Baltimore, Israel, First Things First discussed on Security on The Bayou

Automatic TRANSCRIPT

And. Welcome to security on the by you. I'm your host Chris Adkins, and they're a recap of today's Security News. And why it matters to you? Hello friends. Welcome to security on the by you. It is Wednesday may fifteenth twenty nineteen in. Here's your Security News for the day first things first from so FO's naked security blog. You know? This is one of my favorites. Title is update now critical remote, warm, -able windows vulnerability. So normally I would just skip right over patch Tuesday because it's everywhere all the time. It's not even patched Tuesday anymore. What do even call it anymore windows update day? I don't know anyways. This is written by Mark Stockley. And the reason I'm calling this out today is because there is a vulnerability in the remote desktop services that is warm -able. So the reason this is important because warm balists intially means that it can spread throughout the network. This is the same type of thing that happened with wannacry the ransomware. So this is actually a pretty big vulnerability. They're all big, right? But this one has a large impact across environment. This isn't something that will just 'cause you're a single remote code execution in a browser or something like that. And isolate. Fid incident. This could potentially affect the entire network of your enterprise. So if you haven't patched yet, go ahead, go through the cycle. I know most large enterprises it's not a day off. Right. You got a good test. And it's going to be a month to a quarter. But this is one of those that you wanna put a high priority on and push through change control. Probably as quick as you can get test to get it get it out in the next week or so protect your network. All right next. This is also once ransomware everywhere. I'm maybe I'm seeing it. Maybe I'm obsessed with it. I don't know. But we're going to keep talking about it. So if you didn't hear last week Baltimore the city city of Baltimore had a ransomware attack in normally I would just gloss over it and move on right because it's just another city with another ransomware attack. Well, this one gets a little bit more interesting today because on the old tweet box. Somebody posted a tweet that essentially. Is docked pictures of documents that would have been from the city. So not only is there ransomware here. But it appears that there was a fairly large data-breach. So this is significant because the the hacker is acting asking for about seventy six thousand dollars, and they're saying that after ten days, they will no longer pass them decryption keys. So after ten days, theoretically, all these systems could get wiped. Which is interesting. So they have ten days. You know, I my guess would be that if they don't get paid. They're gonna wipe all the systems, and they're probably going to dump all these documents. Now, if you have nothing to be afraid of well, that's not the that's not the right mentality. This is just not good in general for the city of Baltimore. So one of the things when I was reading this article is like, you know, where all is this happening. How many other cities are municipalities or counties or whatever? And so actually in this article this person, she read my mind. Kelly Jackson, Higgins, she read my mind, enlisted, all the other places happen. So as one of twenty two against state local government entity so far twenty nineteen. So I'll read them off Washington, Pennsylvania Amarillo, Texas Cleveland airport. Cleveland, Ohio guests city centre. Gusta means Stuart Florida imperil County, California Garfield county, Utah reinvent North Carolina. All the New York Jackson County, Georgia school system of Taus, New Mexico. Del Rio, Texas, Atlanta, Georgia. In Leo minster, Massachusetts, just in a few. So it's happening. It's out there. And that's all just in twenty nineteen. And it's only may so these are going to keep going up. I imagine that you'll probably see there's a lot of cities, right? They're gonna keep going after these guys. Specially if your own past all right next, the from Graham, clearly, which is a great blogs when my favorite probably seen his name wrong. Right. I don't know if that's right or not anyways. Israeli TV Eurovision webcasts hijacked by hackers HAMAs blamed, so I'm not going to dig into this too much. Just find interesting this is like something you'd see I'm mister robot. Right. They took over the broadcast in Israel and played their own message. What that message is. Let's see, oh, it was essentially a it's a warning symbols has risk of missile attack. Please take shelter. Israel, Israel is not safe. You will see? So taking advantage of the fear in people. So interesting. They would do this. I mean continues to escalate over there with everything going on. Not that it's ever going to de-escalate anytime Sumer afraid. All right. So that is Wednesday may fifteen twenty nineteen everybody have a good week. It is Wednesday were almost to the weekend. Keep pushing forward get those patches out get rid of the ransomware. Alrighty, what are we doing? All right, everybody. Good. We we'll talk tomorrow.

Coming up next