Security and Windows TCO
-
Security Week ☛ Thousands of LG TVs Possibly Exposed to Remote Hacking
Many LG TVs may be vulnerable to remote hacking due to a series of vulnerabilities found by Bitdefender researchers.
-
Latvia ☛ 'LG' TV owners in Latvia asked to check security updates
More than 3,000 'LG' TV sets in Latvia are potentially vulnerable, according to the Information Technology Security Incident Response Team "Cert".
-
Security Week ☛ AT&T Data Breach Update: 51 Million Customers Impacted
The recent AT&T data breach impacts 51 million customers, the company tells Maine's attorney general.
-
Tom's Hardware ☛ AMD motherboard partners start rolling out BIOS updates with LogoFAIL bugfix
AMD motherboard manufacturers have started releasing BIOS updates with the AGESA 1.2.0.b update, which protects against the LogoFAIL exploit that hijacks the UEFI boot image.
-
Security Week ☛ 530k Impacted by Data Breach at Wisconsin Healthcare Organization
The personal information of 500,000 people was compromised in a data breach at Group Health Cooperative of South Central Wisconsin.
-
[Repeat] SequoiaPGP ☛ Sequoia PGP gets a Bug Bounty Program
The Sequoia PGP project now has a bug bounty program! If you find a novel security-relevant issue in almost any of our libraries, applications, or specifications then you’ll be rewarded with up to €10,000.
-
OpenSSF (Linux Foundation) ☛ Join us for a TTX: Securing OSS & Empowering Maintainers
At SOSS Community Day NA on April 15, 2024 the OpenSSF Community will conduct a Tabletop Exercise (TTX). Periodically walking through various scenarios of a supply chain attack in a time of calm helps identify action items that are important to prepare in advance for when real attacks occur. A TTX is an important planning tool to help open source software (OSS) maintainers and consumers respond more efficiently and with less stress to vulnerabilities.
-
Scoop News Group ☛ Congress sounds alarm on lax dam cybersecurity
Amid concerns of growing cybersecurity risks, the federal office in charge of hydroelectric dam security only has four employees.
-
Krebs On Security ☛ Why CISA is Warning CISOs About a Breach at Sisense
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.
-
Windows TCO
-
Scoop News Group ☛ CISA emergency directive tells agencies to fix credentials after Microsoft breach
“Microsoft and CISA have notified all federal agencies whose email correspondence with Microsoft was identified as exfiltrated by Midnight Blizzard,” the directive reads, referring to Microsoft’s name for the hacking group. “In addition, Microsoft has represented to CISA that for the subset of affected agencies whose exfiltrated emails contain authentication secrets, such as credentials or passwords, Microsoft will provide metadata for such emails to those agencies.
“Midnight Blizzard’s successful compromise of Microsoft corporate email accounts and the exfiltration of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies,” it continues.
-
Tripwire ☛ DragonForce Ransomware - What You Need To Know
My recommendation would be to take any ransomware group seriously. If your organisation falls victim then the consequences could be very costly.
-
Bitdefender ☛ East Central University suffers BlackSuit ransomware attack
In an advisory posted on its website, ECU claims that the BlackSuit ransomware gang was unsuccessful in taking down the university's critical services but were "able to conduct a successful attack on a variety of campus computers."
-
Graham Cluley ☛ When a breach goes from 25 documents to 1.3 terabytes…
But now we know that Leicester City Council’s attackers didn’t limit themselves to 25 documents. The latest FAQ from the council reveals that a gobsmacking 1.3 terabytes of data was stolen during the data breach and published on the dark web.
-
CISA ☛ CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat
Midnight Blizzard is using information initially exfiltrated from Microsoft corporate email systems, including authentication details shared between Microsoft customers and Microsoft by email, to gain, or attempt to gain, additional access to certain Microsoft customer systems. Microsoft and CISA have notified all federal agencies whose email correspondence with Microsoft was identified as exfiltrated by Midnight Blizzard.
-
Security Week ☛ US Government on High Alert as Russian [Crackers] Steal Critical Correspondence From Microsoft
“Midnight Blizzard’s successful compromise of Microsoft corporate email accounts and the exfiltration of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies,” CISA said.
The agency warned that the Russian government-backed [crackers] are using information initially exfiltrated from the corporate email systems — including authentication details shared between Microsoft customers and Microsoft by email — to gain, or attempt to gain, additional access to Microsoft customer systems.
-
The Hill ☛ CISA confirms Russia-linked [crackers] tapped into correspondence between federal agencies, Microsoft
“For several years, the U.S. government has documented malicious cyber activity as a standard part of the Russian playbook; this latest compromise of Microsoft adds to their long list. We will continue efforts in collaboration with our federal government and private sector partners to protect and defend our systems from such threat activity,” CISA Director Jen Easterly said in a CISA press release.
-
Federal News Network ☛ CISA directs agencies to investigate if Russian [crackers] stole Microsoft account details
In an emergency directive publicly released today, CISA said multiple federal agencies had their email correspondence with Microsoft stolen by the Russian state-sponsored group “Midnight Blizzard.” CISA said the stolen emails pose a “grave” risk to the federal government.
The group gained access to sensitive agency information by compromising Microsoft’s corporate email accounts starting in January. The [crackers] are now trying to use the information in those stolen emails, which include authentication details, to gain additional access to Microsoft customer systems, CISA said.
-
The Record ☛ Universities in New Mexico, Oklahoma respond to ransomware attacks
Cybercriminals forced class cancellations, limited access to critical staff systems and exposed the sensitive information of thousands of students at a university in New Mexico, and a school in Oklahoma continued to assess damage caused by a ransomware gang.
New Mexico Highlands University (NMHU) said it was forced to cancel all classes through this weekend after initially reporting an incident on April 3. Cancellations began that day and affected the public university’s campuses in Albuquerque, Rio Rancho, Santa Fe and Farmington.
NMHU initially said its campus police switchboard and police poles — where students can report emergencies — were not functioning. The school had to provide alternative phone numbers for emergencies.
-
The Register UK ☛ SharePoint download logs don't paint a full security picture
SharePoint users should beware since audit logs on the platform have proved relatively simple to circumvent, meaning malicious actors could exfiltrate your data without tipping off your security team.
If you're hoping that Microsoft will act quickly to fix the matter, don't. According to bug hunters from Varonis Threat Labs, who reported the matter to Redmond in November, it's been deemed a moderate security issue and is waiting in the "patch backlog program" to be addressed at the Windows maker's convenience.
-