Short Takes – 12-10-22

Bypassing air-gapped networks via DNS. Pentera.io article. Pull quote: “DNS attacks, in general, are more common than ever with 88% of organizations reporting some type of DNS attack in 2022 according to the latest IDC Global DNS Threat Report. More specifically, attackers often abuse DNS to establish command and control (C2) to gain unauthorized access to the network. One type of these attacks, DNS Tunneling, which is discussed in this paper, accounted for 28% of DNS attacks in 2022, an increase of just over 16% year over year.”

What Sinema’s party switch means for the Senate. TheHill.com article. Pull quote: ““As long as she votes next year to allow the Democrats to take control of the Senate, the rest of the stuff will fall in line,” Manley added.”

Smart Inverters’ Vulnerability to Cyberattacks Needs to Be Identified and Countered. HomelandSecurityNewswire.com article. Review of IEEE paper. Pull quote: “The paper, published in the IEEE: Transactions on Power Electronics journal, surveys the landscape of smart inverter cybersecurity and identifies attack strategies at the device and grid level. It also looks at ways to defend against, mitigate and prevent them.”

Russia is spying on Telegram chats in occupied Ukrainian regions. Here's how. PwnAllTheThings.com article. Long discussion about Telegram, vulnerabilities and espionage. Pull quote: “Suppose you’re the Russian government, and are performing large-scale interception of Internet traffic from all users in an occupied region. As part of that operation, you watch for all Telegram messages. Any time you see one, you store it into a big database. These messages might be encrypted, but the auth_key_id part of each of these messages is not. The Russian government doesn’t need to do anything special to view them.”

After a massacre, stores, clubs, offices confront whether to reopen — and how. WashingtonPost.com article. Lots of questions, few good answers. Pull quote: “In fact, now there are. Within hours of the Walmart shooting, West, Chesapeake’s mayor, was emailed a copy of a “Mass Shooting Playbook” by the White House Office of Intergovernmental Affairs. It draws on the experience of mayors around the country to guide local leaders through the first 24 hours and then weeks of response and recovery.”

German Coup Plot's Troubling Echoes Here. SpyTalk.co article. Pull quote: “What U.S. law enforcement experts worry most about, however, is a lone extremist, inspired by Trump and the like, carrying out a devastating terrorist act. As with the racists who have attacked schools, synagogues, churches or department stores, most were considered just  cranks, losers, or merely alienated oddballs, like the so-called Michigan Wolverine Watchmen gang who were charged in 2020 with plotting to kidnap and murder Gov. Gretchen Whitmer. Seven of the accused, including Morrison, Musico and Bellar, have now been convicted by a jury or pleaded guilty to playing roles in the conspiracy, Reuters reported.”