Security: CISA, DDoS, Internet Archive, and Windows TCO

posted by Roy Schestowitz on Oct 11, 2024

• CISA

  • CISA ☛ 2024-10-08 [Older] Adobe Releases Security Updates for Multiple Products

  • CISA ☛ 2024-10-08 [Older] Microsoft Releases October 2024 Security Updates

  • CISA ☛ 2024-10-10 [Older] Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

  • CISA ☛ 2024-10-10 [Older] CISA Releases Twenty-One Industrial Control Systems Advisories

  • CISA ☛ 2024-10-10 [Older] Siemens SIMATIC S7-1500 and S7-1200 CPUs

  • CISA ☛ 2024-10-10 [Older] Siemens Simcenter Nastran

  • CISA ☛ 2024-10-10 [Older] Siemens Teamcenter Visualization and JT2Go

  • CISA ☛ 2024-10-10 [Older] Siemens SENTRON PAC3200 Devices

  • CISA ☛ 2024-10-10 [Older] Siemens Questa and ModelSim

  • CISA ☛ 2024-10-10 [Older] Siemens JT2Go

  • CISA ☛ 2024-10-10 [Older] Siemens HiMed Cockpit

  • CISA ☛ 2024-10-10 [Older] Siemens PSS SINCAL

  • CISA ☛ 2024-10-10 [Older] Siemens SIMATIC S7-1500 CPUs

  • CISA ☛ 2024-10-10 [Older] Siemens RUGGEDCOM APE1808

  • CISA ☛ 2024-10-10 [Older] Siemens Sentron Powercenter 1000

  • CISA ☛ 2024-10-10 [Older] Siemens Tecnomatix Plant Simulation

  • CISA ☛ 2024-10-10 [Older] Schneider Electric Zelio Soft 2

  • CISA ☛ 2024-10-10 [Older] Rockwell Automation DataMosaix Private Cloud

  • CISA ☛ 2024-10-10 [Older] Rockwell Automation DataMosaix Private Cloud

  • CISA ☛ 2024-10-10 [Older] Rockwell Automation Verve Asset Manager

  • CISA ☛ 2024-10-10 [Older] Rockwell Automation Logix Controllers

  • CISA ☛ 2024-10-10 [Older] Rockwell Automation PowerFlex 6000T

  • CISA ☛ 2024-10-10 [Older] Rockwell Automation ControlLogix

  • CISA ☛ 2024-10-10 [Older] Delta Electronics CNCSoft-G2

  • CISA ☛ 2024-10-09 [Older] CISA Adds Three Known Exploited Vulnerabilities to Catalog

  • CISA ☛ 2024-10-08 [Older] Avoid Scams After Disaster Strikes

  • CISA ☛ 2024-10-08 [Older] CISA Adds Three Known Exploited Vulnerabilities to Catalog

  • CISA ☛ 2024-10-08 [Older] CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations

  • CISA ☛ 2024-10-03 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

• Integrity/Availability/Authenticity

  • Bleeping Computer ☛ Internet Archive hacked, data breach impacts 31 million users

    Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.

    News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached.

  • Silicon Angle ☛ Internet Archive experiences outages after DDoS attacks, data breach

    Internet Archive users learned that it was breached on Wednesday, when a hacker compromised the nonprofit’s website and displayed a message announcing a cyberattack had taken place. The message was followed by a DDoS attack a few hours later. A second DDoS attack took place this morning.

  • The Record ☛ DDoS attacks on Internet Archive continue after data breach impacting 31 million

    Brewster Kahle, founder of the Internet Archive, said that after it fended off the disruptive junk web traffic from the DDoS attack, the website was defaced. Hackers also stole the usernames, emails and encrypted passwords of all registered users.

    The Internet Archive disabled the source of the breach, scrubbed systems and upgraded security, according to Kahle. But on Thursday morning the DDoS attacks had returned and knocked both the Internet Archive site and OpenLibrary platform offline, he said.

  • RTL ☛ Pro-Palestinian 'hacktivists': Internet Archive reels from 'catastrophic' cyberattack, data breach

    Brewster Kahle, the Internet Archive's founder and digital librarian, acknowledged a series of distributed denial-of-service (DDoS) attacks -- aimed at disrupting a website or server -- since Tuesday and said the organization was working to upgrade security.

  • PC World ☛ Internet Archive hacked, 31 million accounts have info leaked

    In addition to suffering a distributed denial of service (DDoS) attack, the site has lost a database with information on over 30 million users.

  • Wired ☛ Internet Archive Breach Exposes 31 Million Users

    The Internet Archive has faced aggressive DDoS attacks numerous times in the past, including in late May. As Kahle wrote on Wednesday: “Yesterday's DDoS attack on @internetarchive repeated today. We are working to bring http://archive.org back online.” The hacktivist group known as BlackMeta claimed responsibility for this week's DDoS attacks and said it plans to carry out more against the Internet Archive. Still, the perpetrator of the data breach is not yet known.

  • The Hill ☛ Internet Archive data breach exposes more than 31 million user accounts: reports

    “Services are currently stopped to upgrade internal systems,” Kahle wrote in a Thursday update. “We are working to restore services as quickly and safely as possible. Sorry for this disruption.”

  • NDTV ☛ Internet Archive Hit By "Catastrophic" Attack, 31 Million Passwords Stolen

    The attack, which surfaced on October 9, revealed the details of millions of users after a JavaScript (JS) library on the Internet Archive's website was exploited. A pop-up message on the site alerted visitors, stating: "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"

• Windows TCO

  • The Register UK ☛ Healthcare attacks spread beyond US, just ask Star Health

    At the time, a hacker who goes by "xenZen" was allegedly using two Telegram chatbots to leak the data. One chatbot offered PDFs of claim documents, another allowed users to request up to 20 samples of over 31 million records containing sensitive information like body mass index. The perp also claimed to have the images of Star Health customers' national identity card.

    Star Health this week told The Register that it acknowledges "unauthorized and illegal access to certain data" but added "operations remain unaffected."

  • Scoop News Group ☛ 14,000 medical devices are online, unsecured and vulnerable

    The health care ecosystem has been under almost constant assault in recent years as cybercriminals take advantage of a system decimated by the COVID-19 pandemic. Combating ransomware attacks against hospitals has become a major national security priority for the Biden administration as the potential impacts can be dire. A recent extortion of Change Healthcare crippled the payment processing company and tens of thousands of pharmacies, highlighting the potential disruptions at risk.

  • The Record ☛ New law in Australia will require mandatory reporting of ransomware payments

    These incidents were followed by an updated national cybersecurity strategy published last November. The strategy was costed at AU$587 million ($382 million) over the next seven years with the intention of preventing AU$3 billion ($1.9 billion) in annual damages caused by ransomware attacks on the Australian economy.

    The new Cyber Security Bill 2024 aims to implement seven initiatives set out in that strategy, according to the Australian government, some of which will see the country’s legislation aligned with what is considered best practice elsewhere in the world, while other provisions are the first of their kind.