Tux Machines
Security: CISA, DDoS, Internet Archive, and Windows TCO
Posted by Roy Schestowitz on Oct 11, 2024
CISA
CISA ☛ 2024-10-08 [Older] Adobe Releases Security Updates for Multiple Products
CISA ☛ 2024-10-08 [Older] Microsoft Releases October 2024 Security Updates
CISA ☛ 2024-10-10 [Older] Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
CISA ☛ 2024-10-10 [Older] CISA Releases Twenty-One Industrial Control Systems Advisories
CISA ☛ 2024-10-10 [Older] Siemens SIMATIC S7-1500 and S7-1200 CPUs
CISA ☛ 2024-10-10 [Older] Siemens Simcenter Nastran
CISA ☛ 2024-10-10 [Older] Siemens Teamcenter Visualization and JT2Go
CISA ☛ 2024-10-10 [Older] Siemens SENTRON PAC3200 Devices
CISA ☛ 2024-10-10 [Older] Siemens Questa and ModelSim
CISA ☛ 2024-10-10 [Older] Siemens JT2Go
CISA ☛ 2024-10-10 [Older] Siemens HiMed Cockpit
CISA ☛ 2024-10-10 [Older] Siemens PSS SINCAL
CISA ☛ 2024-10-10 [Older] Siemens SIMATIC S7-1500 CPUs
CISA ☛ 2024-10-10 [Older] Siemens RUGGEDCOM APE1808
CISA ☛ 2024-10-10 [Older] Siemens Sentron Powercenter 1000
CISA ☛ 2024-10-10 [Older] Siemens Tecnomatix Plant Simulation
CISA ☛ 2024-10-10 [Older] Schneider Electric Zelio Soft 2
CISA ☛ 2024-10-10 [Older] Rockwell Automation DataMosaix Private Cloud
CISA ☛ 2024-10-10 [Older] Rockwell Automation DataMosaix Private Cloud
CISA ☛ 2024-10-10 [Older] Rockwell Automation Verve Asset Manager
CISA ☛ 2024-10-10 [Older] Rockwell Automation Logix Controllers
CISA ☛ 2024-10-10 [Older] Rockwell Automation PowerFlex 6000T
CISA ☛ 2024-10-10 [Older] Rockwell Automation ControlLogix
CISA ☛ 2024-10-10 [Older] Delta Electronics CNCSoft-G2
CISA ☛ 2024-10-09 [Older] CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA ☛ 2024-10-08 [Older] Avoid Scams After Disaster Strikes
CISA ☛ 2024-10-08 [Older] CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA ☛ 2024-10-08 [Older] CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations
CISA ☛ 2024-10-03 [Older] CISA Adds One Known Exploited Vulnerability to Catalog
Integrity/Availability/Authenticity
Bleeping Computer ☛ Internet Archive hacked, data breach impacts 31 million users
Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.
News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached.
Silicon Angle ☛ Internet Archive experiences outages after DDoS attacks, data breach
Internet Archive users learned that it was breached on Wednesday, when a hacker compromised the nonprofit’s website and displayed a message announcing a cyberattack had taken place. The message was followed by a DDoS attack a few hours later. A second DDoS attack took place this morning.
The Record ☛ DDoS attacks on Internet Archive continue after data breach impacting 31 million
Brewster Kahle, founder of the Internet Archive, said that after it fended off the disruptive junk web traffic from the DDoS attack, the website was defaced. Hackers also stole the usernames, emails and encrypted passwords of all registered users.
The Internet Archive disabled the source of the breach, scrubbed systems and upgraded security, according to Kahle. But on Thursday morning the DDoS attacks had returned and knocked both the Internet Archive site and OpenLibrary platform offline, he said.
RTL ☛ Pro-Palestinian 'hacktivists': Internet Archive reels from 'catastrophic' cyberattack, data breach
↺ Pro-Palestinian 'hacktivists': Internet Archive reels from 'catastrophic' cyberattack, data breach
Brewster Kahle, the Internet Archive's founder and digital librarian, acknowledged a series of distributed denial-of-service (DDoS) attacks -- aimed at disrupting a website or server -- since Tuesday and said the organization was working to upgrade security.
PC World ☛ Internet Archive hacked, 31 million accounts have info leaked
In addition to suffering a distributed denial of service (DDoS) attack, the site has lost a database with information on over 30 million users.
Wired ☛ Internet Archive Breach Exposes 31 Million Users
The Internet Archive has faced aggressive DDoS attacks numerous times in the past, including in late May. As Kahle wrote on Wednesday: “Yesterday's DDoS attack on @internetarchive repeated today. We are working to bring http://archive.org back online.†The hacktivist group known as BlackMeta claimed responsibility for this week's DDoS attacks and said it plans to carry out more against the Internet Archive. Still, the perpetrator of the data breach is not yet known.
The Hill ☛ Internet Archive data breach exposes more than 31 million user accounts: reports
“Services are currently stopped to upgrade internal systems,†Kahle wrote in a Thursday update. “We are working to restore services as quickly and safely as possible. Sorry for this disruption.â€
NDTV ☛ Internet Archive Hit By "Catastrophic" Attack, 31 Million Passwords Stolen
The attack, which surfaced on October 9, revealed the details of millions of users after a JavaScript (JS) library on the Internet Archive's website was exploited. A pop-up message on the site alerted visitors, stating: "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"
Windows TCO
The Register UK ☛ Healthcare attacks spread beyond US, just ask Star Health
At the time, a hacker who goes by "xenZen" was allegedly using two Telegram chatbots to leak the data. One chatbot offered PDFs of claim documents, another allowed users to request up to 20 samples of over 31 million records containing sensitive information like body mass index. The perp also claimed to have the images of Star Health customers' national identity card.
Star Health this week told The Register that it acknowledges "unauthorized and illegal access to certain data" but added "operations remain unaffected."
Scoop News Group ☛ 14,000 medical devices are online, unsecured and vulnerable
The health care ecosystem has been under almost constant assault in recent years as cybercriminals take advantage of a system decimated by the COVID-19 pandemic. Combating ransomware attacks against hospitals has become a major national security priority for the Biden administration as the potential impacts can be dire. A recent extortion of Change Healthcare crippled the payment processing company and tens of thousands of pharmacies, highlighting the potential disruptions at risk.
The Record ☛ New law in Australia will require mandatory reporting of ransomware payments
These incidents were followed by an updated national cybersecurity strategy published last November. The strategy was costed at AU$587 million ($382 million) over the next seven years with the intention of preventing AU$3 billion ($1.9 billion) in annual damages caused by ransomware attacks on the Australian economy.
The new Cyber Security Bill 2024 aims to implement seven initiatives set out in that strategy, according to the Australian government, some of which will see the country’s legislation aligned with what is considered best practice elsewhere in the world, while other provisions are the first of their kind.