Scar•dip•dap

Privacy

AT&T recently made public a massive theft of customer data from nearly all current and former customers between May 1 and October 31, 2022. Phone numbers of all call and text interactions from May 1,2022 to October 31, 2022 were included in the affected data set, which was stolen from a 3rd party cloud provider contracted by AT&T. This also includes data from MVNOs like Boost, Consumer Cellular, and Cricket.

Anyone who uses mobile-based 2FA or MFA codes should be particularly concerned. With the information gained from this breach, malicious actors can easily compile a list of targets for SIM swap or other mobile attacks, with the goal of gaining access to sensitive accounts. As always, I recommend using a pair of hardware keys, such as Yubikeys for any MFA prompts. Best practice is to have one on you and another stored in a safe place as a backup. There are simply too many points of failure in text-based MFA to recommend it any longer. [1][2]

Security

On July 19th, 2024, 8.5 million Windows PC's and Servers were sent into reboot loops due to a faulty update sent out by a Microsoft security partner, CrowdStrike. This affected several industries including travel, healthcare, and other critical sectors. Many were left asking how this could happen while ignoring a few obvious factors:

1. Cloud providers have overtaken on-premise servers and data centers, each with their own patch and vetting schedules.
2. Microsoft granted CrowdStrike what looks like unfettered access to the kernel, the core of its operating systems, as a result of a European Commission agreement, and finally
3. Complete reliance on Microsoft in the data center

In summary: The Crowdstrike outage was a problem that most IT Graybeards saw or could see coming a mile away. When you outsource the management and visibility of your entire infrastructure and let programs run in kernelspace, these kinds of outages are inevitable. A staggered patching schedule and mixed operating system environments may not solve all these issues, but they'll go a long way. Come to think of it: a DR plan wouldnt hurt either.

Automation

If you're looking to get started with Home video cameras and are looking for a more privacy-focused option than ring or blink, take a look at Reolink. An Argus PT Ultra Pan/Tilt/Zoom camera sending its video to a Reolink Home Hub is a great place to start. Bonus: The Home Hub integrates with Synology Video Station and Home Assistant, which is my new favorite home automation platform.[4][5]

Sources:

• [1] Krebs on Security: Crooks Steal Phone, SMS Records for Nearly All AT&T Customers
• [2] Yubikey 5 Series
• [3] The Verge: CrowdStrike blames test software for taking down 8.5 million Windows machines
• [4] Reolink Argus PT Ultra
• [5] Reolink Home Hub

1. Except where explicitly mentioned, absolutely no part of this newsletter was created with AI.
2. All opinions expressed are solely my own and do not reflect the views or opinions of my employer or anyone else.
3. For support with any mentioned product, please reach out to the vendor first.