Security Leftovers

posted by Roy Schestowitz on Jul 22, 2023

• Microsoft Gets the Top Spot for Impersonated Brand for Phishing Scams in Quarter 2 of 2023, Reveals Report [Ed: Microsoft back doors are even worse because Microsoft is directly culpable]

  New Delhi, July 21: Microsoft took the top spot in the second quarter (Q2) of 2023 as the most impersonated brand for phishing scams, a new report showed on Friday.

• Car thefts have skyrocketed in cities across the U.S.

  Data: Council on Criminal Justice; Chart: Axios Visuals

  Car thefts in dozens of cities across the U.S. have skyrocketed so far this year, according to a new report on crime.

  Why it matters: Motor vehicle thefts are up by roughly 34% from the same period last year, underscoring how crime patterns have evolved as the country has emerged from the pandemic.

• Russia Seeks 18 Years in Jail for Founder of Cybersecurity Firm

  A Russian prosecutor requested an 18-year prison sentence for Ilya Sachkov, founder of cybersecurity firm Group-IB.

• Russian Prosecutors Seek 18 Years In Prison For Cybersecurity Company Chief

  Prosecutors have asked the Moscow City Court to convict and sentence Ilya Sachkov, the head of a leading Russian cybersecurity company, to 18 years in prison on a high treason charge.

• Reproducible Builds (diffoscope): diffoscope 245 released

  The diffoscope maintainers are pleased to announce the release of diffoscope version 245. This version includes the following changes:

  * Don't include file size in image metadata; it is, at best, distracting and it is already in the directory metadata. * Move to using assert_diff in ICO and JPEG tests. * Update copyright years.

• GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees [Ed: Microsoft is not a security authority; it's a security risk and foe, a purveyor of back doors]

  North Korean hackers are targeting employees at technology firms with repository invitations and malicious NPM packages.

• Notorious North Korean hackers targeted a US software company to steal crypto data

  A North Korean state-backed hacker group attacked JumpCloud, a US software company, in an attempt to steal information about its cryptocurrency clients. JumpCloud first reported that a “nation-state actor” carried out a security breach in late June, and yesterday (July 20) the company confirmed North Korean actors…

• Tampa General Hospital Says Patient Information Stolen in Ransomware Attack

  Tampa General Hospital has started informing patients that their personal information was stolen in a ransomware attack.

• Citrix Zero-Day Exploited Against Critical Infrastructure Organization

  CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization.

• VirusTotal Provides Clarifications on Data Leak Affecting Premium Accounts

  VirusTotal has provided clarifications on the recent data leak that resulted in the exposure of information on 5,600 of the threat analysis service’s customers.

• In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

  Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 17, 2023.

• OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers

  Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely.

• P2P Worm Attacking 307,000 Redis Instances on Linux and Windows Systems [Ed: This bug was patched ages ago; this is an issue of negligence, not "Linux"]

  While the P2PInfect P2P worm targets the Redis instances using CVE-2022-0543 vulnerability.

• Podcast: How to make IoT more consumer-friendly

  This week we dig in on two topics that will make the internet of things friendlier for consumers. The first is the newly announced cybersecurity label plan from the White House that will create a way for consumers to see if their planned IoT purchase meets adequate cybersecurity standards.

• Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy

  The Atlantic Council released a detailed commentary on the White House’s new “Implementation Plan for the 2023 US National Cybersecurity Strategy.” Lots of interesting bits.

  So far, at least three trends emerge:

  First, the plan contains a (somewhat) more concrete list of actions than its parent strategy, with useful delineation of lead and supporting agencies, as well as timelines aplenty. By assigning each action a designated lead and timeline, and by including a new nominal section (6) focused entirely on assessing effectiveness and continued iteration, the ONCD suggests that this is not so much a standalone text as the framework for an annual, crucially iterative policy process. That many of the milestones are still hazy might be less important than the commitment. the administration has made to revisit this plan annually, allowing the ONCD team to leverage their unique combination of topical depth and budgetary review authority...