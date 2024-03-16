Security and Windows TCO
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (composer and node-xml2js), Fedora (baresip), Mageia (fonttools, libgit2, mplayer, open-vm-tools, and packages), Red Hat (dnsmasq, gimp:2.8, and kernel-rt), and SUSE (389-ds, gdb, kernel, python-Django, python3, python36-pip, spectre-meltdown-checker, sudo, and thunderbird).
SANS ☛ Increase in the number of phishing messages pointing to IPFS and to R2 buckets, (Thu, Mar 14th)
SANS ☛ 5Ghoul Revisited: Three Months Later, (Fri, Mar 15th)
About three months ago, I wrote about the implications and impacts of 5Ghoul in a previous diary. The 5Ghoul family of vulnerabilities could cause User Equipment (UEs) to be continuously exploited (e.g. dropping/freezing connections, which would require manual rebooting or downgrading a 5G connection to 4G) once they are connected to the malicious 5Ghoul gNodeB (gNB, or known as the base station in traditional cellular networks).
Peter 'CzP' Czanik ☛ The syslog-ng Insider 2024-03: MacOS; OpenTelemetry;
The March syslog-ng newsletter is now on-line: [...]
What’s New With Cilium and What’s Next?
There's great potential for Cilium, the eBPF-based technology unlocking a new era of kernel-centric network engineering.
Chainguard Allies With Docker, Inc. to Secure Container Images
Chainguard is making its hardened container images available on Docker Hub via the Docker Verified Publisher (DVP) program.
Windows TCO
Scoop News Group ☛ Tech issues are part of the problem — and solution — for FOIA backlog, GAO finds
A host of tech-related problems, including with FOIA request management systems and other processing tools, came up regularly during the January 2023 to March 2024 performance audit by the GAO, which conducted four virtual focus groups with senior officials representing 23 Chief Financial Officers Act agencies.
The Times-Tribue, Scranton, PA ☛ Scranton School District computers [breached], infected with ransomware
Scranton School District computer system was recently [breached] and infected with ransomware, according to Acting Superintendent Patrick Laffey.
The Record ☛ Pennsylvania’s Scranton School District dealing with ransomware attack
Last year, Emsisoft tracked at least 108 ransomware attacks on K-12 school districts.
The Register UK ☛ McDonald's ordering system hit with McFlurry of IT troubles
Visitors to the Golden Arches in the Far East were turned away due to what the chain described as a "computer system failure" on its Hong Kong website.
But it soon became clear that this was a global outage, with restaurants across China, Japan, Australia, New Zealand, Germany, Austria, Sweden, and the UK all rendered unable to process orders.
Deutsche Welle ☛ McDonald's software glitch halts orders in several countries
Disruptions to service were reported in Japan, South Korea, Hong Kong, Australia, New Zealand, and later in the UK. McDonald's told DW that there were also "occasional" technical issues at German branches.
McDonald's Japan first reported a "system failure" and apologized to customers for any inconvenience. A few hours later, it said that many restaurants had temporarily shut.
CBC ☛ McDonald's hit by tech outage in several countries around the world
It was not immediately clear how many restaurants were impacted globally by the technology outage. McDonald's did not respond to a request for comment.
The outage seemed to have affected customers in Hong Kong and New Zealand as well, with people taking to social media to complain about disruptions at restaurants.
Cyble Inc ☛ Encina Wastewater Authority Cyberattack Claimed By BlackByte
Encina Wastewater Authority (EWA) found itself targeted by the notorious BlackByte ransomware group. The threat actor, known for its aggressive tactics, posted a message on its platform indicating the alleged Encina Wastewater Authority cyberattack. The message hinted at the potential sale of sensitive company documents obtained during the intrusion.
Cyble Inc ☛ Nissan Cyberattack Affects Nearly 100,000 Customers
The Nissan cyberattack, which occurred on December 5, 2023, involved a malicious third party gaining unauthorized access to the company’s local IT servers.
The compromised data varies for each individual, with initial estimates suggesting that up to 10% of those notified have had some form of government identification compromised. This includes approximately 4,000 Medicare cards, 7,500 driver’s licenses, 220 passports, and 1,300 tax file numbers.
