Windows Total Cost of Ownership (Data/System Breaches)
IT Wire ☛ DP World Australia breached through Citrix NetScaler flaw [Ed: Now it is confirmed. Windows TCO paralysis.]
Citrix patched the flaw in October.
The Shodan search engine shows that on 6 November, DP World was still running an unpatched version of NetScaler, with the last changes made being on 25 July.
The fact that DP World Australia was running a vulnerable version of the gateway was picked up by British security researcher Kevin Beaumont.
IT Wire ☛ Clare O'Neil appears to be inspired by ransomware gangs
Home Affairs Minister Clare O'Neil appears to have taken a leaf out of the book of ransomware outfits when advertising a new initiative by the government against this genre of malware.
Security Week ☛ MySQL Servers, Docker Hosts Infected With DDoS Malware
Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks.
SANS ☛ Redline Dropped Through MSIX Package, (Wed, Nov 15th)
The MSIX package file format has been in the light for a few weeks. The GHOSTPULSE malware has been identified to bypass many security controls delivered through an MSIX package. Like many operating systems, backdoored Windows can install applications by executing an executable (often called "setup.exe"), but packages are also available.
SANS ☛ Microsoft Patch Tuesday November 2023, (Tue, Nov 14th)
Today, Abusive Monopolist Microsoft released patches for 64 different vulnerabilities in Abusive Monopolist Microsoft products, 14 vulnerabilities in Chromium affecting Abusive Monopolist Microsoft Edge [...]
Security Boulevard ☛ Several xrdp Vulnerabilities Addressed in Ubuntu [Ed: RDP is Windows garbage, way to associate this with "Linux" or "Ubuntu" when things go wrong...]
xrdp is a free and open-source project that enables a graphical login to remote systems by utilizing the Microsoft Remote Desktop Protocol (RDP). The Ubuntu security team has released some important updates addressing xrdp vulnerabilities in different Ubuntu versions, including Ubuntu 22.04, Ubuntu 20.04, Ubuntu 18.04, Ubuntu 16.04, and Ubuntu 14.04.
Windows Central ☛ Switching from Windows 11 to Linux or Mac always gets attention, so why not when it's in reverse? [Ed: Microsoft sites using Microsoft-funded Reddit to push this mirage of Windows gaining users when it is in fact losing millions
Data Breaches ☛ Is a new ransomware group’s listing for Decatur Independent School District linked to an attack in September?
Decatur Independent School District in Texas was added to Inc Ransomware’s leak site on Wednesday. There is no summary or description of what the threat actors claim to have done or acquired. There is no countdown clock or timer, and there is no indication of how much money is being demanded.
[...]
At that time, the district had not received any ransom demands. Have they since? Is Inc Ransomware’s listing related to the report in early September or is it an unrelated incident?
The Register UK ☛ Ransomware more efficient than ever, and baddies are still after your logs
In 42 percent of incident response (IR) cases analyzed by Sophos, organizations didn't have the requisite telemetry logs needed to properly analyze an event.
The security company reckons that in 82 percent of these cases, cybercriminals were at fault after disabling or wiping telemetry and logging capabilities. The primary goals of attackers when wiping logs include evading detection, identification, and attribution, and maintaining access within a system.