Security Leftovers
-
From small LNK to large malicious BAT file with zero VT score, (Thu, Aug 3rd)
Last week, my spam trap caught an e-mail with LNK attachment, which turned out to be quite interesting.
-
Tenable chief says no way to verify Microsoft claims about fixing Azure flaw
Microsoft claims it has completely fixed a critical security issue in its Azure cloud platform, found in March by researchers from security firm Tenable, who then told Microsoft about it. Tenable chief executive and chairman Amit Yoran had claimed in a blog post on Wednesday that it took more than 90 days for Microsoft to effect a partial fix.
-
Are Leaked Credentials Dumps Used by Attackers, (Fri, Aug 4th)
This is a classic problem: One day, you create an account on a website (ex: an online shop), and later, this website is compromised. All credentials are collected and shared by the attacker. To reduce this risk, a best practice is to avoid password re-use (as well as to not use your corporate email address for non-business-related stuff).
-
Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed
Exploitation of the Ivanti EPMM flaw CVE-2023-35078 is picking up as a new critical vulnerability tracked as CVE-2023-35082 is disclosed.
-
Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities
Five Eyes government agencies have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022.
-
670 ICS Vulnerabilities Disclosed by CISA in First Half of 2023: Analysis
CISA disclosed 670 ICS vulnerabilities in the first half of 2023, but roughly one-third have no patches or mitigations from the vendor.
-
Security updates for Friday
Security updates have been issued by CentOS (bind and kernel), Debian (cjose, firefox-esr, ntpsec, and python-django), Fedora (chromium, firefox, librsvg2, and webkitgtk), Red Hat (firefox), Scientific Linux (firefox and openssh), SUSE (go1.20, ImageMagick, javapackages-tools, javassist, mysql-connector-java, protobuf, python-python-gflags, kernel, openssl-1_1, pipewire, python-pip, and xtrans), and Ubuntu (cargo, rust-cargo, cpio, poppler, and xmltooling).
-
Nigerian National Pleads Guilty to $1.25 Million Business Email Compromise Scam Impacting U.S. Company
Onwuchekwa Nnanna Kalu, 39, a Nigerian National from Rivers State, Nigeria, pleaded guilty today to stealing $1.25 million from an investment firm located in Boston, through a business email compromise (“BEC”) scam. The plea was announced by U.S. Attorney Matthew M. Graves and Acting Special Agent in Charge David Geist, of the FBI Washington Field Office's Criminal and Cyber Division.
Nnanna Kalu pleaded guilty in the District of Columbia to one count of wire fraud. U.S. District Court Judge Randolph D. Moss scheduled a sentencing hearing for November 29, 2023. Kalu was arrested in 2022 and has been detained by the Court as a risk of flight.
-
Massive data breach could impact many who attended or worked for public schools in Colorado
A news release issued by the Colorado Department of Higher Education is notifying the public of a “data incident.”
KKTV 11 News is working to learn more about the situation, but the release reads as follows:
The Colorado Department of Higher Education (“CDHE”) is providing notice of a cybersecurity incident that may involve the personal information of certain individuals. CDHE is providing information about the measures it has taken in response to the incident, and steps impacted individuals may take to protect themselves against possible misuse of information.