August 3, 2024


Hello all,

This week has been rather uncommon in how quiet it has been with the low level of major issues and announcements, unless you count Microsoft experiencing a successful Distributed Denial of Service (DDoS) attack that severely impacted their operations for about a day. Of course there was plenty of other news regarding vulnerabilities, issues, and threats, and a plethora of interesting and surprising announcements. So, let’s move on to the details.

The volume of news and other can appear overwhelming, the best strategy is to read the Notable Callouts below and then skim the full list of linked news item titles that follow for things that pertain to you or your environment or simply interest you, and then selecting them for more information. So, let’s get to it. And don’t forget, our site, https://red-n-security.com also has searchable archives of past newsletters.

Notable Callouts:

  • Google has updated Chrome to address critical security updates. Three were security related, and there was one that was related to a browser crash. Updates are usually automatic and eventually apply, but you can always trigger one immediately by going to Chrome’s help and then the about screen.
  • Microsoft had a rather bad day this past week on July 30 when their automated processes failed to mitigate a successful Distributed Denal of Service (DDoS) attack. The result was that major portions of the Microsoft infrastructure were either unavailable or responded very poorly. It took approximately 8 hours for things to return to normal operations.
  • Microsoft Edge received three security updates this past week, which is unsurprising since it is a Chromium based browser. So, when Google updates Chrome, all Chromium based browsers should follow suit shortly afterward. The same manual update process as for Chrome applies to Edge.
  • Secure Boot has been found to be compromised on computers from hundreds of PCs from many of the major vendors. Encryption keys were found publicly available. This is an emerging story, but the bottom line is that manufacturers will need to release updates to fix this major blunder that left the keys to the kingdom out in the open on the internet.
  • Multiple SMTP Servers Vulnerable to Spoofing Attacks. Simple Mail Transfer Protocol has been a backbone of email transmission. Some of the verification and security items related to servers’ sending and receiving of email are standards such as Sender Policy Framework (SPF), Domain-based, Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Email (DKIM). Researchers have found a way to spoof identities in email headers to circumvent the protections offered by sender verification systems described above. Successful abuse means that emails can be sent impersonating where they came from, with very little to let you know it is not legitimate. Major email vendors will need to implement new safeguards and mitigations to fight this novel vector.

In Ransomware, Malware, and Vulnerabilities News:

  • UK crimebusters shut down global call-spoofing outfit. It is always nice to read a story of success by the good guys. There are plenty out there, but alarming headlines get most of the attention.
  • Average Data Breach Cost Jumps to $4.88 million. Wow. If nothing convinces you to ensure that your data is well protected, that number alone should!
  • OneBlood’s virtual machines encrypted by an inhuman dirtbag or group of dirtbags. They encrypted a non-profit blood bank service! This event has triggered alerts to hospitals that there will be shortages of blood for life-saving procedures. These heartless individuals are truly evil.

In Other News Events of Note and Interest:

  • Entrust’s TLS certificates just got the ban-hammer from Firefox after already having gotten it from Google Chrome. If you have an Entrust certificate, it is time to get one someplace else, ASAP.
  • Argentina will use AI to ‘predict future crimes’. I’ve seen this TV series. It was named Person of Interest. Let’s just say that the AI didn’t stay in the box. Argentina may regret this move, just sayin’.

In Cyber Insurance News:

  • CrowwdStrike incident underlines the importance of cyber insurance. If you were affected, either directly or indirectly, and if you have cyber insurance, you’ve likely invoked your disruption of business provision in an attempt to recover some of the lost revenue for the global BSOD. If you were affected and don’t have cyber insurance, now might be a good time to look into it. Because this will not be the last time something like this happens in our ever increasingly interconnected world.

 The internet is like St. Cecilia’s annual carnival. It is an amazing wonder of exotic foods, entertaining personalities, animals, and oddities, incredible inventive rides, games, and amusing activities. And just like that pop-up carnival, consumer beware. Is that food truly safe? Did they get all of the bolts into the rollercoaster? Are the beams all solid or is there a hairline crack just waiting for you to be on the ride? Be careful where you go, what you consume, and what you choose to engage in. While it may appear safe and sound, caution is warranted.

Visc. Jan Broucinek

Keep the shields up. They really are out to get you.

Viscount Jan Broucinek
Red-N Weekly Cyber Security News

Headline NEWS

 

Ransomware, Malware, and Vulnerabilities News

 

Other News Events of Note and Interest

 

Cyber Insurance News
Share this with: