Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

OUCH! Ransomware Attack Via MSP Locks Customers Out of Systems

If your computer technical support is provided by an outside vendor, you need to know this.  We have warned about this problem before.

Earlier this week, an unidentified threat actor managed to launch a ransomware attack resulting in the encryption of between 1,500 to 2,000 endpoint devices belonging to users of a single US managed service provider (MSP).

The MSP was subsequently urged to pay a ransom of $2.6 million to have the systems unlocked.

The attacker managed the feat by exploiting a security flaw in a plug-in for VSA RMM, a software tool from Kaseya that is designed for the remote monitoring and management of servers and other computer devices. Like many MSPs, the targeted firm uses the software for client systems.

Anniversary of the dedication of the ENIAC computer in 1946.

ENIAC (/ˈiːniæk,  ˈɛ-/; Electronic Numerical Integrator and Computer) was among the earliest electronic general-purpose computers made. It was Turing-complete, digital and able to solve “a large class of numerical problems” through reprogramming.

ENIAC was completed in 1945 and first put to work for practical purposes on December 10, 1945.  ENIAC was formally dedicated at the University of Pennsylvania on February 15, 1946 and was heralded as a “Giant Brain” by the press. It had a speed on the order of one thousand times faster than that of electro-mechanical machines; this computational power, coupled with general-purpose programmability, excited scientists and industrialists alike. The combination of speed and programmability allowed for thousands more calculations for problems, as ENIAC calculated a trajectory in 30 seconds that took a human 20 hours (allowing one ENIAC hour to displace 2,400 human hours)

Thieves’ names and descriptions made public on B&Q database

DIY giant B&Q reportedly suffered an Elasticsearch database breach this week that gave up information on around 70,000 shoplifters.  (Wall of Shame winners, I’m having a hard time feeling bad about this one.)

Half of IoT devices let down by vulnerable apps

Half of the apps used to control a range of Internet of Things devices are insecure in a variety of ways, researchers found.

What will we do when robots take all the jobs?

It looks like men, minorities, and the young will lose jobs first as more robots take over jobs in manufacturing, warehousing and logistics, and the service sector.

Netflix Has a Problem With Password Sharing.

Many consider the sharing economy a positive thing. However, Netflix, Hulu, Amazon, HBO and others are literally losing millions of dollars via the generosity of their consumers. While credential sharing seems like the gift that keeps on giving for users around the world, it represents a major missed opportunity for revenue growth among some of the largest media streaming services.

Home DNA kit company says it’s working with the FBI

FamilyTreeDNA has disclosed that it’s opened up more than 1m DNA profiles to the FBI to help find suspects of violent crime.

CERT/CC Reports Microsoft Exchange 2013 and Newer are Vulnerable to NTLM Relay Attacks

01/28/2019 08:53 PM EST  Original release date: January 28, 2019

The CERT Coordination Center (CERT/CC) has released information to address NTLM relay attacks affecting Microsoft Exchange 2013 and newer versions. A remote attacker could exploit this vulnerability to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Note VU#465632 and consider the listed workarounds until patches are made available.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.