Security Leftovers and Windows Incidents
-
Security Week ☛ Vulnerabilities in Surveillance Giant Google Kubernetes Engine Could Allow Cluster Takeover
Two flaws in Google Kubernetes Engine could be exploited to escalate privileges and take over the Kubernetes cluster.
-
Security Week ☛ Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070.
-
Krebs On Security ☛ Happy 14th Birthday, KrebsOnSecurity!
KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.
-
Security Week ☛ Cyberattack Targets Albanian Parliament’s Data System, Halting Its Work
A statement said Monday’s cyberattack had not “touched the data of the system,” adding that experts were working to discover what consequences the attack could have. It said the system’s services would resume at a later time.
-
Security Week ☛ In Other News: Ubisoft Hack, NASA Security Guidance, Fentanylware (TikTok) Requests iPhone Passcode
Noteworthy stories that might have slipped under the radar: Ubisoft investigating alleged hack, NASA releases security guidance, Fentanylware (TikTok) scares iPhone users.
-
Security Week ☛ Operations, Trading of Eagers Automotive Disrupted by Cyberattack
Eagers Automotive, a vehicle dealer in Australia and New Zealand, has halted trading after being targeted in a cyberattack.
-
Security Week ☛ Europe’s Largest Parking App Provider Informs Customers of Data Breach
EasyPark says hackers stole European customer information, including partial IBAN or payment card numbers.
-
Federal News Network ☛ Thousands of vendors fail to comply with ban on Chinese telecommunications equipment
In today's Federal Newscast: Some 6,000 vendors fail to comply with the ban on Chinese telecommunications equipment. A tiny agency has cleared it's backlog of incident reports in time for 2024. And the Marines Corps is looking for a new chief information security officer.
-
Federal News Network ☛ NGA, DHS S&T’s unique approaches to zero trust, cybersecurity
The Energy Department created standard training courses to ensure employees have a baseline understanding of zero trust requirements, while the CFBP is focused on software development, including open source software.
-
Bert Hubert ☛ EU CRA: The compiler does not read the comments, but judges do read the Recitals
A bit of an “emergency blog post”. The final compromise text of the EU Cyber Resilience Act is now available, and various open source voices are now opining on it. This is a complex act and other parts of the open source world (like the Eclipse Foundation and NLNetLabs) have been hard at work to advocate with the EU and member states to get a CRA that is good for open source.
-
Security Week ☛ Pentagon Wants Feedback on Revised Cybersecurity Maturity Model Certification Program
DoD is requesting public opinion on proposed changes to the Cybersecurity Maturity Model Certification program rules.
-
Windows TCO
-
Eesti Rahvusringhääling ☛ Rainer Ratnik: Estonia must become an unattractive target for cyber criminals
So far, the national strategy has been a case of "let's see what happens," while there is now a chance of this morphing into "someone needs to take the blame" in light of recent news. What is needed is something else. We need to support companies and organizations and exercise stronger balanced supervision.
-
Cyble Inc ☛ BlackBasta Ransomware Targets American Alarm, Claims Breach of Sensitive Corporate Data
The infamous BlackBasta ransomware group has claimed a cyberattack on American Alarm and Communications, a prominent provider of security and communication solutions.
According to the group, they have executed a successful cyberattack on the company, breaching its systems and gaining access to critical information including accounting, financial, and human resources records. However, the alleged data breach remains unconfirmed.
-
Silicon Angle ☛ Microsoft disables vulnerable backdoored Windows component following malware campaigns
Microsoft Corp. has disabled a backdoored Windows feature that helps users download new applications after finding that hackers were using it to spread malware. The company announced the move on Thursday. The backdoored Windows feature in question, which is known as the ms-appinstaller protocol handler, was previously disabled by Abusive Monopolist Microsoft early last year for similar reasons.
-