Security and Windows TCO
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by Debian (activemq, strongswan, and wordpress), Mageia (u-boot), SUSE (avahi, frr, libreoffice, nghttp2, openssl, openssl1, postgresql, postgresql15, postgresql16, python-Twisted, ucode-intel, and xen), and Ubuntu (avahi, hibagent, nodejs, strongswan, tang, and webkit2gtk).
-
Decade-long data leak raises serious concerns with NTT group
A prolonged, systemic failure in data security management resulted in a 10-year leak of personal information in about 9 million cases stored at a subsidiary of Nippon Telegraph and Telephone West Corp. (NTT West).
The leak reflects a significant lapse in the company’s protective measures and a stark oversight in regular security audits and monitoring.
Rather than merely a mishap of one subsidiary, the data breach has raised serious questions about the responsibility and credibility of NTT West and the entire NTT group, Japan’s leading telecom conglomerate.
-
Windows TCO
-
Security Week ☛ K-12 Schools Improve Protection Against Online Attacks, but Many Are Vulnerable to Ransomware Gangs
Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations.
-
BBC ☛ British Library: Employee data leaked in cyber attack
The British Library has confirmed that a cyber attack in October has led to a leak of employee data.
The attack, which took place on 31 October, has also resulted in the library's website being down for almost a month.
The Rhysida ransomware group claim to be behind the attack, and say they will auction off the stolen data.
The cyber gang say the price for data, that includes passport scans, has been set at 20 Bitcoin (£596,459).
-
CISA ☛ #StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) are releasing this joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with LockBit 3.0 ransomware exploiting CVE-2023-4966, labeled Citrix Bleed, affecting Citrix NetScaler web application delivery control (ADC) and NetScaler Gateway appliances.
-
Has private financial information been exposed in the cyberattack on CCSD?
Has private financial information been exposed in the cyberattack on the Clark County School District? That is the big question teachers and parents still want an answer to. Some report since hackers breached CCSD network, there have been attempts to withdraw money from their accounts and some say they have had money taken. Can these activities be tied to the cyberattack on CCSD? FOX5 took that question to CCSD.
-