Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jun 05, 2023

=> Programming Leftovers | Proprietary Software Leftovers

Rhysida ransomware group claims attack on Martinique

=> ↺ Rhysida ransomware group claims attack on Martinique

A ransomware group that first emerged in May has added the government of Martinique to its leak site.

2023-06-02 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

=> ↺ 2023-06-02 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

2023-06-01 [Older] CISA Releases Five Industrial Control Systems Advisories

=> ↺ 2023-06-01 [Older] CISA Releases Five Industrial Control Systems Advisories

2023-06-01 [Older] Advantech WebAccess/SCADA

=> ↺ 2023-06-01 [Older] Advantech WebAccess/SCADA

2023-06-01 [Older] HID Global SAFE

=> ↺ 2023-06-01 [Older] HID Global SAFE

2023-05-31 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

=> ↺ 2023-05-31 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

2023-05-30 [Older] CISA Releases One Industrial Control Systems Advisory

=> ↺ 2023-05-30 [Older] CISA Releases One Industrial Control Systems Advisory

2023-05-30 [Older] Advantech WebAccess/SCADA

=> ↺ 2023-05-30 [Older] Advantech WebAccess/SCADA

2023-06-01 [Older] Progress Software Releases Security Advisory for MOVEit Transfer

=> ↺ 2023-06-01 [Older] Progress Software Releases Security Advisory for MOVEit Transfer

CISA warns of critical vulnerability in MOVEit file transfer software

=> ↺ CISA warns of critical vulnerability in MOVEit file transfer software

The U.S. Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in Progress Software Corp.'s MOVEit file transfer software to its Known Exploited Vulnerabilities Catalog and reportedly ordered all federal agencies to patch their systems by June 23.

Episode 378 – Naming things is harder than security

=> ↺ Episode 378 – Naming things is harder than security

Josh and Kurt talk about namespaces. They were a topic in the last podcast, and resulted in a much much larger discussion for us. We decided to hash out some of our thinking in an episode. This is a much harder problem than either of us expected. We don’t have any great answers, but we do have a lot of questions.

Mission Community Hospital attackers exploited vulnerabilites in Paragon and Cisco

=> ↺ Mission Community Hospital attackers exploited vulnerabilites in Paragon and Cisco

As Mission Community Hospital in California continues to investigate a cyberattack in April, more details have emerged as to how the attack by RansomHouse threat actors occurred.

[...]

RansomHouse reportedly does not encrypt their victims’ files, instead focusing on just exfiltrating data and demanding a fee to delete it and to provide a security report. The filelist they provide as part of their leak shows a number of folders with patient data from past years as well as current files. Depending on what is in those files, and whether RansomHouse actually got them all, MCH may have a significant number of former patients to notify under HIPAA, HITECH, and California state requirements.

DataBreaches reached out to both RansomHouse and the hospital with questions about this incident, but no replies have been received. At this point, Mission Community Hospital has not even publicly confirmed that they were the victim of an attack even though data is already being leaked.

Six technical security trends CISOs need to know in 2023

=> ↺ Six technical security trends CISOs need to know in 2023

Organizations face countless potential cybersecurity threats as they pursue digital transformation and criminals evolve their attack techniques. Even the most well-funded enterprises cannot address every one of these threats. Responding effectively is about validating and prioritizing the risks that are most impactful for the business.

=> gemini.tuxmachines.org