Security Leftovers

posted by Roy Schestowitz on Apr 28, 2023

• Security updates for Friday [LWN.net]

  Security updates have been issued by Fedora (git, libpcap, php-laminas-diactoros2, php-nyholm-psr7, tcpdump, and xen), Oracle (cloud-init), Scientific Linux (kernel), SUSE (conmon, docker, glib2, glibc, libmicrohttpd, libX11, liferea, python3, qemu, rubygem-actionview-5_1, s390-tools, stellarium, vim, and xen), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-4.15, linux-azure-5.4, linux-gcp, linux-gcp-4.15, linux-gcp-5.4, linux-gke, linux-gkeop, linux-hwe, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 and openssl-ibmca).

• UK school hit by ransomware attack

  Hardenhuish School in Wiltshire says it hopes at least some systems will be back online next week

  A school in Wiltshire was hit by a ransomware attack last weekend. Hardenhuish School, a mixed secondary academy in Chippenham, sent texts to parents and guardians of its 1,623 pupils notifying them of the attack.

  "As far as we can tell at this point, no personal data has been compromised, although our forensic specialists are at the early stages of their investigation and will update us as the situation unfolds," the text said, according to the Wiltshire Times.

• Man Sentenced for Stealing Over 712 Bitcoin Subject to Forfeiture

  According to court documents, Gary James Harmon, 31, of Cleveland, perpetrated a scheme to steal cryptocurrency that was the subject of pending criminal forfeiture proceedings in the case of Larry Dean Harmon, Gary Harmon’s brother. In February 2020, Larry Harmon was arrested for his operation of Helix, a darknet-based cryptocurrency money laundering service, known as a “mixer” or “tumbler.” Helix laundered over 350,000 bitcoin – valued at over $300 million at the time of the transactions – on behalf of customers, with the largest volume coming from darknet markets. Law enforcement seized various assets, including a cryptocurrency storage device containing Larry Harmon’s illegal proceeds generated through the operation of Helix, which were subject to forfeiture in the criminal case. However, law enforcement was initially unable to recover bitcoin stored on the device due to the device’s additional security features.

• The cyber police exposed an attacker in the sale of databases with personal data of citizens of Ukraine and the EU

  In total, the databases contained personal information of more than 300 million people, citizens of Ukraine and EU countries.

  Depending on the amount of data, the person involved asked for them from 500 to 2000 dollars.

  It was previously established that the buyers were also citizens of the aggressor country. The person involved received payment for the sale of databases to citizens of the Russian Federation using currencies prohibited on the territory of Ukraine.

• TUSD’s Cyber Shutdown: District will need help, and millions of dollars, to rebound from ransomware attack

  - The Tucson Unified School District was hobbled by a ransomware attack in late January.

  13 News’ Valerie Cavazos has been reporting on the attack from the beginning to find out how it happened, why it happened and what’s being done to prevent it from happening again.

• Data breach could affect up to 100,000 patients at Queensway Carleton Hospital

  Health and personal information, home addresses and OHIP numbers of up to 100,000 patients at Queensway Carleton Hospital have been affected by a major data breach involving an Ottawa-based third-party software provider.

  The hospital sent out public notices of the breach Friday and is contacting patients individually. It has also notified the province’s privacy commissioner.

  Queensway Carleton Hospital said it stopped using the platform by the Canadian software company Aetonix Systems Inc. after learning in March that an authorized third party may have gained access to an “internal test environment” where personal health information of Canadians patients had been temporarily stored.