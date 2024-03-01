Security and Windows TCO
Security Week ☛ German Steelmaker Thyssenkrupp Confirms Ransomware Attack
German steelmaking conglomerate Thyssenkrupp confirms one of its automotive units was disrupted by a ransomware attack.
Security Week ☛ Discount Retail Giant Pepco Loses €15 Million to Cybercriminals
European discount retailer Pepco has lost €15.5 million as a result of what it described as a phishing attack.
SANS ☛ Scanning for Confluence CVE-2022-26134, (Fri, Mar 1st)
The DShield sensor started capturing this activity on the 12 February 2024 inbound from various IPs from various locations.
APNIC ☛ Crashing the party — vulnerabilities in RPKI RP software
Guest Post: Prefix hijacks are devastating to Internet stability and security.
Security Week ☛ Cisco Patches High-Severity Vulnerabilities in Data Center OS
Cisco’s semiannual FXOS and NX-OS security advisory bundle resolves two high- and two medium-severity vulnerabilities.
KSOC Adds Tools to Strengthen Kubernetes Security
KSOC made generally available a zero-trust policy generator to make it simpler to manage RBAC for Kubernetes clusters.
Ruben Schade ☛ When a professional got a passphrase wrong [Ed: perils of full disk encryption; you get locked out, even if one bit flips (physical issue)]
I’ve said here before that I think it’s important to share our mistakes, irrespective of how trivial they are, to remind everyone we’re all human. It’s also a way to vent at… myself, especially when I need a good talking to for doing something silly.
Today I spent an embarrassing amount of time trying to figure out why I couldn’t unlock a drive. I’ll leave the specific platform, OS, and software invoked out, but suffice to say I was pasting the passphrase correctly from my secured store, and the decryption software refused to accept it, claiming it was invalid.
Windows TCO
Security Week ☛ Iranian Hackers Target Aviation and Defense Sectors in Middle East
An Iranian threat actor tracked as UNC1549 is abusing Microsoft trap Azure infrastructure in attacks targeting organizations in the Middle East.
Security Week ☛ Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack
North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit.
Security Week ☛ Change Healthcare Confirms BlackCat Ransomware Attack
The Alphv/BlackCat ransomware gang says 6 terabytes of data were stolen from healthcare technology firm Change Healthcare.
