Security News > 2021 > September

One of the symptoms of this rampant and global technological epidemic are the vulnerabilities that exist in internal databases globally - those that often store an organization's most sensitive data. Despite the increasing adoption of cloud infrastructure and database environments, it's estimated that 50% of data is stored on-premises.

Microsoft's Patch Tuesday update last week was meant to fix print vulnerabilities in Windows but also broke network printing for many, with some admins disabling security or removing the patch to get it working. Microsoft's fix was in two phases, first to add a registry setting to increase the authorization level for remote access to printers and second, to inform admins that "The release transitions into the enforcement phase on September 14, 2021. Enforcement phase enforces the changes to address CVE-2021-1678 by increasing the authorization level without having to set the registry value." That September date was "Patch Tuesday" last week - though some admins were already having issues with network printing caused by Microsoft's other mitigation efforts.

SEE: 5 things developers should know about data privacy and security. A report released Tuesday by identity provider Ping Identity looks at how security and privacy issues can frustrate and turn away people trying to log into and use a website.

The UK's Ministry of Defence has launched an internal investigation after committing the classic CC-instead-of-BCC email error - but with the names and contact details of Afghan interpreters trapped in the Taliban-controlled nation. The horrendous data breach took place yesterday, with Defence Secretary Ben Wallace promising an immediate investigation, according to the BBC. Included in the breach were profile pictures associated with some email accounts, according to the state-owned broadcaster.

Apparently, a nation-state hacked Alaska's Department of Health and Social Services. Not sure why Alaska's Department of Health and Social Services is of any interest to a nation-state, but that's probably just my failure of imagination.

New Cooperative Inc., an agricultural cooperative owned by Iowa corn and soy farmers, has been hit by the BlackMatter ransomware group. The attackers are asking the co-op to pay $5,900,000 for the decryption key and not to release the stolen data.

BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6,000 customers in the media industry. Marketron provides cloud-based revenue and traffic management tools for broadcast and media organizations.

One bad configuration setting in a popular cloud platform can have far-reaching consequences, allowing threat actors to access an abundance of valuable, personal information and use it to their advantage. Whilst organizations have rushed to adopt cloud platforms, expertise in these platforms has lagged, often resulting in misconfiguration, and leading to many of the cases of data exposure that have been seen.

Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe's ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target's network 79 hours after the hack. "Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target," Sophos principal researcher Andrew Brandt said.

In this interview with Help Net Security, Eran Livne, Director, Product Management, Endpoint Remediation at Qualys, discusses vulnerability remediation complexity, the challenges related to proactive patching, as well as Qualys Patch Management. Most vulnerability remediation involves multiple teams and processes - first, a scanning tool identifies vulnerabilities, and then they are passed to the patching team for remediation.