Security and Windows TCO

posted by Roy Schestowitz on Oct 18, 2023,
updated Oct 18, 2023

• LWN ☛ Security updates for Tuesday

  Security updates have been issued by Debian (axis, nghttp2, node-babel7, and tomcat9), Fedora (curl and ghostscript), Oracle (bind, kernel-container, mariadb:10.5, and python3.11), Red Hat (.NET 7.0, go-toolset, golang, and go-toolset:rhel8), SUSE (kernel, libcue, libxml2, python-Django, and python-gevent), and Ubuntu (curl, ghostscript, iperf3, libcue, python2.7, quagga, and samba).

• NV: Personal information accessed in Clark County School District cybersecurity incident

  The Clark County School District announced that a recent cybersecurity incident allowed an “unauthorized party” to access personal information of some students, parents and employees.

  The district said it became aware of the hack on Oct. 5, adding that it involved the email environment.

  “Upon discovering the incident, CCSD immediately engaged a team of forensic experts to investigate the incident and ensure that CCSD operates within a safe and remediated email environment,” a district spokesperson wrote. “CCSD is also cooperating with law enforcement’s investigation.”

• Security Week ☛ Beyond Quantum: MemComputing ASICs Could Shatter 2048-bit RSA Encryption

  The feared ‘cryptopocalypse’ (the death of current encryption) might be sooner than expected – caused by in-memory computing ASICs rather than quantum computers.

• Federal News Network ☛ Kari Lake’s lawsuit over metro Phoenix’s electronic voting machines has been tossed out

  A federal appeals court has tossed out a lawsuit brought by former Arizona gubernatorial candidate Kari Lake that challenged the use of electronic voting machines. The 9th U.S. Circuit Court of Appeals made the ruling Monday. Lake and failed Arizona Secretary of State candidate Mark Finchem, both Republicans, filed a lawsuit in April 2022 that alleged the ballot tabulation machines were not trustworthy. Lake wound up losing her race by more than 17,000 votes while Finchem lost by over 120,000 votes. The challenge focused on problems with ballot printers at some polling places in Maricopa County, home to Phoenix and where more than 60% of the state’s voters live.

• Bruce Schneier ☛ Security Vulnerability of Switzerland’s E-Voting System [Ed: Elections should never be done electronically anyway]

  Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Andrew Appel explains why it’s a bad idea: [...]

• Silicon Angle ☛ Phishing attacks hit record high in third quarter, with malware not far behind

  A new report from threat detection and response startup Vade Secure SASU finds a substantial increase in phishing and malware attacks in the third quarter, so large that the level of attacks is some of the highest ever recorded for any quarter.

• TechRepublic ☛ Software Supply Chain Security Attacks Up 200%: New Sonatype Research

  Sonatype's 9th annual State of the Software Supply Chain also covers regulations and how AI could help developers protect organizations from security risks.

• SANS ☛ Changes to SMS Delivery and How it Effects MFA and Phishing, (Tue, Oct 17th)

  Spam and phishing SMS messages (sometimes called "smishing") have been problematic in recent years. These messages often bypass security controls and are more challenging to identify as malicious by users. Moreover, they can be just simply annoying.

• Security Week ☛ Critical Vulnerabilities Expose ​​Weintek HMIs to Attacks

  Weintek has patched critical and high-severity vulnerabilities found in its cMT series HMIs by industrial cybersecurity firm TXOne. 

• Security Week ☛ NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics [Ed: NSA itself is doing lots of intrusions]

  NSA has released Elitewolf, a repository of intrusion detection signatures and analytics for OT environments.

• Security Week ☛ US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

  CISA, FBI, and MS-ISAC warn of potential widespread exploitation of CVE-2023-22515, a critical vulnerability in Atlassian Confluence.

• Security Week ☛ Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

  Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices. 

• Security Week ☛ WordPress Websites Hacked via Royal Elementor Plugin Zero-Day [Ed: Not a WordPress issue. An issue in something someone wrote for WordPress.]

  A critical vulnerability in the Royal Elementor WordPress plugin has been exploited as a zero-day since August 30.

• Krebs On Security ☛ Tech CEO Sentenced to 5 Years in IP Address Scheme

  Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan's sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Caribbean.

• Windows TCO

  • Sophos-Boise State collaboration takes aim at the growing cybersecurity skills gap [Ed: Windows TCO]

    Cybersecurity firm Sophos Group plc today announced a new partnership with Boise State University’s Insitute for Pervasive Security to provide Boise State University access to Sophos’ endpoint security offerings to create experiential learning opportunities for students and assist in addressing the worldwide cybersecurity skill gap.

  • Phishing attacks reach record highs

    In the third quarter of this year, phishing attacks soared by 173 percent compared with the previous three months, and malware was up 110 percent over the same period.

    Email security company Vade has released its quarterly Phishing and Malware Report which shows Q3 2023's malware volumes almost set a record for the highest total of any quarter, trailing only Q4 2016's mark of 126.8 million.

Update

More Windows TCO:

• NV: Personal information accessed in Clark County School District cybersecurity incident

  The Clark County School District announced that a recent cybersecurity incident allowed an “unauthorized party” to access personal information of some students, parents and employees.

• Security Problem Has Taken Down Computer Systems for Almost All Kansas Courts

  Judicial branch officials still don't know the extent of the problem or how long the computer systems will remain offline, spokesperson Lisa Taylor said Tuesday. The problem, discovered Thursday, meant the systems haven't been able to accept electronic filings, process payments, manage cases, grant public access to records, allow people to file electronically for protection-from-abuse orders and permit people to apply electronically for marriage licenses.