Microsoft Abuse, Microsoft TCO, and Weak Secrurity

posted by Roy Schestowitz on Oct 25, 2022

• First look at Microsoft PC Manager and its conflicting interests | Ctrl blog

  Microsoft is testing a new app to compete with the many dubious “PC cleaner” software available on the market (like CCleaner and CleanMyMac). However, Microsoft’s new app looks out for the company’s interests before its customers’.

• CISA Has Added One Known Exploited Vulnerability to Catalog [Ed: iOS and iPadOS under active attacks with exploit available]

  CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.   

• CISA Releases Eight Industrial Control Systems Advisories | CISA

  CISA has released eight (8) Industrial Control Systems (ICS) advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• CISA Upgrades to Version 2.0 of Traffic Light Protocol in One Week – Join Us! | CISA

  On Nov. 1, 2022, CISA will upgrade from Traffic Light Protocol (TLP) 1.0 to TLP 2.0 in accordance with the recommendation by the Forum of Incident Response Security Teams (FIRST) that organizations move to 2.0 by the end of 2022.

• 22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library

  A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all the way back to October 2000 and could enable attackers to crash or control programs.

• Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company [Ed: Microsoft TCO]

  The Hive ransomware-as-a-service (RaaS) group has claimed responsibility for a cyber attack against Tata Power that was disclosed by the company less than two weeks ago.

  The incident is said to have occurred on October 3, 2022. The threat actor has also been observed leaking stolen data exfiltrated prior to encrypting the network as part of its double extortion scheme.

• Tata Power data leaked on dark web after Hive ransomware attack [Ed: Microsoft TCO]

  India's biggest integrated power company, Tata Power, which has been in business since 1915, has been hit by a ransomware attack staged by the Hive group.

  The ransomware runs only on Windows systems and the group has now released data it claims is from the attack on the dark web.

  The company acknowledged the attack in a note to the National Stock Exchange of India on 14 October.

  "The Tata Power Company Limited had a cyber attack on its IT infrastructure impacting some of its IT systems," the letter said.