More Security Leftovers and Microsoft Problems
-
LWN ☛ Security updates for Thursday
Security updates have been issued by Debian (chromium and openvpn), Oracle (kernel, microcode_ctl, plexus-archiver, and python), Red Hat (.NET 6.0, dotnet6.0, dotnet7.0, dotnet8.0, kernel, linux-firmware, and open-vm-tools), SUSE (apache2, chromium, jhead, postgresql12, postgresql13, and qemu), and Ubuntu (dotnet6, dotnet7, dotnet8, frr, python-pip, quagga, and tidy-html5).
-
FBI Shuts Down 'IPStorm' Malware That Targeted Windows, Mac, Linux
Makinin now faces up to 30 years in prison. In the meantime, the FBI says it was able to dismantle IPStorm without tampering with the computers infected with the malware.
-
Data Breaches ☛ CISA Advisory: Scattered Spider [Ed: Windows TCO]
Scattered Spider is a cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their usual TTPs.
-
CMS Notifies Additional Individuals Potentially Impacted by MOVEit Data Breach [Ed: Windows TCO]
As part of an ongoing investigation into the May 2023 data breach of Progress Software’s MOVEit Transfer software on the corporate network of Maximus Federal Services, Inc. (Maximus Federal Services), a contractor to the Medicare program, the Center for Medicare & Medicaid Services (CMS) has learned of additional individuals whose personally identifiable information (PII) may have been compromised among files maintained by Maximus Federal Services. As a result, this week, CMS and Maximus Federal Services are sending letters to 330,000 current people with Medicare who may have been impacted, notifying them of the breach and explaining actions being taken in response.
-
The Register UK ☛ How much to clean up a [Windows] ransomware infection? For Rackspace, about $11M [Ed: Windows TCO]
Rackspace's costs from last year's ransomware infection continue to mount. The cloud hosting biz has told America's financial watchdog, the SEC, its total expenses to date regarding that cyberattack have now reached about $11 million, though insurance has helped cover half of that.
The extortionware raid on the IT provider, initially described as a "security incident," hit Rackspace's hosted Microsoft Exchange on December 2, 2022, shutting down email services to thousands of customers, most of whom were small and mid-sized businesses.
-
Data Breaches ☛ We seldom see breach reports from Nebraska, so here are two.
When DataBreaches compiles statistics on health data breaches for Protenus’s annual Breach Barometer, Nebraska generally has fewer than 10 breaches per year. Seeing two reports in one brief period is a bit unusual.
This week, DataBreaches found that West Central District Health Department (WCDHD) had disclosed some kind of hacking incident that occurred between May 18 and May 23 of this year. The unauthorized actor was able to access financial account numbers, Social Security Numbers, and driver’s license or state identification numbers along with patient names. Knop News reported the incident, and WCDHD has a substitute notice linked from its home page.