Welcome HeyHack, Security Co-Pilot, and Roku Breach, March 10th – March 17th - This Week in Security
Editor's Introduction
This week in security editor is Jordan this week. For today's TWIS I chose topics of HeyHack, Security Co-Pilot from Microsoft, and a recent Roku Breach.
We in F5 SIRT invest a lot of time understanding the frequently changing behavior of bad actors. Bad actors are a threat to your business, your reputation, and your livelihood. That’s why we take the security of your business seriously. When you’re under attack, we’ll work quickly to effectively mitigate attacks and vulnerabilities, and get you back up and running. So next time you are under security emergency please contact F5 SIRT.
Welcome HeyHack !
First, I'm very excited to post that F5 has announced new automated reconnaissance and penetration testing capabilities for F5 Distributed Cloud Services. These capabilities, enabled via the acquisition of Heyhack, make it easier for customers to protect the exploding number of applications and APIs across today’s multi-cloud environments. In line with our guiding principle of offering ridiculously easy app security and delivery, HeyHack brings a very user-friendly and easy-to-setup solution, with comprehensive application login support, coverage of modern and legacy applications, and great documentation, including video evidence of issues that are found. By integrating automated penetration testing and cybersecurity posture management, Heyhack provides organizations with tools for proactive, ongoing security assessments. This approach helps in identifying vulnerabilities early, assessing the organization's defense mechanisms, and implementing strategies for continuous improvement, thereby enhancing overall security resilience. I'm very excited about the advancements and opportunities we have to change the face of application security moving forward.
Microsoft Announces Security Co-Pilot
Microsoft's upcoming Copilot for Security, launching on April 1, 2024, represents a pioneering approach to security through generative AI, merging extensive threat intelligence with a specialized language model unique to Microsoft. This integration not only offers real-time insights but also scales security capabilities across all organization sizes with a flexible model. Its distinction lies in the fusion of AI with Microsoft's advanced security features, informed by the analysis of over 65 trillion signals daily, ensuring defenders have the tools to counteract AI-empowered threats effectively. This initiative underscores the vital shift in cybersecurity strategies, emphasizing the need for advanced AI defenses in an era where attackers also harness AI's power. Hoping it's not just an April Fools' Day joke...
Roku Breach
In a recent disclosure, Roku reported a significant data breach impacting 15,363 accounts, highlighting the ever-present dangers in the digital world. This breach not only allowed the hackers to view sensitive account information but also enabled them to make unauthorized purchases of streaming subscriptions by altering the account details. In response to this breach, Roku has taken steps to secure the affected accounts and is in the process of reversing any unauthorized transactions.
The method of attack, known as credential stuffing, underscores the risks associated with the reuse of passwords across multiple services. Credential stuffing uses previously exposed login credentials from other breaches to attempt access on different platforms. The origin of term "credential stuffing", was coined by Sumit Agarwal, a co-founder of Shape Security and an ex-employee of F5. This term has since become integral to discussions about cybersecurity, emphasizing the innovative yet potentially harmful ways in which hackers exploit digital vulnerabilities.