{"id":19286,"date":"2021-12-30T15:49:52","date_gmt":"2021-12-30T20:49:52","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/security-2021-year-in-memes\/19286\/"},"modified":"2022-01-04T14:36:26","modified_gmt":"2022-01-04T10:36:26","slug":"security-2021-year-in-memes","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/security-2021-year-in-memes\/19286\/","title":{"rendered":"2021 information security memes and tweets"},"content":{"rendered":"<p>In the twenty-first century, detailed descriptions and <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/poc-proof-of-concept\/\" target=\"_blank\" rel=\"noopener\">proofs of concept<\/a> just aren\u2019t enough to draw everyone\u2019s attention to a vulnerability. You need a catchy marketing name, a logo, and an unavoidable bundle of memes on Twitter. All kinds of researchers, IT journalists, industry workers, and sympathetic users amuse each other with funny images all the time.<\/p>\n<p>And in general, it\u2019s actually useful: After seeing a meme, plenty of people read about what happened, and sometimes they even take steps to fix the vulnerability \u2014 or at least do what they can to avoid making the same mistake and getting featured in a new meme. Also, by considering the number of memes following another incident, we can get some idea of the extent of a problem. If we were to rely solely on memes to learn the latest news on cybersecurity, we would remember 2021 as being something like this:<\/p>\n<h2>January: WhatsApp privacy policy update<\/h2>\n<p>The year began with millions of WhatsApp users suddenly learning of an update to the service\u2019s privacy policy. The result was a mass exodus to <a href=\"https:\/\/www.kaspersky.com\/blog\/telegram-privacy-security\/38444\/\" target=\"_blank\" rel=\"noopener nofollow\">Telegram<\/a> and at the suggestion of a famous doge breeder, to <a href=\"https:\/\/www.kaspersky.com\/blog\/signal-privacy-security\/40377\/\" target=\"_blank\" rel=\"noopener nofollow\">Signal<\/a>, both of which <a href=\"https:\/\/www.businessinsider.com\/telegram-hits-500-million-users-after-whatsapp-backlash-2021-1\" target=\"_blank\" rel=\"nofollow noopener\">noted<\/a> significant audience growth. We think this meme sums up the situation with WhatsApp\u2019s new privacy policy best:<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Basically this is what Whatsapp is doing <a href=\"https:\/\/t.co\/3p7wZoEYl6\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/3p7wZoEYl6<\/a><\/p>\n<p>\u2014 Lekompo (@Onka_Shole) <a href=\"https:\/\/twitter.com\/Onka_Shole\/status\/1348379176437510151?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">January 10, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>February: FootfallCam 3D Plus IoT cameras\u2019 epic security breakdown<\/h2>\n<p>IoT device security is famously bad, but just when you think you\u2019ve seen it all, some smart device manufacturers manage to surpass all expectations. This thread on Twitter explains it all (careful not to face-palm yourself too hard):<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">By the way, that little \u201cnubbin\u201d on the outside in the WLAN dongle. It\u2019s just a standard Pi dongle literally painted white.<\/p>\n<p>The device instantly crashes when you pull it out.<\/p>\n<p>19\/18 <a href=\"https:\/\/t.co\/0nc6fVo7QT\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/0nc6fVo7QT<\/a><\/p>\n<p>\u2014 OverSoft (@OverSoftNL) <a href=\"https:\/\/twitter.com\/OverSoftNL\/status\/1357306500386086915?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 4, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>March: ProxyLogon vulnerability<\/h2>\n<p>In early March, Microsoft released patches for Exchange that addressed several serious vulnerabilities in the system. That\u2019s a pretty common occurrence, but check out the catch: Attackers had been actively exploiting some of the vulnerabilities, reportedly since January or even earlier. By the time the patch was released, <a href=\"https:\/\/krebsonsecurity.com\/2021\/03\/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software\/\" target=\"_blank\" rel=\"nofollow noopener\">more than 30,000<\/a> organizations in the US had been hacked.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Poor kid <a href=\"https:\/\/twitter.com\/hashtag\/ProxyLogon?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#ProxyLogon<\/a> <a href=\"https:\/\/t.co\/1MlUwBRUAU\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/1MlUwBRUAU<\/a><\/p>\n<p>\u2014 Florian Roth (@cyb3rops) <a href=\"https:\/\/twitter.com\/cyb3rops\/status\/1369773943188520963?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">March 10, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>April: Signal trolls Cellebrite<\/h2>\n<p>For those who don\u2019t know, Cellebrite produces equipment for law enforcement agencies, enabling employees to hack into smartphones easily and conveniently and retrieve information of interest from them. That\u2019s why the company holds a special place in the hearts of privacy advocates. In late 2020, Cellebrite announced its products were beginning to support Signal. In response, the Signal team published a study of vulnerabilities in Cellebrite software and used an unparalleled teaser to accompany it:<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Our latest blog post explores vulnerabilities and possible Apple copyright violations in Cellebrite's software:<\/p>\n<p>\"Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective\"<a href=\"https:\/\/t.co\/DKgGejPu62\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/DKgGejPu62<\/a> <a href=\"https:\/\/t.co\/X3ghXrgdfo\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/X3ghXrgdfo<\/a><\/p>\n<p>\u2014 Signal (@signalapp) <a href=\"https:\/\/twitter.com\/signalapp\/status\/1384906127360548869?