talk from Bret Arsenault (with slides available in the RSA site) and more.
Network protection for Mobile devices within Defender for Endpoint
A feature now in Public preview allows for mobile devices to detect malicious networks, check out how it works in Bleeping Computer’s article:
Microsoft has introduced a new Microsoft Defender for Endpoint (MDE) feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks.
After enabling the new Mobile Network Protection feature on Android and iOS devices you want to monitor, the enterprise endpoint security platform will provide protection and notifications when it detects rogue Wi-Fi-related threats and rogue certificates (the primary attack vector for Wi-Fi networks).
Threats it can spot include rogue hardware such as Hak5 Wi-Fi Pineapple devices which both pen-testers and cybercriminals can use to capture data shared within the network.
Chinese citizens’ data exposed
A threat actor has claimed they hacked data for 1B Chinese citizens, report from bleeping computer:
An anonymous threat actor is selling several databases they claim to contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins (approximately $195,000).
The announcement was posted on a hacker forum by someone using the handle ‘ChinaDan,’ saying that the information was leaked from the Shanghai National Police (SHGA) database.
Based on the information they shared regarding the allegedly stolen data, the databases contain Chinese national residents’ names, addresses, national ID numbers, contact info numbers, and several billion criminal records.
On Sunday, Binance CEO Zhao Changpeng confirmed that his company’s threat intelligence experts spotted ChinaDan’s claims and said that the leak was likely due to an ElasticSearch database that a Chinese government agency accidentally exposed online.
Learn more about my Cloud and Security Projects: https://linktr.ee/acamillo
Thank you for reading and leave your thoughts/comments!