Patchless patching, IPv6-enabled RCE, room searches at DEF CON, and Moon GPS – ESW #372

Adrian Sanabria

1. ACQUISITIONS: Fortinet Strengthens Its Top-Tier Unified SASE Solution with Acquisition of Enterprise Data Security Company Next DLP
2. ACQUISITIONS: OPSWAT Acquires InQuest, Strengthening Federal Go-to-Market Strategy, Network Detection, and Threat Intelligence Capabilities – OPSWAT
3. ACQUISITIONS: EQT to acquire a majority stake in Acronis, Acronis continues to expand its platform for MSPs
4. ACQUISITION RUMORS: Trend Micro explores sale, sources say

   This would be momentous. Trend Micro is one of the last remaining big OG security vendors started in the 1980s, along with F-Secure (now WithSecure). The Japanese market seems to be hurting them pretty bad right now though (they used to be on the NASDAQ, but are now public in Tokyo)

5. ACQUISITION RUMORS: CrowdStrike eyes Action1 for $1B amid fallout from Falcon update mishap
6. NEW FEATURES: “Patchless Patching” for Zero Days: Qualys Advances Vulnerability Management

   Darwin has some thoughts on this one, I think.

   Adrian's question: how is this different from virtual patching, which was a thing 20+ years ago! Also, I've been using 0Patch for years (inserts virtual patches into running processes). Other approaches (like Cyvera, acquired by PANW in 2014) block known exploit attempts rather than creating virtual patches that need to be exploit/vuln-specific.

7. ESSAYS: BlackHat Innovators & Investors Quick Hits
8. ESSAYS: Let’s get real: there is no such thing as “gatekeeping” in cybersecurity

   A very controversial-sounding title that ends up not being all that controversial once he qualifies the statement with "with regards to entry-level folks trying to find their first job in cybersecurity."

9. ESSAYS: Software’s Iron Triangle: Cheap, Fast and Good – Pick Two

   From Chris Hughes

   At Black Hat, Jen Easterly dropped a few instantly iconic quotes.

   “We don’t have a cybersecurity problem. We have a software quality problem.”

   I mean, of course this is an oversimplification of cybersecurity's problems, but I think it's even worse than that. I think this applies to a subset of IT and most third party vendors, but even if you have no in-house dev team, you still have some pretty serious cybersecurity concerns. I think our software quality problem is just a small part of our system-level design and engineering problem.

   She also said,

   “We have a multi-billion dollar cybersecurity industry because for decades, technology vendors have been allowed to create defective, insecure, flawed software.”

   Which I think is fair.

10. STANDARDS: NIST Releases First 3 Finalized Post-Quantum Encryption Standards

    We interviewed Vadim Lyubashevsky, one of the authors of these quantum safe algorithms, back in episode 315, check it out here!

11. VULNERABILITIES: Windows TCP/IP Remote Code Execution Vulnerability

    A critical vulnerability that is RCE and exploitable via IPv6. The only options seem to be to disable IPv6 or patch! This one could get VERY spicy in the near future if exploits emerge.

12. VULNERABILITIES: Microsoft Azure AI Health Bot Infected With Critical Vulnerabilities
13. DUMPSTER FIRES: Here are the Hacker Tools a DEF CON Hotel is Hunting For
14. DUMPSTER FIRES: Azure outages should spark new urgency for a multi-cloud approach
15. LAYOFFS: Cisco to lay off thousands more in second job cut this year, sources say

    Also heard that Dell is laying off over 10,000 employees, yikes!!!

16. STUNT HACKING: Watch How a Hacker’s Infrared Laser Can Spy on Your Laptop’s Keystrokes

    Just because it's stunt hacking doesn't mean it's not fun!

17. HOT TAKES: Pramod Gosavi on LinkedIn: Gartner cancels SOAR, calling it obsolete…
18. SQUIRREL: What Time Is It on the Moon?