February 22, 2025 - Red Dot Security

(For a video version of the introduction below, go to my LinkedIn post.)

Hello all,

This was somewhat of an interstitial week with less headline defects and vulnerabilities, but it was balanced by plenty of other news items. Some of the more significant were Apple’s decision to cripple security for their UK clients, an unbelievably massive crypto currency heist, and several vendors patching severe holes. So, onward.

Headline NEWS:

Apple is in the headlines again this week, but for a different reason. In response to the UK’s demand of having a backdoor to user’s encrypted data, Apple has disabled end-to-end encryption for all new accounts, stating “Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users.”. And, at a yet undisclosed future date, Apple will have to disable ADP for all UK clients. Customers not in the UK will retain ADP and the ability to encrypt their iCloud storage.
ByBit, a crypto currency exchange had $1.4 billion worth of Ethereum moved (aka stolen) out of a cold wallet (non-internet connected) and moved to a warm wallet (internet connected). To put a bit of perspective on the scale, if this was US $100 dollar bills, the booty would weigh 11 tons, or if $20 bills, 55 tons. For their part, ByBit should be OK, as they have over $16 billion in assets and have assured depositors that their funds are safe.
Citrix has a vulnerability in NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that allows an authenticated user to execute unauthorized commands. That would be corporate-speak for the malicious user can eventually do whatever they want. There are no workarounds, you just need to update to the latest patched versions to mitigate.
Juniper Networks has issued patches to fix a critical authentication bypass vulnerability in their Session Smart Router. This defect allows an attacker to “bypass authentication and take control of the device”. If you use this, update quickly.
LibreOffice has issued patches to fix some bugs that could result in both data loss and data theft. Upgrade to the latest versions to plug these holes.
Palo Alto has identified a new defect that is already under active exploitation. When chained with other flaws, an attacker can gain full control over the PanOS device. If you use Palo Alto, apply the patches and do not expose the management interface to the internet.

In Ransomware, Malware, and Vulnerabilities News:

Ransomware continues to be a global scourge, despite payouts in 2024 being lower than in 2023, there was a marked increase in successful attacks. LockBit’s very public takedown has resulted in a number of smaller players throwing their horned helmets in to the mix. Ransomware as a Service (RaaS) is growing with the cost of entry being as low as $40 per month, significantly lowering the bar to ride the evil train. A troubling statistic is that the time from initial compromise to encryption is now 17 hours on average, with some groups encrypting in as little as four hours. Sadly, many companies still think that they’re “too small” or “insignificant” to be attacked, not realizing that it is opportunity, not desirability that drives this malevolent activity. Even Paddington Bear is not safe, with publisher “The Agency” recently compromised by ransomware. Paddington! This is putrid level evil at work!

In Other News Events of Note and Interest:

China’s DeepSeek is being fed data from, well everything. In a move that is both brilliant and terrifying, China has a nationwide plan to connect everything to their AI, smart vehicles, schools, shopping, everything. This move will enable The Middle Kingdom to correlate and analyze anything and everything their citizens do online. Let’s just hope that when their AI achieves consciousness it decides that it likes the average citizen more than the authoritarian government.

Musings:

There is an old encouragement that asks, “How do you eat an elephant? One bite at a time”. You could similarly ask, “How do you fill an ocean? One drop at a time”. My point is that the ONE matters. Individually, we may not amount to much, but through repeated, consistent, and combined effort, we can make massive differences not just for ourselves, but for others, and the world around us. Despite daily reports of doom, gloom, and the screeds of harbingers of bad news, keep doing what you know is right, one bite, one drip at a time. Because in the end, it is the consistent efforts of good people doing the right thing that will prevail.

Headline NEWS

Ransomware, Malware, and Vulnerabilities News

Other News Events of Note and Interest

Like this: