Hello all,
Today is Veteran’s Day in the United States, and Armistice Day in much of the world, marking the end of World War Two, on the eleventh hour, of the eleventh day, of the eleventh month. Hostilities officially ceased and the guns went silent. It would be nice to have a digital armistice day, but alas, that is not on the horizon. What is rapidly coming into view is Patch Tuesday this week, so be prepared for an incoming barrage. Meanwhile, there’s plenty of news from this past week, so let’s get to it.
The volume of news and other can appear overwhelming, the best strategy is to read the Notable Callouts below and then skim the full list of linked news item titles that follow for things that pertain to you or your environment or simply interest you, and then selecting them for more information. So, let’s get to it. And don’t forget, our site, https://red-n-security.com also has searchable archives of past newsletters.
Notable Callouts:
- Article 45 is ticked away inside of eIDAS 2.0, Europe’s newly proposed regulations for digital security of its citizens. However, Article 45 is severely flawed and will result in worse security and privacy if enacted. Hundreds of scientists and researchers from 39 countries have written eIDAS an open letter of opposition to this article.
- Microsoft unleased Windows 1.0 on the world 40 years ago today. And we’ve never been the same since. That’s a bit of a stretch. It caused little more than a yawn until Windows 3.0 and Windows 3.1 were released, and then everything changed.
- Okta had a breach recently that gave them quite a bruising in the press and financially. The reason for the breach that affected 134 organizations has been traced to an employee accessing personal items on his work computer. Let that sink in for a moment. Keep your work and personal computing separate, please.
- QNAP is warning of critical command injection flaws. Patches have been released. So, update quickly, or take mitigating actions if you can’t update now.
- Veeam has warned of critical bugs in Veeam One. If you are using this update now or risk compromise.
In Ransomware, Malware, and Vulnerabilities News:
- MGM and Caesars attacks are stark examples of how social engineering is being used to defeat security. Move to FIDO2 compliant security as quickly as you’re able to help fight social engineering attacks.
- Open AI was down or extremely slow this week due to massive DDoS attacks against them. Likewise, Cloudflare experienced its own share of DDoS this week.
- SysAid is being actively attacked via a critical vulnerability. Patch now.
In Other News Events of Note and Interest:
- Google Chrome has a nifty new feature. If you hover over a tab it shows you how much memory that tab is using.
- ChatGPT received major updates this week. If you can get past the DDoS, it has some nifty new features worth checking out.
In Cyber Insurance News:
- Business Owners lack cyber insurance knowledge. A full 20% do need guidance and education about the purpose and need of this coverage.
May your electrons all cooperate. And hopefully you can enjoy a period of calm before the storm this Tuesday when Microsoft and other organizations unleash a new slew of patches and unveil fresh vulnerabilities for bad-guys to attack.
Viscount Zebulon Wamboldt Pike
Red-N Weekly Cyber Security News
Headline NEWS
- Article 45 Will Roll Back Web Security by 12 Years
- 40 years ago today, Microsoft announced Windows 1.0
- Okta breach happened after employee logged into personal Google account
- QNAP warns of critical command injection flaws in QTS OS, apps
- Veeam warns of critical bugs in Veeam ONE monitoring platform
Ransomware, Malware, and Vulnerabilities News
- Hackers breach healthcare orgs via ScreenConnect remote access
- MGM and Caesars Attacks Highlight Social Engineering Risks
- OpenAI confirms DDoS attacks behind ongoing ChatGPT outages
- Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
- California, Tri-City Healthcare hit by ransomware attack: county source
- Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
- Critical Vulnerability: SysAid CVE-2023-47246
- New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
- Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
- Boeing data leaked, attackers promise more
- LEGO Marketplace BrickLink Hacked? Website Down Amid Unusual Activity
- US, South Korea, Japan to launch consultative group on North’s cyber threats
- The 3 key stages of ransomware attacks and useful indicators of compromise
- Cybercriminal group claims responsibility for ransomware attack as hospital CEO says recovery will take weeks
- Abusing Microsoft Access “Linked Table” Feature to Perform NTLM Forced Authentication Attacks
- Cyberattack shuts down WA transportation website, bringing confusion, disruptions
- New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
- Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
- Apple Releases macOS Sonoma 14.1.1 With Bug Fixes and Security Updates
- ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks – SecurityWeek
- FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
- Okta breach affected 134 orgs, ‘or less than 1%’ of customers, company admits
- MITRE partners with Microsoft to address generative AI security risks
- Medical research data Advarra stolen after SIM swap
- Organizations turn to zero trust, network segmentation as ransomware attacks double
- Experts Expose Farnetwork’s Ransomware-as-a-Service Business Model
- New Report On Suffolk County (Long Island, NY) Cyber Attack Raises Questions
- New GootLoader Malware Variant Evades Detection and Spreads Rapidly
- 37 Vulnerabilities Patched in Android With November 2023 Security Updates
- Microsoft is killing off three Windows services because of security concerns
- Microsoft drops SMB1 firewall rules in new Windows 11 build
- Sumo Logic discloses security breach, advises API key resets
- Hacker Leaks 35 Million Scraped LinkedIn User Records
- Pulaski Co., AR Public Schools investigating cyber attack
- CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
- Three-Quarters of Retail Ransomware Attacks End in Encryption
- Major Japanese defense contractor breached by ALPHV
- US Radiology hit with $450K fine for ransomware-related breach
- com pays ransom, attackers release data anyway
- US Sanctions Ryuk Ransomware’s Russian Money Launderer
Other News Events of Note and Interest
- Google Chrome rolling out per tab Memory usage
- Wordfence Launches Bug Bounty Program
- Clonezilla Live 3.1.1 Bumps Kernel to Linux 6.5, Adds Many Disk Cloning Improvements
- Do-Not-Track is back on track: what Berlin’s ruling could mean for our online privacy
- How Do We Truly Make Security ‘Everyone’s Responsibility’?
- Google dragged to UK watchdog over Chrome’s upcoming IP address cloaking
- Overheating datacenter stopped 2.5 million bank transactions
- OpenAI offers to pay for ChatGPT customers’ copyright lawsuits
- ChatGPT gets its biggest update so far – here are 4 upgrades that are coming soon
- DoNotSpy11 updated with Windows 11 23H2 support and the option to disable Windows Copilot
- Microsoft Authenticator now blocks suspicious MFA alerts by default
- Microsoft will roll out MFA-enforcing policies for admin portal access
- Microsoft won’t let you close OneDrive on Windows until you explain yourself
- Microsoft extends Windows Server 2012 ESUs to October 2026
- Microsoft shares temp fix for broken Windows Server 2022 VMs
- Edge 119 no longer allows enabling or disabling the sidebar if Copilot is off
- ‘ChatGPT detector’ catches AI-generated papers with unprecedented accuracy
- Myrror Security raises $6M in Seed to stop attacks on software development processes
- 90 Percent of Cybersecurity Pros Work on Vacation and Deal with Frequent Interruptions to Daily Life
- Build a Teams External Access Whitelist from User Chats
- Sophos Firewall v20 is now available
- Cool Tool – UpdateHub 2.3.0
- Cool Tool – HiJackThis+ 3.3.0.5 Alpha