💾 Archived View for gemini.tuxmachines.org › n › 2023 › 06 › 14 › Windows_TCO_and_Security_Leftovers… captured on 2024-06-20 at 12:04:43. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Tux Machines
Posted by Roy Schestowitz on Jun 14, 2023
Events: LibreOffice in Romania, DebConf23, OpenInfra Summit, OpenSouthCode
=> https://itwire.com/security/ransomware-gang-alphv-unlikely-to-be-fussed-about-law-firm-s-injunction-order.html ↺ Ransomware gang Alphv 'unlikely to be fussed' about law firm's injunction order
An Australian law firm's bid to try and use a court injunction to prevent publication of material stolen during a ransomware raid is unlikely to have any effect on the attackers behind the intrusion, a security professional says.
=> https://siliconangle.com/2023/06/13/trustwave-report-finds-attacks-targeting-ms-sql-skyrocketing/ ↺ Trustwave report finds attacks targeting Microsoft’s MS SQL are skyrocketing
A new report from cybersecurity company Trustwave Holdings Inc. has found that attacks targeting Microsoft Corp.'s MS SQL are skyrocketing and that database vulnerabilities are increasing across volatile regions.
=> https://www.theregister.com/2023/06/13/june_patch_tuesday_vmware_vuln/ ↺ June Patch Tuesday: VMware vuln under attack by Chinese spies, Microsoft kinda meh
An attacker can use this vulnerability to gain admin privileges without any user interaction, according to Microsoft. Once they've "gained access to spoofed JWT authentication tokens, they can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user," according to the security update.
=> https://www.securityweek.com/ransomware-attack-played-major-role-in-shutdown-of-illinois-hospital/ ↺ Ransomware Attack Played Major Role in Shutdown of Illinois Hospital
The attack occurred in late February 2021 and forced the shutdown of the Spring Valley hospital’s computer network, impacting all web-based operations, including its patient portal. The Peru branch was not affected, as it operated on a separate system.
The incident, the hospital said on social media, impacted its ability to bill patients and get paid in a timely manner for the provided services. The systems were down for more than three months.
=> https://krebsonsecurity.com/2023/06/microsoft-patch-tuesday-june-2023-edition/ ↺ Microsoft Patch Tuesday, June 2023 Edition
Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products.
=> https://itwire.com/security/no-zero-days-for-microsoft-to-fix-on-patch-tuesday.html ↺ No zero-days for Microsoft to fix on Patch Tuesday
"Unlike past Microsoft Exchange Server flaws that were rated higher and did not require authentication, these vulnerabilities require an attacker to be authenticated.
"That said, attackers can still potentially exploit these flaws if they’re able to obtain valid credentials, which is not as difficult as you’d expect."
Adam Barnett, lead software engineer at security firm Rapid7, noted that the volume of patches was typical compared with recent months: 94 in total.
"For the first time in a while, Microsoft isn’t offering patches for any zero-day vulnerabilities, but we do get fixes for four critical Remote Code Execution vulnerabilities: one in .NET/Visual Studio, and three in Windows Pragmatic General Multicast," he added.
=> https://isc.sans.edu/diary/rss/29936 ↺ Geoserver Attack Details: More Cryptominers against Unconfigured WebApps, (Mon, Jun 12th)
=> https://www.securityweek.com/cosmicenergy-ics-malware-poses-no-immediate-threat-but-should-not-be-ignored/ ↺ CosmicEnergy ICS Malware Poses No Immediate Threat, but Should Not Be Ignored
The Russia-linked ICS malware named CosmicEnergy does not pose a direct threat to OT systems as it contains errors and lacks maturity.