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">April 21, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>May: Ransomware attack on Colonial Pipeline<\/h2>\n<p>A <a href=\"https:\/\/www.kaspersky.com\/blog\/pipeline-ransomware-mitigation\/39907\/\" target=\"_blank\" rel=\"noopener nofollow\">ransomware attack on the Colonial Pipeline<\/a>, the largest US pipeline system moving petroleum products, disrupted gasoline and diesel supplies along the southeast coast of the country. The incident sparked a lot of discussion about how to protect such businesses, and the company\u2019s announcement of a search for a new cybersecurity manager went viral on social media, with the comment \u201cThey probably have a decent budget now.\u201d<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">They probably have a decent budget now <a href=\"https:\/\/t.co\/ptUDOgHjZN\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/ptUDOgHjZN<\/a><\/p>\n<p>\u2014 Justin Elze (@HackingLZ) <a href=\"https:\/\/twitter.com\/HackingLZ\/status\/1392499874197872646?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">May 12, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>June: Congressman accidentally publishes e-mail password and PIN<\/h2>\n<p>US Congressman Mo Brooks, a member of the US House Armed Services Committee, and specifically of a subcommittee dealing with cybersecurity, made an unusual contribution to popularizing secure password storage. Using his personal Twitter account, he posted a photo of his monitor along with a sticker that had his Gmail account password and a PIN code on it. Talk about playing the <a href=\"https:\/\/www.kaspersky.com\/blog\/unusual-ways-to-leak-info\/36049\/\" target=\"_blank\" rel=\"noopener nofollow\">classics<\/a>! The tweet hung around for several hours and went viral. Although Brooks finally deleted it, it was too late:<\/p>\n<p>https:\/\/twitter.com\/Josh_Moon\/status\/1401678401946243073<\/p>\n<h2>July: PrintNightmare vulnerability<\/h2>\n<p>Researchers seem to have mistakenly published on GitHub proof-of-concept attack using <a href=\"https:\/\/www.kaspersky.com\/blog\/printnightmare-vulnerability\/40520\/\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-34527 and CVE-2021-1675<\/a> vulnerabilities in the Windows Print Spooler. Fearing that attackers would quickly adopt the published method, Microsoft rolled out an urgent patch without even waiting for Update Tuesday. Moreover, even outdated Windows 7 and Windows Server 2012 were patched. The patches didn\u2019t solve the problem completely, however; some printers stopped working after it was installed.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">That\u2019s one way to remediate <a href=\"https:\/\/twitter.com\/hashtag\/PrintNightmare?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#PrintNightmare<\/a> <a href=\"https:\/\/t.co\/HjRs579cJM\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/HjRs579cJM<\/a><\/p>\n<p>\u2014 TechxSigil\u2623\ufe0f (@techxsigil) <a href=\"https:\/\/twitter.com\/techxsigil\/status\/1419336640162680839?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">July 25, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>August: Black Hat and DEF CON<\/h2>\n<p>August was pretty quiet by 2021 standards. Of course, a few incidents proved worthy of immortality-by-meme, but perhaps the most memorable was the suffering of BlackHat and DEF CON regulars, who under COVID-19-related restrictions could not make it to Las Vegas this year.<\/p>\n<p>https:\/\/twitter.com\/Djax_Alpha\/status\/1423741831968342016<\/p>\n<h2>September: OMIGOD vulnerability<\/h2>\n<p>Microsoft Azure users <a href=\"https:\/\/www.kaspersky.com\/blog\/vulnerabilities-in-omi-azure\/41977\/\" target=\"_blank\" rel=\"noopener nofollow\">suddenly discovered<\/a> that when they selected a range of services, the platform installed an Open Management Infrastructure agent on the virtual Linux machine while creating it. That would not be so scary if (a) the agent did not have long-known vulnerabilities, (b) the clients were notified about the agent installation, (c) OMI had a normal automatic-update system, and (d) exploitation of the vulnerabilities was not so easy.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"qme\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/OMIGod?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#OMIGod<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/Azure?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Azure<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/OMIAgent?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#OMIAgent<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/CVE202138647?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#CVE202138647<\/a> <a href=\"https:\/\/t.co\/2CDDuCF2ty\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/2CDDuCF2ty<\/a><\/p>\n<p>\u2014 Florian Roth (@cyb3rops) <a href=\"https:\/\/twitter.com\/cyb3rops\/status\/1438424466661511182?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">September 16, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>October: Facebook removes itself from the Internet<\/h2>\n<p>A major Facebook outage made October truly memorable. According to emergency responders\u2019 reports, an update rendered Facebook\u2019s DNS servers unavailable over the Internet. As a result, users of the social network and of a number of the company\u2019s other services, including Facebook Messenger, Instagram, and WhatsApp, were unable to log in for more than six hours. While they were using alternative networks and other messaging apps (overloading them) to complain, wild rumors were circulating around the Internet \u2014 such as that company administrators could not get to the servers because their access system was tied to Facebook.