Patching is difficult but important whether you have Windows or are Kaseya, another victim of Accellion announces a breach, track ransomwhere payments and the latest executive order targets net neutrality and more. In owl news, burrowing owls are weathering a hurricane and finally deploy policy as code to secure your AWS implementation.
- More details are coming out about the Kaseya ransomware incident with DIVD CSIRT publishing partial details on their research and work directly with Kaseya and their disclosure of 7 vulnerabilities starting in early April. KrebsOnSecurity details how a live but “deprecated” client portal has an active vulnerability from 2015 as well.
- In a developing story, all REvil ransomware sites are down according to Motherboard. REvil was responsible for Kaseya among others.
- The Accellion hack continues to claim new victims as Morgan Stanley is the latest to announce they were breached. The attackers were able to not only get encrypted files but also the decryption key with Social Security Numbers being among the data that was taken via BleepingComputer
- Microsoft has clarified that the latest patches for Print Nightmare do work and you should patch ASAP. There was some back and forth on the rollout and their effectiveness as Ars Technica reports but the latest patches do solve the nightmare via BleepingComputer
- Jack Cable has launched Ransomwhe.re an “open, crowdsourced ransomware payment tracker”. Browse the data or upload your own ransomware screenshots to contribute. Read more at Cyber Scoop.
- President Biden signed an executive order “targeting right to repair, ISPs, net neutrality, and more”. The executive order is mostly encouragement for other agencies and Congress to act on them but gives a wide ranging shot in the arm for many policies that were ignored or gutted in the previous administration. Read more at The Verge.
Owl fun and facts:
Burrowing Owls in Florida are also being affected by Hurricane Elsa as their burrows can be flooded. Thankfully, they’re past nesting season and the baby owls should be able get to safety. Read more about the Cape Coral burrowing owls and the work being done by the Cape Coral Friends of Wildlife that are dedicated to protecting these owls.
A Shout Out:
asecurecloud has released a repo of “AWS Service Control Policy templates and examples that can be deployed using CloudFormation custom resource or AWS CLI scripts.” Use policy as code to protect root account access, CloudTrail configurations, preventing users from creating IAM users and much, much more. Check out these and more deploy right to AWS at asecurecloud.
TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
Please reach out to us directly, via email@example.com or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!
That’s owl for now!