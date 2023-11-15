Security and Windows TCO
The Register UK ☛ Passive SSH server private key compromise is real ... for some vulnerable gear
It's important to state here that the software libraries OpenSSL and LibreSSL, and thus OpenSSH, are not known to be vulnerable to the aforementioned key deduction method. That means, in our view, the vast majority of devices, servers, and other equipment on the internet are not at risk, and what you're left with is some Internet-of-Things and similar embedded gear susceptible to attack. It also only affects RSA keys.
Windows TCO
The Register UK ☛ Russian national pleads guilty to building now-dismantled IPStorm proxy botnet
Technically speaking, IPStorm is Windows malware that infects PCs and then sits on top of IPFS, and uses that network to receive and run arbitrary PowerShell code from its operator. Thus the compromised machines could be instructed to potentially perform all kinds of malicious things.
[Repeat] Data Breaches ☛ LockBit ransomware group assemble strike team to breach banks, law firms and governments.
Recently, I’ve been tracking LockBit ransomware group as they’ve been breaching large enterprises: [...]
Kevin Beaumont ☛ LockBit ransomware group assemble strike team to breach banks, law firms and governments.
I am tracking over 10 victims currently being extorted, and lots more in initial stages. As a sample, these include: [...]
Federal News Network ☛ The key to ‘fighting through the fog of war’ in cyberattacks
But an important question to consider is: How do we fight through the successful cyberattacks that happen and keep our businesses up and functioning? This ties into a strategy known in cybersecurity circles as “cyber resilience.” Cyber resilience is distinctly different from traditional network and endpoint security solutions that are focused on preventing attacks, and instead is aimed at helping organizations reconstitute their business operations — and most importantly, their data — while at the same time working to get attackers out of their environment and repair the damage they’ve caused.
Silicon Angle ☛ FBI dismantles IPStorm proxy botnet, arrests operator in Puerto Rico
The accused botnet operator, Sergei Makinin, was arrested on Sept. 18 in Puerto Rico and has since pled guilty to three counts of violating 18 U.S.C. § 1030(a)(5)(A) — knowingly causing the transmission of a program that intentionally caused damage without authorization to protected computers.
Krebs On Security ☛ Microsoft Patch Tuesday, November 2023 Edition
Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three “zero day” vulnerabilities that Microsoft warns are already being exploited in active attacks.
