Tag: finally | Page 3

Cyber Security Today, April 15, 2022 – A new botnet discovered, low MFA adoption and a Struts bug finally patched

April 15, 2022/in Internet Security

A new botnet discovered, low MFA adoption and a Struts bug finally patched.

Welcome to Cyber Security Today. It’s Friday April 15th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. Thanks for taking the time to tune in if this is a holiday Friday for you.

&nbsp

A new denial of service botnet has been discovered by security researchers in China. Called Fodcha, it’s adding 100 new infected devices to the estimated 62,000 enslaved devices already on the network. Most are in China. Devices are being compromised by Fodcha malware either through known vulnerabilities or weak passwords on Android servers, GitLab accounts and certain brands of routers. Some are made by Totolink. Last week I reported that another botnet was also compromised of certain unpatched models of Totolink routers.

I regularly quote cybersecurity experts saying implementing multifactor authentication is one of the best things IT leaders can do to lower the risk of a successful cyberattack through compromised passwords. So, here are some disturbing numbers from a report released this week by Trellix: Less than half of U.S. government agency respondents to a survey said their organization has fully developed MFA. At least that’s better than the critical infrastructure sector — which includes banks, transportation companies and utilities. Only 37 per cent of American firms in that sector had implemented MFA. Guest commentator Terry Cutler and I will talk about MFA and other identity management technologies in the Week in Review podcast later today.

Apache has admitted a fix for the Struts Java web application development platform issued two years ago didn’t do the job. It has now put out what it says is a patch that solves the problem. It’s serious enough that the U.S. Cybersecurity and Infrastructure Security Agency is urging users to upgrade to version 2.5.30.

Attention hospital IT administrators: If your facility uses the Aethon TUG wireless smart robot cart for delivering medicine or maintenance supplies, the Homebase server needs to be patched. Researchers at Cynerio have discovered five vulnerabilities that could allow an attacker to take remote…

Source…

1970s gas prices surged past $1 (finally)

March 23, 2022/in Internet Security

In 1973, the average price per gallon of gas was 39 cents.

Despite the anxiety over the possibility of $1 gas, unleaded regular didn’t reach that price in the South until Nov. 1979, when the Iran hostage crisis started, according to the U.S. Bureau of Labor Statistics.

Or did it?

Constitution staff writers Barry King and Sharon Bailey’s July 13 story from that year, headlined “Gas Goes Over $1 A Gallon In Much Of South” claimed the $1 mark was hit months sooner, noting Tampa, Fla., premium selling for as much as $1.05 and Jackson, Miss., customers paying $1.009 for premium.

Caption

The average price for a gallon of gas in the U.S. is gradually easing after surging for weeks. The price, however, is still at record levels. A gallon of regular-grade gasiline ddropped to $4.24 per gallon after reaching an astonishing $4.43 per gallon a week ago, according to AAA.

Credit: ArLuther Lee

Caption

The average price for a gallon of gas in the U.S. is gradually easing after surging for weeks. The price, however, is still at record levels. A gallon of regular-grade gasiline ddropped to $4.24 per gallon after reaching an astonishing $4.43 per gallon a week ago, according to AAA.

Credit: ArLuther Lee

>> MORE DEJA NEWS: Check out what we’ve covered before (and again)

Closer to home, one Georgia gas station hitting the $1 mark found itself shamed for doing so.

“A service station in Augusta listed premium prices at $1.014 until a local radio station broadcast the increase in news reports,” the Constitution told readers. “The station dropped its price back to 99 cents a gallon because the station operator said he couldn’t stand the bad publicity.”

In Atlanta, however, premium averaged a comparatively cheap 95.1 cents.

READ THE ORIGINAL STORY HERE

To zoom in on the story, click the three bars at top right. Then click “Original Document (PDF).”

Besides pricing, metro Atlanta drivers in summer 1979 had another mounting concern: keeping track of which service stations were open and when.

“Ten percent … are open 24 hours a day; 44 percent are open until 8 p.m. weekdays; 64 percent are open Saturday until 6 p.m.; and 36 percent are open Sunday,” Bailey…

Source…

NRA finally admits it was hacked by a ransomware group in 2021

March 20, 2022/in Internet Security

The National Rifle Association (NRA) has just said for the very first time that, yes, the organization was indeed treaded on when it became victim of a massive hack last year.

The right wing organization best known for fighting common sense gun control measures after school shootings like the ones at Sandy Hook and Stoneman Douglas — and also acting as a “foreign asset” to Russia –– confirmed the ransomware attack in a Federal Election Commission filing made by the NRA’s political action committee (PAC).

The NRA finally admitted to the attack it suffered in the filing because it needed to explain discrepancies in its financial reports previously submitted to the government. The filing says that around $2,485 in contributions to the organization hadn’t been “processed correctly.” The NRA blamed the hack for the disparity.

In October 2021, a ransomware group known as Grief targeted the NRA and boasted about the data it had stolen from the gun organization. Grief, which has ties to the Russia-based cybercriminal ring Evil Corp., allegedly stole tax, grant, and investor information from the NRA and posted the stolen information on its website. Grief later released more sensitive personal and financial data, such as bank accounts numbers.

At the time, the NRA would not confirm or deny the hack, releasing a statement that claimed that the “NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.”

We now know they weren’t quite vigilant enough. Grief’s ransomware campaign attacked the NRA on Oct.20 and the gun group felt the effects well into November. The NRA’s internet access, emails, and online networks were subject to varied levels of downtime for weeks.

It’s unclear if the NRA ever paid a ransom to Grief in order to avoid the further release of any other stolen data.

Ransomware hacks can be detrimental to an organization. Businesses have shut down after suffering losses from such attacks. It’s too bad this wasn’t one of those cases.

Source…

Sony Xperia 1 II and Xperia Pro finally receive Android 12 update with January security patch

March 3, 2022/in Mobile Security

Latest Articles

Laptops

The latest Samsung Galaxy Book 2 Pro was unveiled at MWC 2022. The new thin and light laptop comes with Windows 11, a fingerprint sensor, and Intel Evo 12th Gen chips.

By Roland Udvarlaki

Tag Archive for: finally

Latest Articles