April 6, 2024

Weekly Cyber Security
News Events &Information

From sources found online in the past seven days

Hello all,

This past week most of the world took notice of Andres Freund, a mild-manner programmer who single-handedly saved the internet. No joke. He found a supply-chain attack that was in process of being stealthily slipped into millions of computers worldwide. Due to his efforts, this particular attack was thwarted. Well done sir! Upcoming this week is Patch Tuesday, I predict it will be larger than last month with at least two new zero-days from Microsoft, we’ll see how good my prognosticating skills are soon. Regarding Microsoft, the US government’s Cyber Safety Review Board (CSRB) pulled no punches this week in saying that Microsoft’s security culture is “inadequate”. There’s lots more, so let’s get to it.

The volume of news and other can appear overwhelming, the best strategy is to read the Notable Callouts below and then skim the full list of linked news item titles that follow for things that pertain to you or your environment or simply interest you, and then selecting them for more information. So, let’s get to it. And don’t forget, our site, https://red-n-security.com also has searchable archives of past newsletters.

Notable Callouts:

Apache has released patches for two flaws in the HTTP server that can allow for malicious header injection and launch HTTP/2 DDoS attacks. Patch quickly.
Google Chrome has received another zero-day update this week, following up on their update last week. Check your browser for updates. Since this now has a patch, the details of how this can be exploited will be public soon.
Ivanti can’t catch a break. They just released updates to patch four vulnerabilities in their Connect Secure and Policy Secure Gateways. In a related note, their CEO sent an open letter to the world committing to a secure-by-design overhaul. It will be a major undertaking as some researchers have shown that the base code is rife with vulnerable code/packages. In a related note, CISA has revealed that over 100,000 organizations may have had data exposed by their own Ivanti breach.
Microsoft, as mentioned earlier, was the subject of the Cyber Safety Review Board (CSRB) review of the Exchange hack from 2023. In the Executive Summary section it states, “The Board finds that this intrusion was preventable and should never have occurred. The Board also concludes that Microsoft’s security culture was inadequate and requires an overhaul…” and this only references the known summer 2023 hack, not the new reveal from January 2024. As a result of these numerous public failings, many organizations are now considering if they have too many eggs in one cyber-basket.
OWASP, the Open Worldwide Application Security Project, in a wry humorous note, suffered its own security incident recently. They’d left exposed a wiki server that contained resumes for members who had joined the organization between 2006 and 2014. The server has since been secured and any exposed, cached data removed.
T-1000 infant created by the Chinese University of Hong Kong. Seriously, they made a shape-shifting robot that can liquify and return to the original form. Have these people never watched a Terminator movie?

In Ransomware, Malware, and Vulnerabilities News:

Panera Bread experienced a ransomware attack and has recovered after a week of downtime and complaints from customers about not getting their “unlimited sips” and earning or redeeming points. They are still in the process of restoration, but it appears that they are now able to take more than just cash payments.
Jackson County Missouri revealed that the ransomware attack that crippled a good portion of their services was the result of a phishing email. User education is vital. Technology can only stop so much. Cyber security is everyone’s responsibility.

In Other News Events of Note and Interest:

Broadcom’s executives say that VMware price increase complaints are “unwarranted”, that customers with two or more products now get more and now they have support. I don’t think the customers with one product appreciate that remark at all. Nor does the education sector, which is facing huge increases due to Broadcom’s elimination of non-profit discounts. Many are reporting 200% or more in increases. Not cool Broadcom. But it is a major opportunity for other virtualization vendors, if they’re able to jump on it quickly enough.

In Cyber Insurance News:

Cyber Insurance Reduces Risk is a good article that showcases some of what are now considered standards in the security industry.

People are the problem. There are evil people intent on doing you, your systems, and/or your country harm. There are the clueless who click on everything that lights up electrons on their screen. And unfortunately, these actors in the digital cyber-drama that our world is enmeshed in affect the vast majority of innocent bystanders who had nothing to do with the attack or the enabling of the boom. However, people are also the solution. Thankfully, there are good people everywhere doing all that they can to keep the malevolent scum and their weapons of destruction out, and are doing all they can to protect and ensure that our digital world is secure, stemming back the darkness every day.

Headline NEWS

Ransomware, Malware, and Vulnerabilities News

Other News Events of Note and Interest

Cyber Insurance News

Like this: