Security Leftovers

posted by Roy Schestowitz on Apr 19, 2023

• The Security and Productivity Implications of Low Code/No Code Development

  The low code/no code movement provides simplified app generation – but it needs to be understood to be safe.

• Several Distros Release Important Advisories for Actively Exploited Linux Kernel Use After Free Vuln

  Several high-impact security vulnerabilities were recently discovered and fixed in the Linux kernel. These flaws could result in memory exhaustion, system crashes, denial of service (DoS), the exposure of sensitive information, cross-site scripting (XSS) attacks, privilege escalation attacks, or the execution of arbitrary code.

• Security updates for Tuesday [LWN.net]

  Security updates have been issued by Debian (protobuf), Fedora (libpcap, libxml2, openssh, and tcpdump), Mageia (kernel and kernel-linus), Oracle (firefox, kernel, kernel-container, and thunderbird), Red Hat (thunderbird), Scientific Linux (thunderbird), SUSE (gradle, kernel, nodejs10, nodejs12, nodejs14, openssl-3, pgadmin4, rubygem-rack, and wayland), and Ubuntu (firefox).

• No evidence found of Little Rock School District data use

  The Little Rock School District, a victim of a 2022 data security attack, is telling its past and present employees, student families and vendors that there is no evidence that their personal data has been "viewed, used or misused."

  However, that announcement -- posted recently on the 21,000-student district's website -- also states that the district is providing no-cost credit monitoring and identity protection services "out of an abundance of caution."

  Additionally, the district -- which apologized for the concern caused by the security breach -- is telling affected individuals to be vigilant in monitoring their accounts for identity theft and fraud.

• No evidence found of Little Rock School District data use after ransomware incident

  And that is exactly the right advice — to not assume that because the district paid ransom — that the data would never be misused or later appear somewhere. And even though the district may believe that “All such information was returned, and we have obtained assurances that no use was made of the information,” that is not a guarantee that it is true.

• Real estate firm OrangeTee & Tie fined for data breach involving 250,000 customers and employees

  Real estate agency OrangeTee & Tie has been fined S$37,000 by Singapore’s privacy watchdog after the personal data of more than 250,000 customers and employees was compromised.

  Names, bank account numbers, property transaction amounts, as well as identity card numbers were extracted from outdated database servers by a cybercrime group in 2021.

  In a written judgment released on Monday (Apr 17), the Personal Data Protection Commission (PDPC) found several lapses on OrangeTee & Tie’s part that led to the data breach.

• Hacked therapy centre's ex-CEO gets 3-month suspended sentence

  The district court characterised the defendant's actions as particularly reprehensible, due to the scale of the data breach as well as the sensitive nature of the information involved.

• Hackers Stole School Data. The District Left Teachers in the Dark

  Classrooms across Tucson, Arizona, were ravaged by ransomware in January that locked up computer systems and forced teachers to revamp lesson plans. Officials in southern Arizona’s largest school district tried assuring students and staff for weeks that, despite the cyberattack, sensitive data wasn’t stolen.

• Dutch hacking suspects to be in court April 20; Dutch police try to warn others to “stop cybercrime”

  There’s been a lot of speculation following the arrest of Conor Fitzpatrick (aka “Pompompurin”) once it began to really sink in for some people that law enforcement has both the RaidForums BreachForums databases.

• Capita IT breach gets worse as Black Basta claims it's now selling off stolen data

  Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant.

  A spokesperson for the London-based corporation, which has UK government contracts totaling £6.5 billion ($8 billion), said it hasn't yet confirmed if that data leak is legit.

  "We continue to work closely with specialist advisers and forensic experts in investigating the incident," a Capita spokesperson told The Register.

• HHS Cybersecurity Task Force Provides New Resources to Help Address Rising Threat of Cyberattacks in Health and Public Health Sector

  The Knowledge on Demand platform marks the first time HHS has offered free cybersecurity trainings to the health sector workforce and reflects the Department’s continued commitment to supporting the HPH Sector’s defense against cyberattacks.

  This new Knowledge on Demand platform offers awareness trainings on these five cybersecurity topics: social engineering, ransomware, loss or theft of equipment or data, insider accidental or malicious data loss, and attacks against network connected medical devices.

• Five months after Crown Point Schools suffered a cyberattack, they still don’t know what happened or what they will do

  In November, Crown Point Community School students returned to classes after a “network outage” incident that the district feared might be a cybersecurity breach.