November 30, 2024 - Red Dot Security

Hello all,

The Internet killed Black Friday for me! (For those of you not based in the USA, Black Friday is a huge shopping day right after the Thanksgiving Day holiday). I used to collect newspaper fliers, circle store opening times, plan my driving route, map out where my quarry was located in each store, so that I was as efficient as humanly possible. It was a big-game hunt that my children and I looked forward to each year. Of course, the criminal element didn’t let the shopping frenzy go unnoticed, parking lot thieves were out in force, knowing that people were going from store to store in search of treasure, leaving brand new just purchased items in their cars while they did so.

Alas, the times have changed, ending a family tradition. This year was the first year that I didn’t even bother to go out shopping. There was zero reason. Retailers advertise the entire week and make their Black Friday deals available online. It just isn’t worth losing sleep over anymore. Sure, there are some loss leaders in the stores that are only available in person, but seriously, how many larger-screen TVs or Air Fryers does a person need? And getting deals from the comfort of home, instead of freezing outside of a store waiting for it to open, is certainly significantly more pleasant and less stressful. However, the ubiquity of online shopping, and subsequent invoice and delivery notifications has created an incredible opportunity for cyber-criminals. Both the FBI and CISA are warning of increased Business Email Compromise (BEC) attacks over the holiday season. I’ve personally received no less than 5 text messages about “package deliveries” that “need” me to click a link. From parking lot to couch, criminals have also made the trek online. Stay vigilant, don’t expose your valuables and have them purloined. Onward to other cyber news of the past week.

As usual, my commentary is followed by a plethora of links to other items that are worth skimming to see if they interest you or pertain to your particular environment or of those you support.

Headline NEWS:

7-Zip has been revealed to have a severe vulnerability in versions below 24.07. If yours is lower, update as soon as you are able.
FBI and CISA warn of increased risk of BEC attack during the holidays. Stay aware, always check with the sending party before opening unexpected attachments, don’t call the number in the email, call what you know is the correct number for the person, and never, ever, change financial information or send funds based solely on an email.
HPE has patched a defect in their Insight Remote Support product. You notice that it is a “remote support” product, right? Threat actors love these. If you use this, don’t wait, and check your version. Also, follow HPE’s advice and turn on automatic updating.
Microsoft had a global meltdown due to a failed update. The details were amazingly scant, but Big Redmond attempted to undo the changes, and their affected infrastructure ignored them. They eventually restored access by shutting down affected portions of their global network and then rolling back to the prior version. It was not a fun day for IT folks.
QNAP has rereleased updates to fix multiple vulnerabilities, check yours for updates if you have one.
Veritas has made patches available to fix defects in their Veritas Enterprise Vault. This is one thing you definitely don’t want compromised if a bad guy makes it into your network. Patch quickly!
VMware has released patches for their Aria Operations product. If you use it, patch it.
Zabbix has been found to have a SQL injection defect. This is a rather popular network and application monitor product that has wide deployment. Please update before the criminals burrow through this hole.

In Ransomware, Malware, and Vulnerabilities News:

DEF CON is a massive cyber conference that takes place in Las Vegas, NV every year for the past 32 years. At the most recent event, a “Hacker Volunteer Army” was formed. The first blood these elite geeks will draw is to “investigate the security of six water companies based in Utah, Vermont, Indiana, and Oregon, fix any issues, and then pass the knowledge on.” Way to go!
Blue Yonder which provides managed services to thousands of organizations worldwide was hit with a ransomware attack on November 21^st. They are still attempting to recover, with the last update on their website coming over 6 days ago. Major corporations such as Starbucks, DHL, Kroger, Fred Meyer, and Proctor & Gamble are listed among their clients. Most clients had “no comment” regarding this event.

In Other News Events of Note and Interest:

Breakthrough Material Perfectly Absorbs All Electromagnetic Waves piqued my interest, this has far reaching potential in blocking unwanted signal noise, security applications, directional targeting of radio signals, and much more.
Uniswap, an enormous decentralized exchange for swapping crypto currencies is offering a staggering $15.5 million dollars in a bug bounty to help secure their systems. If you’ve got the skills, you could earn a serious Christmas bonus!

Musings:

Hot on the heels of Black Friday (which has turned rather gray for me) is Cyber Monday! Online retailers are banking on tech-aficionados and electronics hunting consumers to fatten their coffers to make their holiday jolly. Their online stores, shopping carts, and remote operators are standing by to take your orders. And while deals are indeed there to be found if you hunt, be wary of offers that are too good to be true, because they probably are! Remember that threat actors also have online stores, shopping carts, and operators standing by, not to take your order, but instead to steal your money.

Headline NEWS

Ransomware, Malware, and Vulnerabilities News

Other News Events of Note and Interest

Like this: