Language Selection

English French German Italian Portuguese Spanish

Security: Microsoft Windows Strikes Again

Filed under
Microsoft
Security
  • U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack

    The U.S. Coast Guard has issued an official warning to owners of ships that cybersecurity at sea needs updating, and updating urgently. In the Marine Safety Alert published June 8, the Coast Guard "strongly encourages" that cybersecurity assessments are conducted to "better understand the extent of their cyber vulnerabilities." This follows an interagency investigation, led by the Coast Guard, into a "significant cyber incident" that had exposed critical control systems of a deep draft vessel bound for the Port of New York in February 2019 to what it called "significant vulnerabilities."

  • Malware on the High Seas: US Coast Guard Issues Alert [iophk: Windows TCO is not a laughing matter. Get rid of it.]

    The ship's network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard, according to the report.

  • Eurofins Scientific: Forensic services firm paid ransom after cyber-attack [iophk: Windows TCO]

    BBC News has not been told how much money was involved in the ransom payment or when it was paid.

    The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid.

  • Eurofins Scientific Paid Up in Response to Ransomware Attack: Report [iophk: Windows TCO]

    Luxembourg-based laboratory testing services giant Eurofins Scientific reportedly paid the ransom demanded by cybercriminals following a successful ransomware attack that led to the company taking offline many of its systems and servers.

  • Eurofins Scientific forensics firm pays after hit with ransomware [iophk: Windows TCO]

    Eurofins didn’t disclose how much it paid to retrieve its information but the money was likely paid between June 10, when Eurofins issued a statement about the attack, and June 24 when it published an update saying it had “identified the variant of the malware used” in the attack and had strengthened its cybersecurity.

  • [Old] Combating WannaCry and Other Ransomware with OpenZFS Snapshots [iophk: use FreeBSD, OpenBSD, or GNU/Linux on the desktop to avoid ransomware and servers to avoid ransomware damage]

    OpenZFS is the powerful file system at the heart of every storage system that iXsystems sells and of its many features, snapshots can provide fast and effective recovery from ransomware attacks at both the individual user and enterprise level as I talked about in 2015. As a copy-on-write file system, OpenZFS provides efficient and consistent snapshots of your data at any given point in time. Each snapshot only includes the precise delta of changes between any two points in time and can be cloned to provide writable copies of any previous state without losing the original copy. Snapshots also provide the basis of OpenZFS replication or backing up of your data to local and remote systems. Because an OpenZFS snapshot takes place at the block level of the file system, it is immune to any file-level encryption by ransomware that occurs over it. A carefully-planned snapshot, replication, retention, and restoration strategy can provide the low-level isolation you need to enable your storage infrastructure to quickly recover from ransomware attacks.

FOSS Security Patches

  • Security updates for Friday

    Security updates have been issued by CentOS (dbus), Debian (firefox-esr, python3.4, and redis), Mageia (ffmpeg), Oracle (firefox, libvirt, and qemu), Red Hat (firefox and virt:8.0.0), Scientific Linux (firefox), and SUSE (kernel).

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.