Latest News Articles
--- TLP:WHITE ---
News
− Microsoft Takes Legal Action to Disrupt Cybercriminals' Illegal Use of Cobalt Strike Tool
Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center (Health-ISAC) to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware.
https://blogs.microsoft.com/on-the-issues/2023/04/06/stopping-cybercriminals-from-abusing-security-tools/− All Dutch govt networks to use RPKI to prevent BGP hijacking
The Dutch government will adopt the RPKI (Resource Public Key Infrastructure) standard on all its systems before the end of 2024 to upgrade the security of its internet routing.
https://www.bleepingcomputer.com/news/security/all-dutch-govt-networks-to-use-rpki-to-prevent-bgp-hijacking/Vulnerabilities
− Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws
Microsoft's April 2023 Patch Tuesday, and security updates fix one actively exploited zero-day vulnerability and a total of 97 flaws. Seven vulnerabilities have been classified as 'Critical' for allowing remote code execution, the most serious of vulnerabilities.
https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2023-patch-tuesday-fixes-1-zero-day-97-flaws/− Windows zero-day vulnerability exploited in ransomware attacks
Microsoft has patched a zero-day vulnerability in the Windows Common Log File System (CLFS), actively exploited by cybercriminals to escalate privileges and deploy Nokoyawa ransomware payloads.
https://www.bleepingcomputer.com/news/security/windows-zero-day-vulnerability-exploited-in-ransomware-attacks/− CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published eight Industrial Control Systems (ICS) advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx.
https://thehackernews.com/2023/04/cisa-warns-of-critical-ics-flaws-in.html− HP prepping firmware update to fix critical security vulnerability in LaserJet printers
Community News
− Bank rewrote ads for infosec jobs to stop scaring away women
A lot of men would just go 'Well, I could do that'. Women would deselect. So we've changed the way we do job ads, to talk more about the experience that we're after and the type of person versus specific technical skills.
https://www.theregister.com/2023/04/04/westpac_rewrote_inosec_job_ads_for_women/− The Human Factor in the Geopolitics of the Internet
The Internet is a network of networks administered, controlled and shaped by humans. As such, it is as much affected by power relationships across the public and private actors as it, in turn, affects them. In this article, the team from GEODE explores the complex relations between the technical and political dimensions of the Internet, this time with a focus on Central Asia.
https://labs.ripe.net/author/louis_petiniaud/the-human-factor-in-the-geopolitics-of-the-internet/--- TLP:WHITE ---