A quick Saturday digest of cybersecurity news articles from other sources.
Windows-as-a-nuisance: How I clean up a “clean install” of Windows 11 and Edge
Tips and tricks for making Microsoft leave you alone while you use your PC.
I’ve written before about my nostalgia for the Windows XP- or Windows 7-era “clean install,” when you could substantially improve any given pre-made PC merely by taking an official direct-from-Microsoft Windows install disk and blowing away the factory install, ridding yourself of 60-day antivirus trials, WildTangent games, outdated drivers, and whatever other software your PC maker threw on it to help subsidize its cost.
You can still do that with Windows 11—in fact, it’s considerably easier than it was in those ’00s versions of Windows, with multiple official Microsoft-sanctioned ways to download and create an install disk, something you used to need to acquire on your own. But the resulting Windows installation is a lot less “clean” than it used to be, given the continual creep of new Microsoft apps and services into more and more parts of the core Windows experience.
CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure
02/26/2024 09:00 AM EST
CISA, in partnership with UK National Cyber Security Centre (NCSC) and other U.S. and international partners released the joint advisory, SVR Cyber Actors Adapt Tactics for Initial Cloud Access. This advisory provides recent tactics, techniques, and procedures (TTPs) used by Russian Foreign Intelligence Service (SVR) cyber actors—also known as APT29, the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard—to gain initial access into a cloud environment.
The authoring agencies encourage network defenders and organizations review the joint advisory for recommended mitigations. For more information on APT29, see joint CSA Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally or visit CISA’s Russia Cyber Threat Overview and Advisories page. For more guidance on cloud security best practices, see CISA’s Secure Cloud Business Applications (SCuBA) Project.
U-Haul Tells 67k Customers Crooks Drove Away With Their Personal Data (2 minute read)
U-Haul has reported a cyberattack where 67,000 customers in the United States and Canada had their personal data compromised, including names, dates of birth, and driver’s license numbers. No financial information was taken. The attack targeted the U-Haul Dealer and Team Members system used for reservations and customer records.
Prescription orders delayed as US pharmacies grapple with “nation-state” cyber attack (1 minute read)
Prescription orders in the US are being delayed as pharmacies are experiencing a “nation-state” cyber attack. The attack is believed to coming from a foreign government. It is targeting major pharmacy chains, including Walgreens, Rite Aid, and CVS Health. The attack has disrupted the pharmacies’ prescription-filling systems, causing delays across the country.
Share
MAR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com