Yet Another Security Blog

 Summary A lot of news from the last 2 weeks.  I am trying to be more timely with these summaries as the war in Ukraine is in progress.  There has been observed quite a bit of activity around SLTT and infrastuctre targets.   News SLTT The Cybersecurity and Infrastructure Security Agency (CISA) of the United States (U.S.) released a list of free cybersecurity tools and services for SLTT's that they pledge to keep updated.  The goal is to help better the overall cybersecurity posture of U.S. critical infrastructure sectors and as such are usable by those out of the SLTT arena. https://www.bleepingcomputer.com/news/security/cisa-compiles-list-of-free-cybersecurity-tools-and-services/?&web_view=true Tool: https://www.cisa.gov/free-cybersecurity-services-and-tools CISA also released a bulletin outlining APT group MuddyWater and their attempt to target SLTT and critical infrastructure entities.   https://www.cisa.gov/uscert/ncas/current-activit...

  Summary Sorry for the late release.  There was so little news I debated doing a 2-week report but decided Monday morning that the week of the 8th might turn out to be pretty busy. The news of most interest is that we have seen a lot of increase in attacks against all aspects of critical infrastructure and with the threat of war in the Euro-Asian theater this is probably only going to increase. News News that spans all of the areas of this blog points out that we are increasingly seeing attacks against critical infrastructure sectors .  Once upon a time, these were generally considered off-limits by attackers and state actors as disruptions to these could affect lives or the supply chain and lead to very active state-sponsored reprisals.  The article points out that in the US alone attacks were launched against 14 of the 16 critical sectors last year (2021).  https://www.scmagazine.com/analysis/cloud-security/so-called-red-lines-increasingly-crossed-by-ransomwa...

Summary This week we saw a wide array of news about cyber security.   News SLTT Pellissippi State Community College was the victim of a ransomware attack that apparently was trying to encrypt data.  They report they did not pay the ransom and are working to figure out the extent of data that was accessed. https://www.securityweek.com/tennessee-community-college-suffers-ransomware-attack?&web_view=true https://www.infosecurity-magazine.com/news/tennessee-college-hit-ransomware/ Infosec Institute is offering scholarships to 15 people from underrepresented groups in the infosec/cybersecurity industry.  It expands on their Accelerate Scholarship Program.   https://www.infosecurity-magazine.com/news/infosec-announces-new/ https://www.infosecinstitute.com/scholarship-opportunities-for-aspiring-cybersecurity-professionals/?utm_source=newswire&utm_medium=pr&utm_campaign=accelerate&utm_content=women#women Clario researchers discovered an unsecured Mi...

 Summary News came this week of several new cyber security operation centers.  This is a great idea.  The harder we make it for the bad guys the more likely they are to try and figure out something else to do.  We also have some advisories about issues in Industrial Control Systems(ICS). News SLTT Several Puerto Rico government entities were struck by a cyberattack including the territories Senate.  Still not a lot of information at this time. https://www.securityweek.com/official-says-puerto-ricos-senate-targeted-cyberattack?&web_view=true The Port of Los Angeles has opened its own Cyber Resilience Center (CRC).  This CRC will ensure that the port is protected from cyber threats that might impact cargo shipments that come into one of the world's most active seaports.   https://www.infosecurity-magazine.com/news/la-launches-cyber-resilience-center/ Power The U.S. Federal Energy Regulatory Commission (FERC) is looking at implementing a new regu...

 Summary First, let me start by saying that I am very sorry for the long pause.  As some of you know I am a grad student and last semester was very brutal.  I lost pretty much all my free time between work and school.  I also was ill (non-covid) for a couple of weeks and was out of commission.  Lastly, over the holidays, I (like most of the rest of the cyber security world) was under pretty high alert and spent a lot of after-hours time perfecting my IDS and response systems.  I am hopeful in 2022 to do better (just like I am every year).  To assist with this, I am toying with starting a podcast in either totally audible or in audio-video format.  Please feel free to let me know if this would be of use. News Education A nonprofit is warning that many of the programs and applications used by k-12 schools have major privacy and security flaws.  One of the major contributors was the use of website technologies to allow schools to create dynamic ...

 Summary It was a slow week for SLTT and Infrastructure news.   News Report on the 'abysmal' state of security in ICS Continuing with a theme, another researcher finds that our ICS security is so bad that it is putting national security interests in jeopardy.   https://www.zdnet.com/article/critical-infrastructure-security-dubbed-abysmal-by-researchers/#ftag=RSSbaffb68?&web_view=true Joint Advisory on Blackmatter ransomware The CISA, FBI, and NSA released a joint advisory with information about the Blackmatter ransomware package that appears to have been created by (or last least borrowing from) The Dark Side group.  In information released around the advisory, it was reported that this package was seen in attacks against 2 agriculture companies in the United States in September.         https://www.zdnet.com/article/cisa-says-blackmatter-ransomware-group-behind-recent-attacks-on-agriculture-companies/ https://techcrunch.com/2021/10/...

  Summary Let me apologize for the long delay right upfront.  First, we had a round of Covid in the household in a person who is immune-compromised.  Next, I started a new semester in college and the workload was far greater than I expected.  Lastly, this is the start of the budget year for us and I had several projects that have demanded almost every second of my work time.  I hope to get back to weekly updates by November. Lots of news that covers:  health care, education, infrastructure, and SLTT governments around the world.  Since I am hitting the length limitations of Blogger, I will simply invite you to read and try and get caught up yourself.  News UC San Diego Health sued over breach In what is becoming a growing trend UC San Diego Health is being sued for failure to have proper data protection protocols.  The suit is citing breach of contract, negligence, and violating California consumer and medical privacy laws.  Specifically...