Cyber Security Informer

Weekly update 57

Troy Hunt

OCTOBER 20, 2017

I'm doing this week's update a little back to front due to the massive incident in South Africa involving what looks like pretty much the entire population. Oh - and I totally forgot about my post on IoT warning labels which I pushed out right after my last weekly update so I'll link to that below. References.

IoT

IoT Data breaches

Economic headwinds could deepen the cybersecurity skills shortage

CSO Magazine

JANUARY 30, 2023

According to the most recent research report from ESG and the Information System Security Association International (ISSA), 57% of organizations claim that they’ve been impacted by the global cybersecurity skills shortage, while 44% of organizations believe the skills shortage has gotten worse over the past few years. The result?

Cybersecurity

Out-of-band security update fixes Adobe Media Encoder issu

Security Affairs

SEPTEMBER 15, 2020

Adobe has released an out-of-band security update to address three ‘Important’ security vulnerabilities in the Adobe Media Encoder. Adobe has released an out-of-band security update for Adobe Media Encoder that addresses three ‘Important’ Information Disclosure flaws. Users should install Media Encoder 14.4

Media

Media Advertising Hacking

TrickBot helps Emotet come back from the dead

Malwarebytes

NOVEMBER 16, 2021

Not only had the infrastructure been dismantled, but previously infected computers had received a special update that would effectively remove the malware at a specific date. Out of the woods again. On November 15, security researchers who’ve tracked Emotet announced that the threat was back. A return of malspam waves and ransomware?

InfoSec

InfoSec Ransomware Malware

Assessing the Y, and How, of the XZ Utils incident

SecureList

APRIL 24, 2024

Wed, 27 Apr 2022 11:42:57 -0700 Re: [xz-devel] [PATCH] String to filter and filter to string “Your efforts are good but based on the slow release schedule it will unfortunatly be years until the community actually gets this quality of life feature.” When I view the git log I can see it has not updated in over a year.

Social Engineering

Social Engineering Engineering Accountability VPN

Tracking and Fixing an Installer Bug

Kali Linux

AUGUST 28, 2013

By manually remounting the encrypted partition, repopulating it with the required parameters, and then updating the initramfs, the machine would boot successfully into the encrypted partition again. Something was probably wrong with the way /etc/crypttab gets updated during the installation process. To our rescue comes DebianInstaller.

Encryption

Encryption Backups Architecture Media

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

The Last Watchdog

MARCH 8, 2021

I would expect that percentage to increase over time as the new iOS updates are rolled out and Apple educates more users. For instance, 57 percent also stated that they would refrain from downloading an app that asks for too much personal info. A recent survey of some 2,000 U.S. Ethical limits.

Data privacy

Data privacy Manufacturing Education Technology

Hackers Stole Access Tokens from Okta’s Support Unit

Krebs on Security

OCTOBER 20, 2023

Update, 2:57 p.m. ” Update, 3:36 p.m. Okta says the incident affected a “very small number” of customers, however it appears the hackers responsible had access to Okta’s support platform for at least two weeks before the company fully contained the intrusion.

Social Engineering

Social Engineering Engineering Accountability Hacking

Sowing Chaos and Reaping Rewards in Confluence and Jira

Security Boulevard

JUNE 28, 2023

Updated Password Policy Page Lo and behold… SharpWebServer Capturing a Hash in Redir Mode Yay, time to crack! Good targets for this might be the pages for weekly standup meetings or any pages that look to have been recently updated (AtlasReaper supports a few filtering options you might use). No data will be deleted.

Authentication

Authentication Passwords Penetration Testing Social Engineering

Protecting Industrial Control Systems Against Cyberattacks – Part 3

Security Boulevard

JUNE 8, 2021

The ransomware gangs include Maze , responsible for 57 incidents against ICS. Customers on the receiving end accept the software believing it to contain benign updates. Especially not with the frequency required to keep up with the onslaught of vulnerabilities. In 2020, there were approximately 20,000 vulnerabilities logged by NIST.

Ransomware

Ransomware Software Healthcare Risk

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

eSecurity Planet

JANUARY 28, 2022

However, the number of attacks in the second half of 2021 that were 30 minutes or less accounted for 57 percent of all incidents, down from 74 percent. Ransomware attacks can be avoided by simply following best practices around information security, backups , and updates, but DDoS can occur despite doing everything correctly,” Rosen said.

DDOS

DDOS IoT Engineering DNS

TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access

Fox IT

NOVEMBER 8, 2021

NCC Group strongly advises updating systems running SolarWinds Serv-U software to the most recent version (at minimum version 15.2.3 NCC Group’s global Cyber Incident Response Team have observed an increase in Clop ransomware victims in the past weeks. HF2) and checking whether exploitation has happened as detailed below. Serv-U_15.1.6.25

Software

Software Ransomware Internet Internet

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

In fact, 57 percent of all ransomware incidents disclosed to the FBI involved K–12 districts at the start of the 2020/2021 school year, compared to just 28 percent the year prior. Install, regularly update, and enable real-time detection for antivirus software. Segment networks to prevent the spread of ransomware.

Education

Education Ransomware Cybersecurity Risk

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

For a variety of reasons, I will no longer be sharing these updates on Twitter. Federal Trade Commission was already investigating a 2014 breach at Uber, another security breach affected 57 million Uber account holders and drivers. In 2016, while the U.S.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

High rates of known, exploitable vulnerabilities still found in the wild, report reveals

IT Security Guru

MARCH 11, 2022

Crucially, 57% of all observed vulnerabilities are more than two years old, with as many as 17% being more than five years old. The report reveals that organizations are still taking nearly two months to remediate critical risk vulnerabilities, with the average mean time to remediate (MTTR) across the full stack set at 60 days.

Risk

Risk Software Cyber Risk Architecture

Mystic Stealer

Security Boulevard

JUNE 15, 2023

On May 20, the Mystic Stealer seller posted updates that include loader functionality and a persistence capability to forums as shown in Figure 1. update with loader support As previously noted, there are several anti-analysis and evasion features additionally present in Mystic Stealer: Binary expiration.

Cryptocurrency

Cryptocurrency Password Management Malware DNS

Questions about the Massive South African "Master Deeds" Data Breach Answered

Troy Hunt

OCTOBER 19, 2017

Our database is continually updated 24 hours a day, 7 days a week, 365 days a year. Firstly, the total record count is 66,360,837: The split between living and deceased shows approximately 57 million alive and 9 million passed away: Just in case you're doing the maths, this totals 4 less than the previous image.

Data breaches

Data breaches Government Backups Internet

Cyber Security Informer

Weekly update 57

Economic headwinds could deepen the cybersecurity skills shortage

Trending Sources

Out-of-band security update fixes Adobe Media Encoder issu

TrickBot helps Emotet come back from the dead

Assessing the Y, and How, of the XZ Utils incident

Tracking and Fixing an Installer Bug

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

Hackers Stole Access Tokens from Okta’s Support Unit

Sowing Chaos and Reaping Rewards in Confluence and Jira

Protecting Industrial Control Systems Against Cyberattacks – Part 3

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Happy 13th Birthday, KrebsOnSecurity!

High rates of known, exploitable vulnerabilities still found in the wild, report reveals

Mystic Stealer

Questions about the Massive South African "Master Deeds" Data Breach Answered

Stay Connected