Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Posted by u/Skin__Deep  on Reddit

This resource is what finally helped me learn subnetting

(it’s free) I’ve tried so many resources over the last few months to learn subnetting. I always end up understanding it for a day or so before I lose it. I found this site a couple of days ago, watched all the videos, and have been practicing for around ~20 minutes every day. It’s day 4 and I can finally do these without the cheat sheet. Just wanted to share this with everyone since subnetting seems to be a huge hurdle for people getting their Net+/CCNA.

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.

The malware, dubbed Raspberry Robin, spreads via infected USB devices, and it was first spotted in September 2021 by Red Canary intelligence analysts.

Cybersecurity firm Sekoia also observed it using QNAP NAS devices as command and control servers (C2) servers in early November [PDF], while Microsoft said it found malicious artifacts linked to this worm created in 2019.   More…

Prepare for a New Cryptographic Standard to Protect Against Future Quantum-Based Threats

Original release date: July 5, 2022

The National Institute of Standards and Technology (NIST) has announced that a new post-quantum cryptographic standard will replace current public-key cryptography, which is vulnerable to quantum-based attacks. Note: the term “post-quantum cryptography” is often referred to as “quantum-resistant cryptography” and includes, “cryptographic algorithms or methods that are assessed not to be specifically vulnerable to attack by either a CRQC [cryptanalytically relevant quantum computer] or classical computer.” (See the National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems for more information).

Although NIST will not publish the new post-quantum cryptographic standard for use by commercial products until 2024, CISA and NIST strongly recommend organizations start preparing for the transition now by following the Post-Quantum Cryptography Roadmap.  More...

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

Vachon-Desjardins had been a federal government worker in the Canadian Capital Region (he comes from Gatineau in Quebec, directly across the river from the federal capital Ottawa in Ontario).  He seems to have decided that joining the cybercrime underworld would be much more lucrative than his government job, and it seems that did indeed rack up a small fortune in illegal earning until he was identified, arrested and prosecuted in Canada.

By all accounts, he was part of several so-called Ransomware-as-a-Service (RaaS) gangs, such as REvil and NetWalker, where the actual ransomware attackers act as “affiliates” for the core ransomware creators, in return for handing over an AppStore-like or Google Play-like 30% cut of every blackmail payment they extort.  Simply put, the core gang members create the malware samples, run the darkweb servers that handle the “negotiations” with victims, and collect the extortion payments while the affiliates handle breaking into victims’ networks, mapping them out, and lining up the final attack in which as many computers on the network as possible have their data scrambled at the same time.

The “business theory”, if we can call it that, is that by taking 30% of every successful attack, the core criminals become extremely wealthy indeed, but keep a low profile away from the network-cracking limelight. At the same time, by handing 70% to their “affiliates”, they encourage those co-conspirators to make each attack as debilitating as possible, potentially increasing the amount that victims can ultimately be squeezed into paying to get their business running again.


A Surprising Reason Why Some Computers Take Longer to Start Up

Is your computer taking longer to boot? It might be that app you installed recently. Here is what you need to check.

Have you ever installed an app on a Windows computer and later noticed that your computer is taking longer to boot up? It likely is not your imagination. Some apps are designed to automatically launch when you start up your computer. These programs are referred to as “startup apps”. If a startup app requires a large amount of computer resources to launch, it can increase the time it takes for your machine to boot up.

The post A Surprising Reason Why Some Computers Take Longer to Start Up appeared first on CHIPS.

OpenSSL Releases Security Update

Original release date: July 6, 2022

OpenSSL has released a security update to address a vulnerability affecting OpenSSL 3.0.4. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the OpenSSL advisory and upgrade to the appropriate version.

A wide range of routers are under attack by new, unusually sophisticated malware

Router-stalking ZuoRAT is likely the work of a sophisticated nation-state, researchers say.

An unusually advanced hacking group has spent almost two years infecting a wide range of routers in North America and Europe with malware that takes full control of connected devices running Windows, macOS, and Linux, researchers reported on Tuesday.

So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified at least 80 targets infected by the stealthy malware, infecting routers made by Cisco, Netgear, Asus, and DrayTek. Dubbed ZuoRAT, the remote access Trojan is part of a broader hacking campaign that has existed since at least the fourth quarter of 2020 and continues to operate.  More…

That didn’t last! Microsoft turns off the Office security it just turned on

Remember Macro viruses?  An Office anti-malware setting that took more than 20 years to arrive… and fewer than 20 weeks to vanish again.

Experian, You Have Some Explaining to Do

Twice in the past month KrebsOnSecurity has heard from readers who had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim’s personal information and a different email address.   More…

Do you need new employees? Join the crowd. Half of all small businesses are looking for staffers

According to the National Federation of Independent Businesses (NFIB),  half of US small-business owners said they had open positions they couldn’t fill this June. But look at it this way: that’s better than May 2022, when it was more than half. That, by the way, was a 48-year record high.

Sure, inflation is eating our lunch, and we may be on our way to a recession, but workers still aren’t coming into the workforce. Instead, we’re still suffering from a Great Resignation hangover.  More…




About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.