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Mark Zuckerberg fixing the WhatsApp, Instagram and Facebook crash <a href=\"https:\/\/twitter.com\/hashtag\/instagramdown?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#instagramdown<\/a> <a href=\"https:\/\/t.co\/3yoVhyYdM7\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/3yoVhyYdM7<\/a><\/p>\n<p>\u2014 Kr$hna (@Obviously_KC) <a href=\"https:\/\/twitter.com\/Obviously_KC\/status\/1445066280009027592?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">October 4, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>November: Fake Green Passes<\/h2>\n<p>In fact, the validated forgeries of European digital vaccine certificates that made a lot of noise appeared at the end of October, but the main wave of general surprise came in November. What happened: the fake Green Passes <a href=\"https:\/\/www.kaspersky.com\/blog\/whats-wrong-with-forged-green-pass\/42728\/\" target=\"_blank\" rel=\"noopener nofollow\">became available for sale on the Internet<\/a>\u00a0\u2014 and as examples, sellers showed certificates for Adolf Hitler, Mickey Mouse, and SpongeBob SquarePants. Judging by the recent news, the problem of the spread of counterfeit Green Passes is <a href=\"https:\/\/www.euronews.com\/2021\/12\/29\/italian-police-suspend-17-online-profiles-selling-fake-covid-certificates\" target=\"_blank\" rel=\"nofollow noopener\">still relevant<\/a>.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">As of Thursday morning Eastern time, Adolf Hitler and Mickey Mouse could still validate their digital Covid passes, SpongeBob Squarepants was out of luck, and the European Union was investigating a leak of the private key used to sign the EU\u2019s Green Pass vaccine passports. <a href=\"https:\/\/t.co\/kdpJmfp3WX\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/kdpJmfp3WX<\/a><\/p>\n<p>\u2014 astig0spe (@astig0spe) <a href=\"https:\/\/twitter.com\/astig0spe\/status\/1456637598991101952?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 5, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>December: Log4Shell vulnerability<\/h2>\n<p>Almost all of December passed under the sign of Log4Shell, a critical vulnerability in the Apache Log4j library. The widespread use of this library in Java applications made millions of programs and devices vulnerable. The Apache Foundation released several patches, and researchers found ways to circumvent the countermeasures several times. Within days of initial publication, botnets began scanning the Internet for vulnerable programs, and ransomware authors took advantage of the vulnerability. So many successful Log4Shell-themed memes appeared that someone even created a <a href=\"https:\/\/log4jmemes.com\/\" target=\"_blank\" rel=\"nofollow noopener\">compilation website<\/a>.<\/p>\n<p>https:\/\/twitter.com\/secbro1\/status\/1469328495847346177<\/p>\n<p>Let\u2019s hope that next year will be a lot calmer. Happy New Year to you, dear readers!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Remembering 2021\u2019s most interesting infosec events\u00a0\u2014 in memes and tweets.<\/p>\n","protected":false},"author":2698,"featured_media":19287,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[20,38,268],"class_list":{"0":"post-19286","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-facebook","9":"tag-microsoft","10":"tag-vulnerabilities"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/security-2021-year-in-memes\/19286\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/security-2021-year-in-memes\/23787\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/security-2021-year-in-memes\/26014\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/security-2021-year-in-memes\/23991\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/security-2021-year-in-memes\/23692\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/security-2021-year-in-memes\/26662\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/security-2021-year-in-memes\/26257\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/security-2021-year-in-memes\/32150\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/security-2021-year-in-memes\/10408\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/security-2021-year-in-memes\/43237\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/security-2021-year-in-memes\/18376\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/security-2021-year-in-memes\/18737\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/security-2021-year-in-memes\/15654\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/security-2021-year-in-memes\/27934\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/security-2021-year-in-memes\/27985\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/security-2021-year-in-memes\/24728\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/security-2021-year-in-memes\/30147\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/security-2021-year-in-memes\/29938\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/vulnerabilities\/","name":"vulnerabilities"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/19286","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2698"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=19286"}],"version-history":[{"count":1,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/19286\/revisions"}],"predecessor-version":[{"id":19288,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/19286\/revisions\/19288"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/19287"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=19286"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=19286"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=19286"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}