Windows TCO and Security Leftovers

posted by Roy Schestowitz on Jan 04, 2025

• Federal News Network ☛ What will 2025 bring for CISA?

  There's a lot swirling around CISA heading into the Trump administration. We breakdown the outlook for the cyber agency in 2025.

• CISA ☛ 2024-12-23 [Older] CISA Adds One Known Exploited Vulnerability to Catalog [Ed: "Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials."]

• Windows TCO / Windows Bot Nets

  • Tom's Hardware ☛ Significant U.S. Treasury cybersecurity breach is the latest in string of China hack attacks claims U.S. officials

    The attacks appear to have targeted influential individuals, aiming to gather information that could serve the interests of the Chinese government.

  • The Hill ☛ US imposes sanctions on Chinese cyber group Integrity Tech

    The operation, dubbed “Flax Typhoon,” is one of multiple alleged [intrusion] efforts by Chinese-affiliated cyber actors to infiltrate U.S. data and infrastructure in recent months.

    The Justice Department in September announced a court-authorized operation to disrupt the botnet, which was controlled and managed by Integrity Technology since 2021 to conceal the identities and activities of Flax Typhoon [attackers].

  • Scoop News Group ☛ U.S. sanctions take aim at Chinese company said to aid [attackers'] massive botnet

    Flax Typhoon [attackers] made use of infrastructure at Integrity Technology Group to exploit victims, according to the Treasury Department’s Office of Foreign Assets Control. The firm builds cyber ranges to test cybersecurity tools and defenses and is reportedly one of the leading companies to do so in China.

  • New York Times ☛ U.S. Hits Chinese Cybersecurity Company With Sanctions After Breach

    In an announcement, the department said the company, Integrity Technology Group, had supported a Chinese state-sponsored [attack] group known as Flax Typhoon in a campaign to break into foreign networks between the summer of 2022 and 2023, saying it found the group had “routinely sent and received information from Integrity Tech infrastructure.”

  • Security Week ☛ New York Hospital Says Ransomware Attack Data Breach Impacts 670,000

    The healthcare facility, which serves residents in Staten Island, New York, suffered significant disruptions in May 2023 after being targeted in a ransomware attack. It took the organization several weeks to restore impacted services.

    An initial forensic investigation showed that the hospital’s electronic health record systems were not compromised, but it was later determined that other files may have been accessed or exfiltrated from Richmond University Medical Center’s network in early May.

  • The Register UK ☛ Accenture wins £35M more UK tax work without competition

    The contract is for business application support and maintenance services for HMRC's National Insurance and PAYE System (NPS), which is part of the UK's critical national infrastructure, collecting 40 percent of revenues into HM Treasury with nearly 40,000 users in HMRC and the Department of Work and Pensions.

  • Security Week ☛ Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability

    The issue, tracked as CVE-2024-49113 (CVSS score of 7.5), was patched on December 10 along with a critical remote code execution (RCE) flaw in LDAP (CVE-2024-49112, CVSS score of 9.8).