Security Leftovers
-
SANS ☛ How an AppleTV may take down your (IPv6) network, (Mon, Oct 23rd)
I recently ran into an odd issue with IPv6 connectivity in my home network. During a lengthy outage, I decided to redo some of my network configurations. As part of this change, I also reorganized my IPv6 setup, relying more on DHCPv6 and less on router advertisements to configure IPv6 addresses. Overall, this worked well.
-
CubicleNate ☛ openSUSE Tumbleweed Endures 18 Month Update Gap
I am continually impressed by the tolerance that openSUSE Tumbleweed has to delays between updates. The recommendation is weekly, maybe bi-weekly to keep your system up to day. It is NOT a good idea to go much more than a month but I have been sloppy from time to time.
-
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (krb5, redis, roundcube, ruby-rack, ruby-rmagick, zabbix, and zookeeper), Fedora (ansible-core, chromium, libvpx, mingw-xerces-c, python-asgiref, python-django, and vim), Mageia (cadence, kernel, kernel-linus, libxml2, nodejs, and shadow-utils), Oracle (nghttp2), Slackware (LibRaw), and SUSE (chromium, java-11-openjdk, nodejs18, python-Django, python-urllib3, and suse-module-tools).
-
CISA ☛ Phishing Guidance: Stopping the Attack Cycle at Phase One
This guide was created by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) to outline phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. Phishing Guidance: Stopping the Attack Cycle at Phase One contains guidance for network defenders, applicable to all organizations, and for software manufacturers that focuses on secure-by-design and -default tactics and techniques. Additionally, the guide contains a section tailored for small and medium-sized businesses to aid in protecting their cyber resources from evolving phishing threats.
-
Data Breaches ☛ Ie: “Thousands of drivers have sensitive data exposed to hackers in major IT breach”
While the headline and article talk about “exposed to hackers” or “left to the mercy of hackers,” there was nothing presented in the reporting to indicate that the data were ever accessed by hackers. This was not a confirmed hack — it was an unintended exposure that was discovered by a whitehat researcher, Jeremiah Fowler, who engaged in responsible disclosure.
Could the data have been accessed by ne’er-do-wells? Yes, but was it?
-
Data Breaches ☛ Cisco IOS XE threat actors hide their tracks, find other zero-days
Over the past three days—since our last newsletter edition—the situation around the latest zero-day attacks targeting Cisco IOS XE devices has drastically changed, and we feel the need to cover it in our featured section and provide a short summary of what has been going on.
-
Cyber attack causing service interruptions at local hospitals
An update on service interruptions at local hospitals.
On Monday, it was reported that Windsor Regional Hospital, Hotel Dieu Grace, Erie Shores Healthcare, Hospice of Windsor-Essex and the Chatham-Kent Health Alliance were experiencing service interruptions, such as email service being down.
An update provided on Monday evening by the hospitals affected states that a shared service provider used by all hospitals is experiencing a cyber attack.
Due to this cyber attack, patients who have care scheduled in the next few days will be contacted directly, if possible, to reschedule or provide alternate arrangements.
-
University of Michigan ☛ August 2023 Data Incident | U-M Public Affairs
This notice is to inform you about an incident that involved unauthorized access to personal information maintained by the University of Michigan.