Welcome to Codebook, the cybersecurity newsletter that falls asleep in Ubers.
Illustration: Sarah Grillo/Axios
Heartbleed, a dangerous security hole in widely used web-security software, made its public debut five years ago this week. It proved a landmark moment for cybersecurity and, perhaps even more so, for the marketing of cybersecurity firms.
Why it matters: Heartbleed was both a security nightmare and a professionally branded marketing event, and that pairing set a new default for how security research makes its way into the world.
Background: When the security firm Codenomicon announced Heartbleed to the public, it came with a professionally designed logo and a standalone website.
The catch: Branding can often overinflate less severe bugs. That might be smart marketing, but it's a problem for people trying to fix what's important.
The ethics can get hazy. There have been instances of overhyped branded vulnerabilities apparently being marketed to manipulate stock prices, or vastly overstated vulnerabilities shifting the security conversation.
The big picture: The obvious alternative to using clever names would be to use the ID numbers registered in vulnerability databases.
The bottom line: "We rarely find Heartbleed vulnerabilities in systems anymore. The same goes for most of the other 'branded' vulnerabilities. And yet we do still find boring old MS08-067 and MS17-010 all the time," said Thomas.
WikiLeaks editor-in-chief Julian Assange was arrested at Ecuador's London Embassy Thursday after the country withdrew its offer of asylum.
Why it matters: That the indictment focuses on Assange the hacker, not Assange the reporter, blunts a long held press freedom argument not to charge him with crimes. All journalists rely on leaks, and many relied on classified information publicized by WikiLeaks, making a river of journalists guilty of whatever Assange was guilty of.
Why it matters (to my mom): If charges had been focused on being an intelligence asset of Russia by publishing leaks (they aren't), that'd be a blow to, well, me specifically. I directly received and reported on documents from Guccifer 2.0, the avatar of Russia's hacking efforts in the 2016 election.
Go deeper: Assange's previously reported upon activities appear to have gone far beyond journalistic practice into what most reporters would consider criminality. He potentially:
All of those things would appear to be illegal. No, it doesn't matter if the password on a website is easy to guess.
Stuxnet, malware thought to be created by the United States and Israel to hinder the Iranian nuclear program, has a more interesting history than we previously thought. So say Chronicle researchers Juan Andres Guerrero-Saade and Silas Cutler, who posited new breakthroughs at a Kaspersky Lab conference in Singapore.
Why it matters: Stuxnet is perhaps the most important malware of all time. The 2010 effort was the first introduction to true potential of cyberwarfare, causing physical damage to the chemical procedures to develop nukes in Iran.
But, but, but: Stuxnet wasn't an all new weapon. Components of malware were repurposed from other attacks. It had generally been thought Stuxnet drew from the efforts of the three programming teams behind Fanny, Flame and Duqu malware.
Be smart: A new programming group doesn't necessarily mean new nations were involved. "Additional frameworks points us to additional distinct teams and development resources. Whether that’s additional groups, institutions, or countries is beyond our ability to track in the code," said Guerrero-Saade.
Also: The team made new discoveries about Flame and Duqu, celebrity espionage malware in their own right.
1. Notorious TRITON malware resurfaces:
The attackers who launched TRITON, a notorious industrial-system-focused malware only known to have been used once, have struck a second target, according to researchers at FireEye presenting at the Kaspersky Lab SAS Summit in Singapore.
2. A city-sized network of hackers was ousted from Facebook:
Cisco's Talos research team announced Friday it had discovered 74 Facebook groups where hackers bought and sold cybercrime tools and services. The groups networked together as many as 385,000 members speaking a bevy of different languages.
3. DHS head Kirstjen Nielsen resigns:
Nielsen's chapter in history will almost definitely be written about her immigration activities. But she had unmistakable successes in cybersecurity, particularly the following.
See you on Thursday (remember, we're now weekly)