News
-
News & Notes: July 9th, 2021
(News & Notes may be updated throughout the day…check back for more!) China’s cyber watchdog, the Cyberspace Administration, an agency set-up during Chinese President Xi JinPing’s first term is taking, “a lead role in Beijing’s push to strengthen interagency oversight of companies listed overseas, especially those traded in the U.S., and to tighten rules for future foreign listings”. via WSJ Update…China Orders Stores to Remove More Apps Operated by Didi GLobal’s China Arm via WSJ ”Stellantis said it plans to spend more than $35.5 billion through 2025 to release an array of new electrified vehicles.” Not mentioned is how much they plan on spending towards the cybersecurity of said vehicles.…
-
News & Notes: Kaseya Suffers Massive REvil Ransomware Attack Over Weekend
Over the holiday July 4th weekend some big news hit. There was a massive REvil ransomare attack on Kaseya, an American software company. Reported to us by SANS Daily StormCenter Podcast, news is still developing here, here, and here about the extent of the damage, which is not fully known but expected to be significant. Kaseya provides IT management software to MSPs (Managed Service Providers) and IT teams to improve efficiency and security, and allowing small to medium-sized businesses to manage their IT assets, service desk and more. Biblio: SANS Storm Center Podcast
-
News & Notes: Print Spooler Vulnerability
(Updated July 7, 2021) The #printnightmare nightmare continues. Microsoft is looking at a serious remote code execution (RCE) vulnerability dubbed #printnightmare, or more officially CVE-2021-34527). [1] As reported by IT WORLD CANADA [2], a Chinese security company leaked a proof of concept exploit for a zero day vulnerability that they thought had been plugged, meaning patched or fixed. (It’s common to openly discuss such vulnerabilities after they have been disclosed to the company and a patch issued.) BUT. In this case, the bug, or vulnerability, had NOT yet been patched in that time span. Microsoft has now issued a patch to address the #PrintNightmare Windows Print Spooler vulnerability (CVE-2021-34527). The…
-
Russian Hackers Abusing VPNs to Hijack Accounts, U.S. and British Officials Say
According to an article in Reuters, Russian hackers are accused of abusing VPNs. US and British authorities identify Unit 26165, the arm of Russia’s military spy agency, also accused of interfering in the 2016 US presidential election, as a source behind “widespread, distributed and anonymized brute force access attempts against hundreds of government and private sector targets”. None of the targets, mostly in the United States and Europe, were identified by name, but “included government offices, political parties, energy companies, law firms and media organizations”. “Russian hackers are abusing VPNs to hijack accounts, US and UK officials say” via Reuters
-
News & Notes–June 30, 2021
Data for 700 million Linked In Users Posted for Sale: Linked In says that no public breach occurred so the next likely theory for the source went to the scraping of public profiles, according to the Cybersecurity Headlines podcast. Or more probably the publicly available info of each user. For instance, you can set your profile to be fully open to the public, or private with certain information set to be publicly available. So that info could be publicly available to search engines and the wider internet. (Always check your settings.) This comes after the loss of 500 million records in April. No financial info was released. But the raw…
