Security Leftovers
-
Deobfuscating Scripts: When Encodings Help, (Sun, Apr 30th)
I found this sample on MalwareBazaar, tagged as unknown.
-
Security updates for Monday [LWN.net]
Security updates have been issued by Debian (distro-info-data, ffmpeg, jackson-databind, jruby, libapache2-mod-auth-openidc, libxml2, openvswitch, sniproxy, and wireshark), Fedora (git, libsignal-protocol-c, php-nyholm-psr7, python-setuptools, rust-askama, rust-askama_shared, rust-comrak, thunderbird, and webkitgtk), SUSE (git, glib2, shadow, thunderbird, and webkit2gtk3), and Ubuntu (Apache Commons Net, git, linux-azure-5.15, linux-azure-fde, linux-kvm, linux-ibm-5.4, linux-snapdragon, netty, and ZenLib).
-
Saville Row attacked by BlackCat
Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the threat actors included internal Saville Row documents such as invoices and purchase orders.
DataBreaches found no notice of any incident on the store’s website or social networks. They did not respond to DataBreaches’ email on April 21 asking them to confirm or deny BlackCat’s claimed attack.
-
Key U.S. Marshals computers still down 10 weeks after breach
A key law enforcement computer network has been down for 10 weeks, the victim of a ransomware attack that has frustrated efforts by senior officials to get the system back up and running — raising concerns about how to secure critical crime-fighting operations.
While the initial breach of a computer system within the U.S. Marshals was previously known, the precise details of what that system did and how long it has remained down have not been previously reported.
-
Nashua School District hit by ‘sophisticated’ cyberattack; classes to go on as scheduled Monday
The Nashua School District said classes will go on as scheduled Monday after it was hit by a “sophisticated” cyberattack Sunday.
The district said it is working with a third-party investigator to determine the nature and scope of the attack.
“We are working diligently to investigate the incident, confirm its impact on our systems, and securely restore functionality to our environment as soon as possible,” the district said in a statement.
-
New Data Breaches from Cl0p and Lockbit Ransomware Groups
-
Court records online include private information for thousands of Missouri residents
Documents containing Social Security numbers and other private information for thousands of Missourians are accessible to anyone using the Casenet website, the state’s judicial records system, the Post-Dispatch recently discovered.
Missouri Supreme Court officials have acknowledged the issue after being alerted by the Post-Dispatch, and they fixed one vulnerability on Casenet. But thousands more documents with sensitive information remain online because they are considered open records. Those documents were filed by one state agency over several years, but it’s unclear if other records may also expose private information.
-
GM terminates hundreds of contract workers as it tries to shave $2 billion from its budget
-
Western Digital discloses network breach, My Cloud service down