IT Security Newsletter - 10/16/2023
Kwik Trip IT systems outage caused by mysterious 'network incident'
Kwik Trip has been impacted by a wide range of mysterious business disruptions since this weekend that are indicative of a ransomware attack. Kwik Trip is a US chain of over 800 convenience stores and gas stations in Michigan, Minnesota, and Wisconsin, also operating under the name Kwik Star in Illinois, Iowa, and South Dakota. The company employs over 35,000 people. READ MORE...
AI algorithm detects MitM attacks on unmanned military vehicles
Professors at the University of South Australia and Charles Sturt University have developed an algorithm to detect and intercept man-in-the-middle (MitM) attacks on unmanned military robots. MitM attacks are a type of cyberattack where the data traffic between two parties, in this case, the robot and its legitimate controllers, is intercepted either to eavesdrop or to inject false data in the stream. READ MORE...
Microsoft fixes Windows 10 security update installation issue
Microsoft has resolved a known issue that caused Windows 10 security updates released during this month's Patch Tuesday to fail with 0x8007000d errors. For systems impacted by this issue, specifically Windows 10 21H2 and Windows 10 22H2, the KB5031356 security update would fail despite displaying initial progress during deployment. The company acknowledged the problems on Friday, confirming user complaints emerging since Tuesday and saying that trying to install the update manually was also impossible. READ MORE...
Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure
US authorities issued a warning this week about potential cyberattacks against critical infrastructure from ransomware-as-a-service (RaaS) operation AvosLocker. In a joint security advisory, the Cybersecurity Infrastructure and Security Agency (CISA) and FBI warned that AvosLocker has targeted multiple critical industries across the US as recently as May, using a wide variety of tactics, techniques, and procedures (TTPs), including double extortion and the use of trusted native and open source software. READ MORE...
Explained: Quishing
Quishing is phishing using QR (Quick Response) codes. QR codes are basically two-dimensional barcodes that hold encoded data, and they can be used to work as a link. Point your phone's camera at a QR code and it will ask you if you want to visit the link. The use of QR codes in malicious campaigns is not new, and because they can provide contactless access to a product or service they grew in popularity during the Covid-19 pandemic. READ MORE...
Passkeys Are Cool, but They Aren't Enterprise-Ready
The growing support for passkeys means consumers and small businesses finally have an easy-to-use technology for passwordless access to websites and cloud applications, but enterprises will likely not see a usable form of the technology for some time yet. The passwordless authentication approach, based on the FIDO Alliance's WebAuthn standard, allows developers to leverage the user device's authentication technology to log into cloud services and Web applications. READ MORE...
Microsoft tops CISA's list of exploited CVEs used in ransomware attacks
Threat actors can break into an organization's infrastructure to initiate ransomware attacks in many ways, but vulnerability exploits remain an effective and productive tool for financially-motivated cybercriminals, data from the Cybersecurity and Infrastructure Security Agency shared Thursday illustrates. Nearly 1 in 5 exploited common vulnerabilities and exposures (CVE) are also known to be used in ransomware attacks, according to CISA's Known Exploited Vulnerabilities Catalog. READ MORE...
Milesight Industrial Router Vulnerability Possibly Exploited in Attacks
A vulnerability affecting some industrial routers made by Chinese IoT and video surveillance product maker Milesight may have been exploited in attacks, according to exploit and vulnerability intelligence firm VulnCheck. Several UR-series industrial cellular routers from Milesight (Ursalink) are affected by CVE-2023-43261, a serious vulnerability exposing system log files, such as 'httpd.log'. READ MORE...
- ...in 1758, lexicographer and author Noah Webster, Jr., whose work was the basis for the modern Merriam-Webster English dictionary, is born in Hartford, CT.
- ...in 1793, deposed Queen Consort Marie Antoinette of France is executed by guillotine at the height of the French Revolution.
- ...in 1923, The Walt Disney Company is founded by brothers Walt and Roy Disney.
- ...in 1950, C.S. Lewis publishes "The Lion, the Witch, and the Wardrobe", the first book written in his "Chronicles of Narnia" series.