Tux Machines

Windows TCO Leftovers

Posted by Roy Schestowitz on Jun 20, 2023

Programming Leftovers

Security: WiFi Router Flaws, Istio 1.16 EoL, and Reddit is in Big Trouble

Guess what happened to this US agency using outdated software?

↺ Guess what happened to this US agency using outdated software?

> It turns out that this same gang of government-backed hackers used a different – and even older – Telerik flaw to break into another US federal agency's Microsoft IIS web server, access the Document Manager component, upload webshells and other files, and establish persistence on the government network.

> The US Cybersecurity and Infrastructure Security Agency and FBI warned about the first intrusion into a federal civilian executive branch agency's Microsoft IIS web server back in March, and said the snafu happened between November 2022 and early January.

Ransomware Gang Takes Credit for February Reddit Hack

↺ Ransomware Gang Takes Credit for February Reddit Hack

> The attackers accessed internal documents, internal dashboards, business systems, source code, the information of hundreds of contacts and current and former employees, and advertiser data, Reddit said at the time, noting that it had no evidence that the attackers compromised production systems, user passwords or accounts.

> Over the weekend, the Alphv/BlackCat ransomware gang listed Reddit on its leak site and claimed to have stolen 80GB of data. No file-encrypting ransomware appears to have been deployed on Reddit’s systems.

BlackCat ransomware gang demands $4.5M, API changes for 80GB leaked Reddit data

↺ BlackCat ransomware gang demands $4.5M, API changes for 80GB leaked Reddit data

> Hackers from the BlackCat ransomware gang have contacted Reddit Inc. claiming to be behind a [breach] that affected the social media forum platform in February that took more than 800 gigabytes of internal documents, code, contracts and employee information.

Malware Delivered Through .inf File, (Mon, Jun 19th)

↺ Malware Delivered Through .inf File, (Mon, Jun 19th)

> They are simple text files and contain setup information in a driver package.

New Information Stealer ‘Mystic Stealer’ Rising to Fame

↺ New Information Stealer ‘Mystic Stealer’ Rising to Fame

> Written in C and targeting Windows...

MOVEit Customers Urged to Patch Third Critical Vulnerability

↺ MOVEit Customers Urged to Patch Third Critical Vulnerability

> A critical vulnerability (CVE-2023-35708) in MOVEit software could allow unauthenticated attackers to access database content.

Medibank Group says it has not been affected by MOVEit flaw

↺ Medibank Group says it has not been affected by MOVEit flaw

> A Medibank spokesperson said: "We were advised by the vendor Ipswitch about some vulnerabilities discovered in MOVEit – a software system we use to share information with external parties – and have promptly applied all the vendor’s recommended security patches.

> "We continue to investigate and work closely with the vendor, and at this stage we are not aware of any of our customers’ data being compromised."

> {loadposition sam08}The spokesperson said the company was aware of the latest advisory issued by Progress Software Corporation, the firm that makes MOVEit.

gemini.tuxmachines.org