Security Leftovers and Windows TCO Stories
-
CyberRisk Alliance LLC ☛ Attacks with new Mallox ransomware version aimed at Linux
While older iterations of Mallox ransomware were spread in the form of .DLL, .EXE, or .NET-based files via breached Windows MS-SQL servers...
-
Krebs On Security ☛ Microsoft Patch Tuesday, July 2024 Edition
Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.
-
Windows TCO
-
[Old] USA ☛ Background Press Call by Senior Administration Officials Previewing the Biden-Harris Administration's National Cyber Strategy | The White House
Second, as we continue our focus on disrupting and dismantling threat actors, we’re elevating our work on ransomware, declaring ransomware a threat to national security rather than just a criminal challenge.
-
Bitdefender ☛ Ransomware attack on blood-testing service puts lives in danger in South Africa
On June 22, the BlackSuit ransomware group hit NHLS, leaving it unable to process millions of blood tests. This means serious conditions have been left undiagnosed and lives endangered. This included details of tests that screened for diseases like tuberculosis and HIV/AIDS, as well as the mpox (also known as monkeypox) outbreak that is currently impacting parts of Africa.
NHLS, which runs a network of 256 laboratories, shut down its IT systems following the security breach. It took its email system, website, and systems for retrieving and storing patients' lab test results offline.
-
Fortune ☛ Microsoft hack affected Veterans Affairs and State Departments, government says | Fortune
The US Agency for Global Media, part of the State Department that provides news and information in countries where the press is restricted, was notified “a couple months ago” by Microsoft that some of its data may have been stolen, a spokesperson said in an emailed statement. No security or personally identifiable sensitive data was compromised, the spokesperson said.
The agency is working closely with the Department of Homeland Security on the incident, the spokesperson said, declining to answer additional questions. A State Department spokesperson said, “We are aware that Microsoft is reaching out to agencies, both affected and unaffected, in the spirit of transparency.”
-
US Navy Times ☛ Russian [attackers] infiltrate Veterans Affairs via Microsoft account
The Russian state-sponsored [cracker] infiltrated a Microsoft platform called Microsoft Azure Government, which provides storage, databases and other services to the VA and other government agencies.
-
Stars And Stripes ☛ VA account with Microsoft infiltrated by Russian [crackers], agency says
[Attackers] gained access in January to Microsoft Azure Government, a cloud computing service that delivers servers, storage, databases, networking and software that the VA and other federal agencies use across the internet, according to the VA.
-
Privacy Enhancing Technologies Symposium ☛ FOCI Proceedings — A case study on DDoS attacks against Tor relays
Abstract: Being the victim of DDoS attacks is an experience shared by many Tor relay operators. Despite the prevalence of this type of attack, the experiences and lessons learned after such attacks are rarely discussed publicly. This work provides a detailed description of a DDoS attack against two Tor relays operated by the authors. By sharing experiences on how an attack was analyzed after it happened and what mitigation mechanisms would have been capable of stopping it, this work tries to support a discussion on guidelines for relay operators on how to properly and securely run their relays. In addition to that, the included attack analysis investigates why the attack took place in the first time, what the attackers were trying to achieve, the amount of resources they had to expend and how the attack actually worked. Hopefully, this information will be useful in future discussions on how to make the Tor network as a whole more resilient against this kind of attack.
-
Security Week ☛ How to Fix a Dysfunctional Security Culture
But cultures can also become toxic or dysfunctional, working at cross purposes with the desired values and goals of the organization.
From a security standpoint, a dysfunctional culture might exhibit such signs as failing to follow the organization’s policies and procedures related to data management; failing to properly protect sensitive customer, employee, or company data; lack of employee security awareness training; failure to adequately protect against breaches—or to appropriately report when a breach occurs.
-
Security Week ☛ Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited
THe Office SharePoint flaw could allow an authenticated attacker with Site Owner permissions or higher to upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger deserialization of file’s parameters.
-
Security Week ☛ Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health
The Florida Department of Health last week confirmed it was dealing with a cybersecurity incident, without providing further information on the attack.
-