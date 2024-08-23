Security and Windows TCO
OSTechNix ☛ Record-Breaking Bounty Awarded For LiteSpeed Cache Plugin Vulnerability
Windows TCO
ARRL ☛ ARRL IT Security Incident - Report to Members
Most ARRL member benefits remained operational during the attack. One that wasn’t was Logbook of The World (LoTW), which is one of our most popular member benefits. LoTW data was not impacted by the attack and once the environment was ready to again permit public access to ARRL network-based servers, we returned LoTW into service. The fact that LoTW took less than 4 days to get through a backlog that at times exceeded over 60,000 logs was outstanding.
The Register UK ☛ Critical industries top ransomware hitlist, attacks dwindle
Critical industrial organizations continued to be hammered by ransomware skids in July, while experts suggest the perps are growing in confidence that law enforcement won't intervene.
Of the 395 ransomware attacks claimed by criminals last month, over a third (125 or 34 percent) targeted critical industrial organizations, NCC Group said today. According to the company's figures, the industrial sector has been the most targeted by ransomware since 2021.
Google ☛ PEAKLIGHT: Decoding the Stealthy Memory-Only Malware
Mandiant identified a new memory-only dropper using a complex, multi-stage infection process. This memory-only dropper decrypts and executes a PowerShell-based downloader. This PowerShell-based downloader is being tracked as PEAKLIGHT.
Vox ☛ SSN data breach: How do I freeze my credit? What can I do to protect myself?
Indeed, data breaches are exceedingly common. There’s a familiar cycle of breaches happening, companies admitting to it, lawyers filing class action lawsuits, and individual consumers getting checks for $5 in the mail. That’s typically it — no arrests, no jail time, no consequences for the hackers who stole the data or the companies who failed to protect it. There is little regulatory oversight of the data broker industry, where companies big and small mine information from consumers and sell it to other companies, often without properly protecting that data — hence the frequency of breaches. Data brokers don’t necessarily care, though, since consumers are the product in this industry, not the customer.
Integrity/Availability/Authenticity
Bitdefender ☛ Over 100,000 Oregon Zoo visitors warned that their payment card details were stolen in security breach
What you don’t normally see in a data breach, however, is full payment card information stolen - such as a card's CVV security code - because the vast majority of companies simply do not store such details.
However, a malicious script planted on a website form which asks purchasers to enter their card details can skim the details before it is passed to a third-party payment processor.
