Security News

Guess your password? Crack your password? Steal your password? What if the crooks already have one of your passwords, and can use it to figure out all your others as well? I guess, in the light of recent disclosures by LastPass where password databases were stolen but the passwords were encrypted.

We've got one zero-day, but perhaps even bigger than that, we say, "Thanks for the memories, Windows 7 and Windows 8.1, we hardly knew ye." There's one zero-day, which I think is an elevation of privilege, and that applies right from Windows 8.1 all the way to Windows 11 2022H2, the most recent release.

LastPass finally admits: Those crooks who got in? They did steal your password vaults, after all. Actually your passwords were encrypted, but the websites and the web services and an unstated list of other stuff that you stored, well, that *wasn't* encrypted.

DUCK. Today's topic is: Incident response - A day in the life of a cyberthreat responder. PETER. Typically, we're brought in either just after an attack or while one is still unfolding.

DUCK. OK, so application control is Sophos's name for the ability to detect, and optionally to block, software that is not malware, but that a well-informed administrator might not want to support in their environment? DUCK. Now, my understanding is most so-called "Fileless malware" does involve files, probably quite a lot of files in its operation.

Misconfigured Amazon Web Services S3 buckets belonging to McGraw Hill exposed more than 100,000 students' information as well as the education publishing giant's own source code and digital keys, according to security researchers. The research team at vpnMentor said they discovered the open S3 buckets on June 12, and contacted McGraw Hill a day later.

Microsoft now has an advisory out that's blaming rogue partners. The problem with certified kernel drivers, of course, is because they have to be signed by Microsoft, and because driver signing is compulsory on Windows, it means that if you can get your kernel driver signed, you don't need hacks or vulnerabilities or exploits to be able to load one as part of a cyberattack.

DOUG. Break out the old tag in HTML, make it blink a little bit? [LAUGHS]. DUCK. Doug, for a moment, I was worried you were going to use the word [LAUGHS] .

Once you'd authorised it, it was able to read your files, and because it could read your files, it could get the list of all the people you normally corresponded with from your so called nicknames or NAMES file, and blasted itself out to all of them. DUCK. People you'd never heard from for a couple of years suddenly they would be all over your mailbox!

As soon as I give you a piece of information where just acting on that information makes you more secure, then I think we *all win collectively*, because now there's one less avenue for a cybercriminal to attack you and that makes us all collectively more secure. If you're the victim of a ransomware attack where pretty much all the useful data files, on all your computers including your servers, on your entire network, have been encrypted.