Security and Windows TCO
-
Cyber Security News ☛ NVIDIA GPU Vulnerabilities Allow Attackers To Execute Remote Code on Windows & Linux [Ed: Proprietary software]
NVIDIA released a critical security update for its GPU Display Driver to fix vulnerabilities that could enable remote code execution, privilege escalation, and other serious risks on Windows and Linux systems. Users are strongly advised to update promptly.
-
Integrity/Availability/Authenticity
-
CBC ☛ Tens of thousands of taxpayer accounts hacked as CRA repeatedly paid out millions in bogus refunds
Imposters used the company's confidential credentials to get unauthorized access into hundreds of Canadians' personal CRA accounts, change direct deposit information, submit false returns and pocket more than $6 million in bogus refunds from the public purse, an investigation by CBC's The Fifth Estate and Radio-Canada has found.
-
SANS ☛ Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials
Phishing authors have long ago discovered that adding HTML attachments to the messages they send out can have significant benefits for them – especially since an HTML file can contain an entire credential-stealing web page and does not need to reach out to the internet for any other reason than to send the credentials a victim puts in a login form to an attacker-controlled server[1]. Since this approach can be significantly more effective than just pointing recipients to a URL somewhere on the internet, the technique of sending out entire credential-stealing pages as attachments has become quite commonplace.
-
Windows TCO
-
The Record ☛ Texas county says 47,000 had SSNs, medical treatment info leaked during May cyberattack
The county, located on the state’s northern border with Oklahoma, has a population of about 130,000, and officials did not respond to requests for comment about why there was a discrepancy between the people affected and the population size.
-
Security Week ☛ Russia Targeting Ukrainian Military Recruits With Android, Windows Malware, Google Says
Windows users were served the Pronsis Loader malware downloader, which launches a sophisticated infection chain leading to SunSpinner and the PureStealer information stealer.
Written in .NET, PureStealer was designed to exfiltrate browser data such as passwords and cookies, along with cryptocurrency wallets and data from other applications, including messaging and email clients.
-
YLE ☛ Hackers aggressively targeting Finnish websites
There have been an exceptional number of distributed denial of service (DDoS) attacks on Finnish websites this autumn, according to the Transport and Communications Agency (Traficom).
More than 50 DDoS attacks have come to the attention of Traficom's National Cyber Security Centre since August. More than 20 of such attacks were reported between March and July of this year, according to the security centre.
-
The Register UK ☛ Satya Nadella asked for 50% cut in his incentive payout
Microsoft's 2024 started badly when it was forced to admit in January that the email accounts of several of its more senior staff had been accessed, probably by Russian attackers. Then in April the Department for Homeland Security (DHS) released its report into the Chinese attack on Microsoft-hosted government accounts last year, including the inbox of US Commerce Secretary Gina Raimondo. Microsoft's president Brad Smith was hauled into Congress to apologize for that error.
-
Security Week ☛ More Details Shared on Windows Downgrade Attacks After Microsoft Rolls Out Mitigations
The attack is fully undetectable, as it is be performed in a legitimate way, invisible, as the system would show as being up-to-date, persistent, enabling the false installation of new, empty updates, and irreversible, as the integrity and repair utility SFC.exe could be modified to no longer detect corruptions.
The attack, referred to as Windows Downdate, allows an attacker to downgrade critical operating system components, including DLLs, drivers, and the kernel, to install rootkits and take full control over the machine.
-
Cyble Inc ☛ Strengthening Cybersecurity For Critical Infrastructure
In today’s world, it’s hard to miss the constant buzz about cyber threats, especially when they hit critical infrastructure and sectors like energy, healthcare, and transportation. These attacks are not just increasing in number; they’re becoming more sophisticated, making it crystal clear that we need to step up our defenses.
Take recent events, for example. In February, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and FBI teamed up with their partners to issue a serious warning. They alerted key infrastructure sectors about potential cyber threats, drawing attention to vulnerabilities that had already been exploited by cyber operations linked to the People’s Republic of China (PRC).
And it’s not just happening in the U.S. a cyberattack on a nuclear facility in the UK recently showed us how high the stakes can be when it comes to protecting our infrastructure. Yet, despite all the alarms and awareness, there’s still a huge gap in both legislation and international cooperation on cybersecurity.
-
Security Week ☛ Delta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled Flights
Delta Air Lines sued CrowdStrike on Friday, claiming the cybersecurity company had cut corners and caused a worldwide technology outage that led to thousands of canceled flight in July.
The airline is asking for compensation and punitive damages from the outage, which started with a faulty update sent to several million Microsoft computers. Delta said the outage crippled its operations for several days, costing more than $500 million in lost revenue and extra expenses.
-
Cyble Inc ☛ CrowdStrike Outage: A Lesson In Cybersecurity Resilience
The recent CrowdStrike outage —a major player in cybersecurity—serves as a critical wake-up call for organizations everywhere. Affecting over 8.5 million devices, this incident highlights the vulnerabilities that can impact even the most vigorous security frameworks. As businesses increasingly rely on technology to protect sensitive data, the need for proactive measures and resilient strategies has never been more apparent.
In an exclusive interview, Scott Caveza, a staff research engineer at Tenable, shares valuable insights into the lessons organizations can learn from the CrowdStrike outage and how they can enhance their cybersecurity preparedness to withstand future disruptions.
-
-