Security Leftovers

posted by Roy Schestowitz on Oct 24, 2023

• Hacker News ☛ DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan [Ed: Microsoft TCO, but the author then goes on to mention "Linux" 4 times as if it's a "Linux" issue]

  The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan.

• LWN ☛ Security updates for Tuesday

  Security updates have been issued by Debian (ceph and dbus), Fedora (cachelib, fb303, fbthrift, fizz, folly, matrix-synapse, mcrouter, mvfst, nats-server, nodejs18, proxygen, wangle, watchman, and wdt), Mageia (libcue), Oracle (18, grafana, kernel, nodejs, nodejs:16, nodejs:18, php, php:8.0, and tomcat), Red Hat (python27:2.7, python3, python39:3.9, python39-devel:3.9, toolbox, varnish, and varnish:6), SUSE (fwupdate, gcc13, icu73_2, netty, netty-tcnative, and xen), and Ubuntu (aom, ffmpeg, libvpx, libxpm, linux-aws, linux-gcp-5.4, php7.0, php7.2, ring, and sofia-sip).

• University of Tokyo PC Infected with Malware in July 2022; Possible Leak of Students’ Addresses, Grades

  A computer at the University of Tokyo had been infected with malware, possibly leaking up to 4,341 files containing addresses and grades of students from the academic years of 2003 to 2022, the university said Tuesday.

  The PC belonged to the Graduate School of Arts and Sciences, the College of Arts and Sciences, the University of Tokyo, Komaba

• Forbes ☛ In The Age Of AI-Enabled Attacks, Should Every School Have A CISO?

  On a broad scale, we can look to the examples of companies involved in the White House initiative, many of which are offering subsidized and free resources as well as training for schools. But we need more than this: Each school and school district has unique needs and should have a dedicated leader to manage its cybersecurity.

  As public awareness about cybersecurity continues to grow, and high-profile school data breaches appear in the news, parents are going to start demanding more proactivity and protection from schools. This is why, in our increasingly digital age, schools should have CISOs.

• Bleeping Computer ☛ Spain arrests 34 cybercriminals who stole data of 4 million people

  The Spanish National Police have dismantled a cybercriminal organization that carried out a variety of computer scams to steal and monetize the data of over four million people.

  Law enforcement in the country conducted 16 targeted searches in Madrid, Malaga, Huelva, Alicante, and Murcia and arrested 34 members of the crime group.

  The police raids led to the confiscating of firearms and hand weapons, four high-end cars, 80,000 euros in cash, and computers hosting a database with information on four million people.

• PA: Hopewell Area School District says network disruption was caused by ransomware attack

  The Hopewell Area School District was the target of a “sophisticated ransomware attack.”

  How it happened remains under investigation, but the key concern in any cyberattack is data

  In a statement, Superintendent Dr. Jeff Beltz said the district has been working with outside specialists to investigate the cause of the attack and restore systems.