April 12, 2025 - Red Dot Security

(For a video version of the introduction below, click here.)

Hello all,

This past week was Patch Tuesday for Microsoft and several other vendors. Apparently feeling that it should be Patch Week instead of just one day, Juniper and VMware chose different days to unleash required fixes. There’s lots of other items to talk about as well, so let’s get to them.

Headline NEWS:

Apple has been the subject of a not-so-secret legal case in the UK, where the limeys are demanding back door access to encrypted customer data. Apple has essentially refused and has instead turned off data protections for UK citizens in response. Apple brought an appeal of the order before the Investigatory Powers Tribunal, which ruled that the case, or at least portions of it will be heard by the public and will not be kept secret. This should be interesting. In a related note, across the pond, it was reported this past week that the State of Florida is also looking to gain back door access to encrypted communications, under the guise of protecting minors.
Fortinet, Ivanti, and Juniper all released patches to fix defects in their products this past week. If you have any of these under your care, check your vendor’s sites for updates and follow their guidance.
Microsoft unleashed fixes for 126 or134 flaws last week, depending on which report you’re reading. At least one of these, a zero day in the Common Log File System, is already under active exploitation. Naturally, now that there are published fixes, they will be quickly scrutinized by threat actors to find what was plugged so they can exploit the holes. Vet the patches quickly and apply them fast.
Microsoft Teams is now requiring you to keep your version up to date. If you are more than 90 days behind the latest release, you won’t be allowed to connect until you update, nagging you every 30 days until you do so.
US Bank Regulator Office of the Comptroller of the Currency has been in the news because of a massive and lengthy breach of its email system. Unknown threat actors had access to over 150,000 emails since at least June of 2023. The intrusion was detected and stopped in February 2025. At least one news source is reporting that one of the targeted executives didn’t have MFA on their account. Due to the time that’s elapsed from intrusion to detection, we may never know if that was the smoking gun, but dang, a regulator with no MFA, come on!
VMware (Broadcom) released updates for 47 vulnerabilities in multiple VMware Tanzu Greenplum products. A few are severe, so if you use this check yours for updates fast. If you can’t patch immediately, VMware does have mitigation guidance.
WhatsApp for Windows has a defect that could allow an attacker to send a specially crafted file to victims that would enable the bad guy to gain remote code execution. The fix is to update to the latest version.
Zoom Workplace Apps has a defect that could allow for evil action via a Cross Site Scripting (XSS) attack. If you use any flavor of Zoom, including Zoom Rooms, check for and apply any updates to mitigate this hole.

In Ransomware, Malware, and Vulnerabilities News:

China has apparently confirmed that they have indeed been hacking the United States in response to the US’s support of Taiwan, which China claims is their own. If this was any other form of attack, that would have been considered an admission of ongoing warfare. We need to pray this conflict stays in the digital realm.
Someone Hacked Ransomware Gang Everest’s Leak Site in a bit of vigilante justice, their site was altered to say, “Don’t do crime CRIME IS BAD xoxo from Prague.” If it was from Prague, well done – Czech-mate. It would be amazing if others followed suit and gave out more hugs and kisses to similar evil dirtbags.

In Other News Events of Note and Interest:

AI dominates the news in tech lately and we have a significant number of links to articles that talk about standards for interoperability, new tools, studies on AI motivations and mistakes, ways to use AI, and new hardware related to Artificial Intelligence.

Musings:

Backups are not sexy, but they are vital. I recall a personal incident from a number of years ago. I had literally just finished a full image backup of my personal system and went to bed. I came back to it the next day and my hard drive had irretrievably died. I was so grateful that I had a full and exact copy of everything and lost nothing of my years of digital life. Since that time backup software has gotten significantly more granular and less taxing on system resources. I have several forms of backup in active use, Microsoft One Drive continuously backs up my important files, and I have an offline backup that runs every evening that safeguards my digital life. How about you? Do you know if you could recover your documents, spreadsheets, vacation, wedding, first-steps, or graduation photos in the event of a failure, or God-forbid, a successful encryption attack? Physical spinning hard-drives used to give you some warning of when they were at risk of failing, current solid-state drives just up and quit, usually without any prior indication. Are you prepared?

Headline NEWS

Ransomware, Malware, and Vulnerabilities News

Other News Events of Note and Interest

Like this: