A brand new information eraser is found, patches are issued for Lexmark and BIND printers, and extra.
Welcome to Cyber Safety At this time. It is Monday, January 30, 2023. I am Howard Solomon, a contributing cybersecurity reporter for ITWorldCanada.com and TechNewsday.com within the US.
Consideration Home windows directors: In case you’re not already doing this, guarantee that Lively Listing is absolutely locked down. Hackers believed to be from the Russian Sandworm group have a brand new data-wiping malware that’s being distributed through Lively Listing Group Coverage. ESET researchers found this new pressure after a cyberattack final week in opposition to a goal in Ukraine. ESET calls this harmful malware SwiftSlicer. Methods to safe Lively Listing embody limiting the quantity of people that can entry it, and guaranteeing that those that have entry use sturdy passwords, multi-factor authentication, and, if doable, {hardware} keys. Make sure you remind these individuals to not fall for phishing scams claiming to be IT or assist employees verifying your credentials. Area controllers should even be protected in the identical manner. For extra recommendation from Microsoft on methods to safe AD, click on right here.
Consideration community directors utilizing the open supply BIND 9 suite for area controllers. The Web Techniques Consortium has issued advisories for 4 excessive severity vulnerabilities. They must be addressed by putting in the newest variations of the suite.
Extra about patches: Lexmark has warned {that a} server-side request forgery vulnerability has been found in additional than 100 newer fashions of its printers. Patches can be found for sure fashions of CX, XC, MX, MB and different printers.
Consideration VMware directors: Be sure that the 4 fixes launched final week for the vRealize log evaluation software are put in rapidly. It’s because Horizon3 safety researchers are about to launch an exploit that reveals how three of the vulnerabilities will be chained collectively to get into vRealize. As soon as hackers see a possible exploit, they’re fast to create one which works.
Final week teardown of the IT infrastructure supporting the Hive ransomware gang was hailed by info safety professionals. It reveals the efficient work of regulation enforcement all over the world. Here is one other doable signal: The variety of exchanges that menace actors use to money out ransomed or stolen cryptocurrency is declining. Wired reporters famous this reality in Chainlysis investigators’ annual crime report. It counted simply 915 cash-out providers final 12 months. That sounds enormous. However 68 p.c of all black market withdrawals are made by means of simply 5 cryptocurrency exchanges. Chainalysis believes this reveals that the worldwide crackdown on cash laundering is having an impact.
Here is one other reminder that hackers do not essentially strike quick in the event that they get by means of preliminary safety checks. The Los Angeles Unified College District has reviewed the timeline for the ransomware assault it suffered final September. Initially, the district stated the assault came about over Labor Day weekend. It now says that the intrusion started on July 31 and ended on September 3. That is one other instance of why it is important to continuously monitor and scan for suspicious community exercise.
Lastly, Periodically, cybersecurity corporations concern warnings about vulnerabilities in Web-connected industrial management programs, or ICS. However the head of a vendor that sells ICS options advises that patching vulnerabilities on this tools needs to be prioritized in the identical manner that fixes are put in for IT tools: ask if the vulnerability is at present being utilized in an assault and if the vulnerability might trigger the corporate hurt. If the reply to each questions is sure, handle these vulnerabilities first. “There haven’t been any identified ICS vulnerabilities which were exploited in any ICS cyberattacks,” says Dragos CEO Robert Lee. There’s an excessive amount of strain on corporations to patch every little thing quick, he stated. Then there’s this memorable quote: “I’ve responded to extra IT individuals taking down crops through patching than Russia, China, and Iran mixed.” Give it some thought.
Do not forget that the hyperlinks to particulars in regards to the podcast tales are within the textual content model at ITWorldCanada.com. US listeners may also discover my tales on TechNewsDay.com.
Comply with Cyber Safety At this time on Apple Podcasts, Google Podcasts, or add us to your Flash Briefing in your good speaker.
–
Cyber Security Today, Jan. 30, 2023 – A new data wiper discovered, patches for Lexmark printers and BIND are issued and more
