WyzGuys Tech Talk

A quick Saturday digest of cybersecurity news articles from other sources.

The Internet Society Defends Encryption

Last year, on Global Encryption Day, we reached millions of people with our mission to promote and defend strong encryption for everyone. This year, on 21 October 2022, even more of us need to drive the message home.

Encryption is a vital tool that keeps us safe both online and offline. Weakening it puts us all at risk.

What Is Encryption?

• Encryption allows us to share private data online in a secure way. With encryption, people can communicate, safe in the knowledge no-one is listening in.
• Policymakers and law enforcement are putting all this at risk by creating ways to break into your encrypted data.
• But, you can’t just allow certain people to break encryption. If law enforcement can break in to your information, so can criminals

Inside Fog Data Science, the Secretive Company Selling Mass Surveillance to Local Police

EFF staff put together a series on Fog Data Science, a data broker that has been selling raw location data about individual people to federal, state, and local law enforcement agencies. This personal data isn’t gathered from cell phone towers or tech giants like Google—it’s obtained by the broker via thousands of different apps on Android and iOS app stores as part of the larger location data marketplace.

FBI and CISA Publish a PSA on Information Manipulation Tactics for 2022 Midterm Elections

Original release date: October 7, 2022

The Federal Bureau of Investigation (FBI) and CISA have published a joint public service announcement that:

• Describes methods that foreign actors use to spread and amplify false information—including reports of alleged malicious cyber activity—in attempts to undermine trust in election infrastructure.
• Confirms “the FBI and CISA have no information suggesting any cyber activity against U.S. election infrastructure has impacted the accuracy of voter registration information, prevented a registered voter from casting a ballot, or compromised the integrity of any ballots cast.”

The PSA also describes the extensive safeguards in place to protect election infrastructure and includes recommendations to assist the public in understanding how to find trustworthy sources of election-related information.

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

When U.S. consumers have their online bank accounts hijacked and plundered by hackers, U.S. financial institutions are legally obligated to reverse any unauthorized transactions as long as the victim reports the fraud in a timely manner. But new data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule.

The findings came in a report released by Sen. Elizabeth Warren (D-Mass.), who in April 2022 opened an investigation into fraud tied to Zelle, the “peer-to-peer” digital payment service used by many financial institutions that allows customers to quickly send cash to friends and family.  More,,,

It’s Ada Lovelace Day!

Hacking on actual computers is one thing, but hacking purposefully on imaginary computers is, these days, something we can only imagine.

Serious Security: OAuth 2 and why Microsoft is finally forcing you into it

Microsoft calls it “Modern Auth”, though it’s a decade old, and is finally forcing Exchange Online customers to switch to it.

No fix in sight for mile-wide loophole plaguing a key Windows defense for years

Lazarus is latest group to pull off “bring your own vulnerable device” attack.

Over the past 15 years, Microsoft has made huge progress fortifying the Windows kernel, the core of the OS that hackers must control to successfully take control of a computer. A cornerstone of that progress was the enactment of strict new restrictions on the loading of system drivers that could run in kernel mode. These drivers are crucial for computers to work with printers and other peripherals, but they’re also a convenient inroad that hackers can take to allow their malware to gain unfettered access to the most sensitive parts of Windows. With the advent of Windows Vista, all such drivers could only be loaded after they’d been approved in advance by Microsoft and then digitally signed to verify they were safe.

Last week, researchers from security firm ESET revealed that about a year ago, Lazarus, a hacking group backed by the North Korean government, exploited a mile-wide loophole last year that existed in Microsoft’s driver signature enforcement (DSE) from the start. The malicious documents Lazarus was able to trick targets into opening were able to gain administrative control of the target’s computer, but Windows’ modern kernel protections presented a formidable obstacle for Lazarus to achieve its objective of storming the kernel.  More…

CISA Releases RedEye: Red Team Campaign Visualization and Reporting Tool

Original release date: October 14, 2022

CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye allows an operator to quickly assess complex data, evaluate mitigation strategies, and enable effective decision making.

For more information, CISA encourages users to review RedEye on GitHub and watch CISA’s RedEye tool overview video.