Drama, Llama, and the return of the forgotten apostle

Hi and welcome to another Security weekly. Where we read every news post on the face of the earth, so you don't have to. (you're welcome)

In this weeks edition:

🥲Windows Defender switches sides

✝️DMARC, the forgotten apostle

🦙IT REALLY WHIPS THE LLAMA'S ASS

🔥the quick and dirty

Reading time: 03:14

Windows Defender switches sides

Last week Lockbit 3.0, a famous ransomware, was found not to only bypass Windows Defender, but to actually use it to deploy other malicious tools.

Through exploiting vulnerabilities like Log4J or Office Macro's, Lockbit is able to secure it's position on the Windows device.Afterwards it leverages already installed libraries and DLL's from Windows Defender to further install a Cobalt Strike beacon. I can't make this any easier, I'm sorry.This technique is called "living off the land" as it makes use of libraries and resources provided by the operating system of legitimate tools. In this case, Windows Defender.Living off the land sounds so cozy, and cuddly though. Can't get mad at that.Windows Defender however does not come off great in this story.

I had way more meme's for this but I was able to control myself..

Ok last one..

DMARC, the forgotten apostle

A recent study by security company Agari showed some alarming numbers when it comes to the use of DMARC.Let's start off by addressing the elephant in the room. What is DMARC? Most people have never heard of it, and are for sure not using it.DMARC or Domain-based message authentication, reporting and conformance is a domain verification protocol very efficient in the combat against domain spoofing.The problem with DMARC is that it's not easy to set-up, and it requires some deeper technical knowledge.Like a lot of security related topics, this scares normies away.DMARC let's you set policies about what should be done with emails sent by your domains, and how the receiving mail server can and should validate these policies.The little brother of DMARC, called SPF, is more often in place. While DMARC enforces policies, SPF does not. So more often than not, nothing is done with the SPF on the receiving end, leaving companies with a false sense of security.

The report by Agari shows that only 34% of Fortune 500 companies have DMARC fully installed. Alarming numbers if you ask me.SYSTEM AND SECURITY ADMINS ALIKE, HEAD THIS CALL!Let's make it our work to deploy DMARC everywhere and prevent domain spoofing once and for all.

IT REALLY WHIPS THE LLAMA'S ASS

Guess who's back?Back again?Winamp's back, tell a millennial. (that's me, I'm that millennial)

Back in 2013 Winamp announced no newer versions were going to be released.The app with the catchiest intro everrrrrr (don't try to tell me it's anything else, you can't convince me) was no more.Weeks of mourning ensued.So you can imagine the grin on my face when I read the news that Winamp is releasing a new version after 4 years of development....Followed by the immediate feeling of sadness realizing this program has no use case anymore.For real, when have you last used a music player? Hit me up with a reply if you do, and which.Most people stream music from various platforms, or watch video's.However, promises of enrolling streaming platforms into their app have been made, but the latest version has not yet brought any new features.Curious how this will play out.

🔥The quick and dirty

• Microsoft Outlook is crashing when reading Uber receipt emails If you were ever looking for the textbook definition of a first world problem, this is it.

• Microsoft announces new external attack surface audit tool to monitor Windows defender? Too soon?

• North Korean Hackers Use Malicious Extensions on Chromium-based Web Browsers to Spy on User Accounts while nobody will be surprised about this news, it's good to note that extensions present a massive danger.

• Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour imagine having your state of the art quantum encryption destroyed in just an hour, by a single core cpu.

• Steve Wozniak Phreaks Out On The History Of Hacking good listen by Apple's Steve Wozniak

• Solid meme'ing by Cybersecurity Ventures, well done. Quality stuff.

Security like I'm five

Don't have time for hours of research? Don't have 20 years of experience in security? Me neither, but I gotchu fam.In Security like I'm five I cover a range of security topics. I do all the hard work, and explain it to you in a practical matter. Lot's of meme's too. Good stuff, good stuff.So sign up for the newsletter and be enlightened! (kinda, don't set the bar too high tho)