Windows TCO and Other Microsoft Blunders
-
Security Week ☛ PHP Patches Critical Remote Code Execution Vulnerability
“Windows may use ‘Best-Fit’ behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run,” a NIST advisory reads.
The vulnerability, Devcore warns, impacts all versions of PHP installed on Windows systems, including versions 8.0, 7, and 5, which are discontinued.
-
The Record ☛ Cyber incident forces Cleveland to shut down city hall
In a statement to Recorded Future News, a city spokesperson would not say what systems were shut down due to the incident but confirmed that police, fire and emergency medical services are still functioning, as is the 911 dispatch center. Systems controlling the local ports and public utilities are also not affected.
-
The Verge ☛ Frontier hackers threaten to release 750,000 customers' private data
Frontier Communications has revealed that information for over 750,000 customers — including full names and Social Security numbers — was exposed in a data breach following a cyberattack on April 14th. Hackers claim to have even more and will release it unless Frontier pays a ransom.
-
Security Week ☛ Christie's Says Ransomware Attack Impacts 45,000 People
Impacted individuals are being notified. The notification letter sample submitted by Christie’s to the Maine AG does not specify what type of data was compromised besides names, driver’s license numbers, and non-driver identification card numbers.
Impacted individuals are being offered identity theft and fraud monitoring services for 12 months, which suggests sensitive personal information was stolen by the hackers.
The RansomHub ransomware group has taken credit for the attack, claiming to have stolen information such as name, birth date, address, and data from identification documents.
-
The Register UK ☛ 750k people’s data stolen in Frontier Communications attack
Cybercriminals at RansomHub thisa week took responsibility for the attack, making the inflated claims that the gang actually stole data belonging to more than 2 million people – yet more evidence that the claims of crims shouldn't ever be fully trusted.
It also alleged home addresses, dates of birth, credit scores, and phone numbers are included in the data theft. It tried to back this up with a screenshot depicting what it says is the data trove, appearing to contain the additional data types not disclosed to the Maine AG.
-
The Record ☛ Frontier says 750,000 Social Security numbers accessed during April cyberattack
The ransomware operation — RansomHub — was spotlighted by researchers on Wednesday as a likely rebranded version of the older Knight ransomware.
Experts at Symantec said the operators behind the Knight ransomware tried to sell the source code of the malware on the dark web in February before it was used as part of the new ransomware-as-a-service operation.
-
Cyble Inc ☛ Akira Ransomware Group Claims Attack On Panasonic Australia
The Akira ransomware group has previously targeted [sic] several high-profile organizations while netting millions in ransom payments from affected victims.