This is our second threat intelligence post. Each week, if appropriate, we will aim to share some wider industry news that might impact our clients.
What we cover will depend on what has been happening the previous week, this week, for example, is a much shorter update.
Ruby
Some of the folk that previously maintained and operated RubyGems.org have started a new server for hosting gems https://gem.coop.
No action needed unless your team feels they want to migrate away from RubyGems (which is understandable).
Github
Github recently rolled out sign in with Apple. Unless your organisation specifically requires this, I would recommend against employees tying log in to Apple IDs.
They are also deprecating some @dependabot commands, if your team uses Dependabot in workflows or manually, check in that they aren’t relying on the deprecated commands.
Wider / Misc notes
The US Government has shut down. My understanding from talking with some folk over there is larger companies are likely unaffected, smaller companies may be a little bit more cautious with their spending.
There is certainly a greater scope for scams during periods of political and governmental turbulance.
Docker are sharing access to Hardened Images which are images with near-zero CVEs attached to them.
This final article, about a Mic-E-Mouse attack was too interesting not to share. Hackers were able to “listen in” based on mouse sensors. Very fun!
About this post
Knowing some of the wider issues within your application’s ecosystem can help you plan for the future and act appropriately.
One of the roles we perform for some of our clients is being that trusted source of knowing some of the wider ecosystem challenges.
For years we have been doing this in various ways. Formal quarterly briefings, ad hoc “heads-up” emails, or silently adjusting the roadmap to accommodate wider context changes.
Since most of our clients share common attributes, we mostly do Ruby development, mostly deploy to a couple of vendors, etc. etc. it makes sense to share this knowledge in one place so that others may benefit from it.
If you’ve found this post useful, but don’t have availability on your team to consider it more, please do get in touch as we might be able to help.
Some disclaimers
This is for general information, and just because we share something doesn’t mean we agree or disagree with it, it just means it is a thing to be aware of.
This post doesn’t claim to be a summary of absolutely everything that has happened, we are human and we will miss things, or forget to write about things we’ve seen.
To our clients
We will never share here something specific to one client, and this doesn’t replace whatever we are currently doing for you, and don’t worry, we are compiling this in our personal time!
What is threat intelligence
Threat intelligence is evidence-based knowledge that provides context, indicators, and action-oriented advice on both existing and emerging threats to your systems.
The point of the intelligence is to help businesses make more informed decisions about their roadmap and future plans.