Proprietary Junk and Security Blunders

posted by Roy Schestowitz on Nov 02, 2022

• Cyber-attacks on small firms: The US economy's 'Achilles heel'? [iophk: Windows TCO]

  Cyber-crimes are expected to cost the world $10.5tn (£9.3tn) by 2025, according to cyber-security research firm Cyber Ventures.

  On the current trajectory, small businesses will absorb most of the hit.

  They are three times more likely to be attacked by cyber-criminals compared to large businesses, cloud security firm Barracuda Networks has found.

• France's Thales says hackers claim to have stolen data [iophk: Windows TCO]

  Thales said the extortion and ransomware group had announced plans on the dark web to release the data on Nov. 7. It added that so far it had not received any direct ransom notification.

• Fears for overseas students following Australian cyber breach [iophk: Windows TCO]

  Medibank Private, one of five companies authorised to provide overseas student health cover (OSHC), revealed on 13 October that it had been the subject of a “cyber incident”. At the time it said there was no evidence that sensitive data had been accessed, and that customers could expect little inconvenience other than temporary disruptions as the international student policy management systems were taken offline.

  That assessment changed a week later, with Medibank revealing that it had been contacted by a “criminal” claiming to have stolen 200 gigabytes of data. The extortionist had sent sample records from 100 policyholders, including international students, detailing their names, addresses, dates of birth, phone numbers, insurance details and medical histories.

• Quad’s ransomware commitment could help shore up regional software supply chains [iophk: Windows TCO]

  Since the Covid-19 pandemic, ransomware attacks have increased dramatically worldwide. The latest annual report on the state of ransomware, by cybersecurity firm Sophos, indicated a 78% rise in attacks globally between 2020 and 2021. Nearly two-thirds of the organisations surveyed reported having been affected.

• Using Sysmon for Linux to Monitor Against MITRE ATT-CK Techniques - LogRhythm [Ed: Fake security from Microsoft]

  Microsoft Sysinternals recently released Sysmon for Linux. Beyond installing and configuring the software, there are several next steps you can take to use Sysmon for Linux to monitor against MITRE ATT&CK Techniques.

• Google increases storage to 1TB from 15GB on Workspace individual accounts

  The tech company in a blog post revealed that upgrading one’s account to 1TB safe cloud storage is an entirely automatic process. When Google rolls out the new upgrade, every Google user will automatically get the standard 15GB storage updated to 1TB. Users will be able to add up to 100 different formats including CAD files, PDFs, and various image formats on Google Drive.

• The Ventura problem

  At the beginning of last week Apple released macOS Ventura, the next major version of their desktop operating system for Mac computers. We’d been monitoring a problem with Ventura since the early betas back in August with the hope that, on release, things would be working normally.

  Unfortunately, this wasn’t the case. Right now, if you’re using a Pico with your Mac, we don’t recommend upgrading to Ventura (at least not yet).

• MacOS Ventura Does Not Play Well With Raspberry Pi Pico

  A problem has arisen in the way the latest version of MacOS mounts Raspberry Pi Pico (opens in new tab) virtual volumes, meaning Macs updated to 13.0 Ventura, released October 24, cannot copy across the UF2 files used for flashing instructions onto the microcontroller. The Raspberry Pi blog has a post about the error (opens in new tab), and the company has reported it to Apple as a bug.