Security: More Microsoft Blunders, Social Engineering, IPFire 2.27 - Core Update 171, and Signal
-
Microsoft customer data leak includes contact info, emails - Protocol
-
Massive leak of Microsoft customer data claimed to be biggest B2B spill
Threat intelligence firm SOCRadar says it has detected that sensitive data from 65,000 entities has been made public because of a misconfigured Microsoft endpoint. It has dubbed the leak BlueBleed, adding that this data was only the first part of the leak.
The total amount of data was from more than 150,000 companies in 123 different countries, SOCRadar said in a post.
British security guru Kevin Beaumont tweeted about the leak, saying: "Microsoft have had some sort of breach due to a misconfigured system, which has exposed customer data."
-
iTWire - Medical data of 3.9m Australians at risk as Medibank faces ransom demand [iophk: Windows TCO]
Medical insurer Medibank Group says its shares have entered a trading halt after it was contacted by an individual who claims to have stolen 200GB of data from the company during a network attack which it reported last week.
In a statement issued on Thursday, the company said the individual in question had provided a sample of records for 100 policies. "...we believe [this] has come from our ahm and international student systems," it said.
The company provides private health insurance and health services to more than 3.9 million people in Australia.
"That data includes first names and surnames, addresses, dates of birth, Medicare numbers, policy numbers, phone numbers and some claims data," Medibank Group said.
-
Social Engineering dos and don’ts | Pen Test Partners
Another day, another success at sneaking into a building and pretending to be staff. I do so love drinking other people’s expensive office coffee. No fruit bowls though. Close, but no banana.
It got me thinking, again, about what makes for good social engineering (SE), and what advice would I give my younger self.
-
How Should Companies Prepare for the Coming Cybersecurity Regulations [Ed: Delete Windows, for starters. He cites the example of Microsoft incidents, but does not name the culprit.]
“Cybersecurity has reached a tipping point,” wrote MIT professor Stuart Madnick in a recent Harvard Business Review article, New Cybersecurity Regulations Are Coming. Here’s How to Prepare. “After decades of private-sector organizations more or less being left to deal with cyber incidents on their own, the scale and impact of cyberattacks means that the fallout from these incidents can ripple across societies and borders.”
Given the growing threat of cyberattacks, there’s an urgent need to improve the security of IT systems. However, we still don’t know a lot about cyberattacks, including how many attacks have taken place and who’s been attacked. Until recently, cybersecurity regulation were mostly focused on data privacy, and the only attacks that had to be reported were those involving personal information, such as the theft of names and credit card numbers.
-
IPFire 2.27 - Core Update 171 released [SECURITY ADVISORY]
Today, we release IPFire 2.27 - Core Update 171. It updates major parts of the distribution, such as the kernel and the IPS engine, and features bug fixes as well as stability and security improvements - most notably, upstream fixes against a strain of vulnerabilities in the kernel's WiFi components. Particularly IPFire users running WiFi networking hardware are advised to install this update as soon as possible, and reboot their systems afterwards.
Also, this Core Update initiates the deprecation of IPFire support for 32-bit ARM hardware, ultimately taking effect on February 28, 2023.
-
Why Signal won’t compromise on encryption, with president Meredith Whittaker
WhatsApp uses the Signal encryption protocol to provide encryption for its messages. That was absolutely a visionary choice that Brian and his team led back in the day - and big props to them for doing that. But you can’t just look at that and then stop at message protection. WhatsApp does not protect metadata the way that Signal does. Signal knows nothing about who you are. It doesn’t have your profile information and it has introduced group encryption protections. We don’t know who you are talking to or who is in the membership of a group. It has gone above and beyond to minimize the collection of metadata.
WhatsApp, on the other hand, collects the information about your profile, your profile photo, who is talking to whom, who is a group member. That is powerful metadata. It is particularly powerful—and this is where we have to back out into a structural argument for a company to collect the data that is also owned by Meta/Facebook. Facebook has a huge amount, just unspeakable volumes, of intimate information about billions of people across the globe.
It is not trivial to point out that WhatsApp metadata could easily be joined with Facebook data, and that it could easily reveal extremely intimate information about people. The choice to remove or enhance the encryption protocols is still in the hands of Facebook. We have to look structurally at what that organization is, who actually has control over these decisions, and at some of these details that often do not get discussed when we talk about message encryption overall.