Application Security This Week for December 20

So, hey, yeah, how are all of you.  Clearly SolarWinds has completely overwhelmed the news this week, so I have a couple of notes about that. To those of you who are having to deal with this, I am with you in spirit. Doing what I can here from The Bunker to help you out.

Here was my first indication there was a problem, I believe.  It’s pretty old news now.

https://thehackernews.com/2020/12/new-evidence-suggests-solarwinds.html

I spoke about Supply Chain problems at the Central Ohio .NET Developer’s group in March.  Oddly timed.

https://www.youtube.com/watch?v=KWt0Brcc2Ag

MicroSolved has a good writeup you should read.

https://media.microsolved.com/SolarWindsBrief.pdf

This is Microsoft’s breakdown on DLL Injection.  For the record, I attended a BoF session on this at DefCon 15(!) and everyone I talked to blew it off.  Guess not.

https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/

Some other news, thank goodness.

Github is gonna ban passwords.

https://www.theregister.com/2020/12/17/github_bans_passwords/

The NSA finally figured out that authentication systems are under attack.

https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2451159/nsa-cybersecurity-advisory-malicious-actors-abuse-authentication-mechanisms-to/

And finally, a short article about memcpy. 

https://r2c.dev/blog/2020/when-devsecops-goes-wrong-a-short-lesson-from-huaweis-source-code/

That’s the news, folks, have a great holiday and end-of-year. May your systems be secure and your code be frozen.