Security Leftovers

posted by Roy Schestowitz on Sep 03, 2023

• 2023-08-31 [Older] NCSC warns of chatbot vulnerabilities, urging holistic security approach

• 2023-08-30 [Older] NYC subway security flaw makes it possible to track riders’ journeys

• 2023-08-28 [Older] Criminal hackers 'very likely' to pose threat to national security, economy in near term: report

• 2023-08-30 [Older] Juniper Networks Releases Security Advisory for Junos OS and Junos OS Evolved

• 2023-08-30 [Older] Mozilla Releases Security Updates for Firefox and Firefox ESR

• 2023-08-30 [Older] Mozilla Releases Security Updates for Multiple Products

• 2023-08-30 [Older] VMware Releases Security Updates for Aria Operations for Networks

• 2023-08-31 [Older] CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware

• 2023-08-31 [Older] CISA Releases Four Industrial Control Systems Advisories

• 2023-08-31 [Older] CISA Warns of Hurricane-Related Scams

• 2023-08-31 [Older] ​ARDEREG Sistemas SCADA

• 2023-08-31 [Older] ​GE Digital CIMPLICITY

• 2023-08-31 [Older] ​PTC Kepware KepServerEX

• 2023-08-31 [Older] ​Digi RealPort Protocol

• 2023-08-30 [Older] CISA and FBI Publish Joint Advisory on QakBot Infrastructure

• 2023-08-29 [Older] CISA Releases IOCs Associated with Malicious Barracuda Activity

• 2023-08-29 [Older] CISA Releases One Industrial Control Systems Advisory

• 2023-08-29 [Older] ​PTC Codebeamer

• 2023-08-25 [Older] CISA’s VDP Platform 2022 Annual Report Showcases Success

• Parents and cybersecurity experts weigh in as Carlisle School District investigates possible cyber attack

  Confusion is spreading across the Carlisle Area School District, as students were left without the internet for an entire school day.

  On Friday morning, district officials notified parents that its internet system was shut down due to a “possible security incident.” The potential security breach was discovered on Thursday afternoon.

  Carlisle students remained in school for the day, however they were unable to use school laptops or iPads during the day. The school district also limited school access for parents and visitors.

• Carthage, Claxton-Hepburn hospitals target of cyber attack

  Two north country hospitals have been targeted in a cyber attack, but officials say there appears to be no breach of patient information.

  Officials say Carthage Area Hospital and Claxton Hepburn Medical Center in Ogdensburg discovered the incident Thursday at approximately 6 p.m.

  As a precaution, the emergency rooms at Carthage and Claxton have been put on diversion, meaning other area hospitals have been notified and are prepared to receive patients as needed.

• Highgate Wood School delays term by 6 days after cyber attack

  A school will be starting its new term six days late after it was targeted in a cyber-attack.

  Parents were informed that the Highgate Wood School, in Montenotte Road, has become a victim of an attack that has prevented the school from accessing systems.

  As a result, the start of the Crouch End secondary school’s term next Tuesday (September 5) has been delayed to September 11. The school has around 1,500 pupils aged 11 to 16.

• State [Indiana] notifying Medicaid recipients of CareSource security breach

  The protected health information of some Indiana Medicaid members may have been compromised in a recent security breach involving Ohio-based CareSource.

  Officials with the Indiana Family and Social Services Administration announced Friday that the breach of CareSource, a managed care entity, happened in late May and involved the personal information of more than 200,000 Hoosiers.

  State officials say names, addresses, Social Security numbers, dates of birth, member health information and more for 212,193 Indiana Medicaid members were accessed through an application called MOVEit, used by CareSource.

• Lawrence schools trying to recover $2.7 million ‘frozen’ by online phishing scheme, officials say

  The Lawrence Public Schools are working to recover $2.7 million in funds that were recently “frozen” when a staffer responded to a phishing email sent by scammers posing as a vendor for the school district, city officials said.

  Mayor Brian A. DePeña’s office held an emergency meeting Thursday with informational technology specialists to discuss the security breach, according to DePeña’s spokesperson, Nestor Castillo.

• Carlisle Area School District was hit with ransomware

  According to an email obtained by abc27 from the Carlisle Area School District, the school was notified by federal government officials that its internet system has been infiltrated with ransomware.

• “It can be confirmed the system of the Department of Defence has not been hacked”- SANDF

  Yesterday, DataBreaches reported on SNAtch Team and how they were not a ransomware gang or using what had been referred to as the Snatch locker or ransomware. In that report, DataBreaches included a description provided by their spokesperson about their attack on the South Africa Department of Defense — an attack that SANDF initially dismissed as “fake news” and now claims wasn’t a hack.

  [...]

  It appears that SANDF is either extremely incompetent in investigating the attack and exfiltration of so much data or they are just flat-out lying because they are embarrassed. Either way, the country’s citizenry is not well-served by a government that denies the reality of what happened or attempts to deflect responsibility for the poor security practices that facilitated it.