Security Leftovers
-
SANS ☛ Apple Patches Everything. Releases iOS 17.1, MacOS 14.1 and updates for older versions fixing exploited vulnerability, (Wed, Oct 25th)
Apple released iOS, iPadOS, macOS, tvOS, and Safari updates today. The iOS/macOS updates go back two "generations". This is particularly important for iOS 15, which now receives a patch for CVE-2023-32434, a vulnerability already exploited against earlier versions of iOS. This is also the only issue addressed for these earlier iOS versions.
-
Bruce Schneier ☛ New NSA Information from (and About) Snowden
Interesting article about the Snowden documents, including comments from former Guardian editor Ewen MacAskill
As far as he knows, a copy of the documents is still locked in the New York Times office. Although the files are in the New York Times office, The Guardian retains responsibility for them. As to why the New York Times has not published them in a decade, MacAskill maintains “this is a complicated issue.” “There is, at the very least, a case to be made for keeping them for future generations of historians,” he said...MacAskill, who shared the Pulitzer Prize for Public Service with Glenn Greenwald and Laura Poitras for their journalistic work on the Snowden files, retired from The Guardian in 2018. He told Computer Weekly that:
-
Donation fraud: Scammers Exploit Generosity in Gaza Conflict
Cybercriminals always seek to cash in on current affairs to lend credibility to their attacks, and the conflict in Gaza is no exception. Netcraft has detected over $1.6M in cryptocurrency being transferred to accounts associated with this fraud.
In donation fraud, cybercriminals trick users into donating to what appears to be a legitimate cause using numerous tactics. This includes referencing current events, encouraging readers to act urgently, and by using emotive language (or situations). The criminal’s goal is to pressure the victim into acting impulsively and sending funds without due diligence.
-
LWN ☛ Security updates for Thursday [LWN.net]
"Security updates have been issued by Debian (firefox-esr and xorg-server), Fedora (firefox, mbedtls, nodejs18, nodejs20, and xen), Gentoo (libinput, unifi, and USBView), Mageia (python-nltk), Oracle (linux-firmware), Red Hat (nginx:1.22), SUSE (chromium, firefox, java-11-openjdk, jetty-minimal, nghttp2, nodejs18, webkit2gtk3, and zlib), and Ubuntu (linux, linux-lowlatency, linux-oracle-5.15, vim, and xorg-server, xwayland).
-
'Cyber attack' hits Reeds Spring schools. Data breach includes Social Security numbers
The Reeds Spring school district has notified employees and families that it was the “victim of a sophisticated cyber attack” that involved the unauthorized access — and acquisition — of district and personal data.
They were told that names, dates of birth, Social Security numbers, health insurance information and even class lists may have been obtained.
-
Bleeping Computer ☛ France says Russian state hackers breached numerous critical networks [Ed: Microsoft Windows TCO]
The Russian APT28 hacking group (aka ‘Strontium’ or ‘Fancy Bear’) has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021.
The threat group, which is considered part of Russia’s military intelligence service GRU, was recently linked to the exploitation of CVE-2023-38831, a remote code execution vulnerability in WinRAR, and CVE-2023-23397, a zero-day privilege elevation flaw in Microsoft Outlook.
-
Government Technology ☛ Detroit-Area District Cancels Classes Due to Cyber Incident
John Tafelski, assistant superintendent for curriculum and instruction, sent a letter to members of the school community on Sunday stating that the school district recently discovered a cybersecurity incident that affected some of its systems.
-
Data Breaches ☛ Exclusive: Clark County School District student data begins to leak; CCSD doesn’t comment
Parents of CCSD children do have reason to be concerned about the leak of student data. DataBreaches found that some of the data was released this week on a file-sharing site. The post has since been removed, but the leak was described as representing about 1% of the total files obtained. Filenames with links where they could be downloaded were listed. Some of the files had notations including the size of the file.