Security Leftovers
-
Silicon Angle ☛ VulnCheck new KEV catalog outpaces CISA with advance vulnerability alerts
Cyberthreat intelligence provider VulnCheck Inc. today announced the launch of the VulnCheck KEV catalog, a new free offering available as part of the its community.
-
Security Week ☛ 67,000 U-Haul Customers Impacted by Data Breach
U-Haul says customer information was compromised in a data breach involving a reservation tracking system.
-
Security Week ☛ Energy Department Invests $45 Million in 16 Projects to Improve Cybersecurity [Ed: It is cheaper to delete Windows and that even results in savings]
The US government makes a $45 million investment in 16 projects to improve cybersecurity across the energy sector.
-
Security Week ☛ Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws
The Black Basta and Bl00dy ransomware gangs have started exploiting two vulnerabilities in ConnectWise ScreenConnect.
-
Federal News Network ☛ GSA’s SOC formalizing framework to distribute incident response authorities
While some incidents need to be elevated to the CISO, allowing SOC analysts to take actions during lower-level incidents can prevent them from escalating.
-
Security Week ☛ US Gov Says Software Measurability is ‘Hardest Problem to Solve’
White House calls for the “timely, complete, and consistent” publication of CVE and CWE data to help solve the security metrics problem.
-
XSAs released on 2024-02-27
The Xen Project has released one or more Xen security advisories (XSAs).
-
Linux.org ☛ Working With Ubuntu Pro [Ed: Canonical has adopted the Microsoft business model of selling security as a separate product]
With the standard LTS version of Ubuntu, you may see that there are extra updates available when you perform an update. To get these extra patches, you need Ubuntu Pro.
-
Abyss Locker Ransomware Attacks Microsoft Windows and Linux Users [Ed: This is a VMware issue, not a "Linux" issue]
The Abyss Locker ransomware poses a significant threat to Windows and Linux users, particularly those utilizing VMware ESXi systems.
-
CISA ☛ CISA Alert CodeAA23-353A: ALPHV BlackCat [Ed: Mostly Windows TCO and VMware]
In February 2023, ALPHV Blackcat administrators announced the ALPHV Blackcat Ransomware 2.0 Sphynx update, which was rewritten to provide additional features to affiliates, such as better defense evasion and additional tooling. This ALPHV Blackcat update has the capability to encrypt both Windows and Linux devices, and VMWare instances. ALPHV Blackcat affiliates have extensive networks and experience with ransomware and data extortion operations.
-
The Record ☛ Pharmaceutical giant Cencora reports cyberattack [Ed: Breach, not "cyberattack"; conflating the two things is indicative of Windows]
Global pharmaceutical corporation Cencora reported on Tuesday that it recently discovered that intruders had stolen data from its networks.
The Fortune 500 company said in a regulatory filing that data from IT systems “had been exfiltrated” in an incident that came to light on February 21.