Okay, so we may need to adjust our threat models slightly?
"The month-and-a-half long investigation revealed that GruesomeLarch was able to ultimately breach Organization A’s network by connecting to their enterprise Wi-Fi network. The threat actor accomplished this by daisy-chaining their approach to compromise multiple organizations in close proximity to their intended target, Organization A. This was done by a threat actor who was thousands of miles away and an ocean apart from the victim. Volexity is unaware of any terminology describing this style of attack and has dubbed it the Nearest Neighbor Attack."
volexity.com/blog/2024/11/22/t…
https://infosec.exchange/@briankrebs/113527258956300560
@briankrebs Is that new? It reminds me of the 2017 aquarium WiFi thermometer attack. If it wasn't already named, let's call it an "aquarium attack" after that incident. […]
@briankrebs Now do bluetooth. There are many devices that have both wifi and bluetooth, and the latter's security is pretty bad.
@briankrebs I now have a new goal in life.
@briankrebs It is interesting, and makes some sense on a technical level.
Digging into tooling.
@briankrebs I mean, "our wifi was hacked" goes back to other umm, Target attacks?
@briankrebs this is bonkers.
@briankrebs
@briankrebs nice
@briankrebs
Truly illustrates the internet as an ecosystem and a weakness near you is also a weakness to you. This has been true a long time for DDoS.
@briankrebs that's the basic idea of ZTNA isn't it? Change access to be based on (verified) identity rather than network location... Not that anyone is really getting there but at least we have […]
────
────