These are the stories that relate to our careers, clients, and businesses in the cybersecurity world for the Week of June 5th, 2021. This week is just written since the news of the week was pretty light and we needed a chance to test some new production methods moving forward. The YouTube and podcast versions will return next week.

CFAA Gets Narrowed By the Supreme Court

SC Magazine reported on Thursday that a ruling by the US Supreme Court has now narrowed the interpretation of the Computer Fraud and Abuse Act or CFAA. The CFAA which was enacted into law in 1986, was meant to prohibit the access of a computer without authorization, or in excess of authorization. The ruling corresponded to the case of Van Buren v. United States. Nathan Van Buren was a police officer in Georgia who took a bribe in exchange for using his access to the law enforcement database to lookup license plate information for an acquaintance. Prosecutors sought to convict Van Buren under the CFAA since the actions were outside the purview of his job.

In the court’s majority opinion written by Justice Amy Coney Barrett, the court said that provisions of the CFAA that the prosecution used in the conviction of Van Buren were meant to cover those who obtain information from areas of a computer to which their access doesn’t extend and not misuse of their access. Many have been concerned about how the CFAA’s vagueness allowed Federal Prosecutors too much leverage to charge ethical hackers or even regular users with computer crimes for innocuous breaches of terms of usage.

Read the full story and quotes from others on both sides of the ruling over at SC Magazine.

SonicWall Issues Advisory for Network Security Manager Vulnerability

SonicWall issued a security advisory back on May 27th for a command injection vulnerability in the on-premises version of SonicWall Network Security Manager. The vulnerability allows the potential for an authenticated user to execute privileged commands on the operating system that NSM is installed on. SonicWall recommends customers using Network Security Manager 2.2.0-R10-H1 and earlier to upgrade immediately.

Read the full details on the advisory over on SonicWall‘s website.

Vulnerability in Apple’s New M1 Chip Allows Applications to Covertly Exchange Data

Researcher marcan42 on Twitter identified a vulnerability in Apple’s new M1 chip which I found interesting. The vulnerability allows any two applications that are running under an OS to covertly exchange data between them. While the functionality observed is not intended, there’s no actual nefarious use for this flaw. It can also be mitigated by running your OS in a VM.

So, no reason to go throwing out your latest M1-powered Apple devices. Just something interesting to learn.

You can learn more about the flaw and the research over on the site M1RACLES.

Domains Used in Recent USAID Phishing Attacks Seized

Bleeping Computer is reporting that the US Department of Justice seized two of the domains used in recent phishing attacks that were impersonating the US Agency for International Development or USAID, to distribute malware and gain access to networks. Microsoft initially disclosed these attacks last Thursday, as we noted in last week’s show, citing that the attacks were conducted by NOBELIUM, a Russian state-affiliated hacking group.

Targeted recipients who received the emails and clicked on the enclosed links would be prompted to download HTML attachments that would install four new malwares created by the threat actors, along with Cobalt Strike which would lead to full access to victims’ computers and their networks.

You can read the full story over on Bleeping Computer.

Multi-National Meat Company JBS Back Online After Ransomware Attack

Bleeping Computer reported on Friday that JBS, the world’s largest beef producer, has returned to full operation and capacity after they had to shut down production on May 31st due to a ransomware attack. The FBI confirmed on Wednesday that the REvil ransomware group was behind the attack on JBS. JBS was able to restore operations quickly since backup servers were not impacted, and restoration was prioritized to systems critical to production to reduce the impact on the food supply chain, producers, and consumers.

As a result of this, JBS USA and Pilgrim’s said in a press release Thursday, that they were able to limit their production loss to less than one day’s worth, and that REvil’s operators had been unable to gain access to the company’s core systems, which significantly reduced the impact of the attack.

You can read the full story over on Bleeping Computer.

Other Things of Interest for the Week

Alyssa Miller’s TEDx Talk on “Solving The Tech Skills Gap at Your Local Coffee Shop“.

LGBT Tech Offers Tips for Staying Safe Online.

Handy guides for how to choose the right Microsoft tool for managing your work.

An Introduction to AD Querying with DSQuery and LDAP Search.

Involved in HIPAA?

The National Institute for Standards and Technology (NIST)’s comment period for HIPAA implementation guidance is open through June 15th. Be sure to take the opportunity to provide your feedback.

That’s all for this week’s security news. Come back every Saturday for the next rendition and we’ll be back with the podcast and YouTube versions next week. Stay safe out there friends.