And here comes another issue of the Sunday Weekly… On Mondays!
Last week we had a new Patch Tuesday from Microsoft. An interesting CVE patched with this batch is a vulnerability in SMB v3 found by Tenable. As usual, highly recommended patching.
New ransomware hitting US cities administrations. Knoxville, Tennessee, announced it:
For now, the type of ransomware is unknown, but it forced to shut down the whole IT system, which prevented, in some cases, police intervention in minor accidents.
This attack can be added to the massive list of city administrations going through this. Florence, in South Carolina, recently confirmed they paid USD 300,000 to get their IT system back. They will use the security insurance they city has, and this reinforces the question I have been asking for a while: by having cybersecurity insurance, are you more prone to an attack?
An ISP in Austria, A1 Telekom, hit by a security breach. It took A1 a month to notice it, and more than six months to kick the threat actors out from their systems. The story is interesting, and in my opinion, it points out the problem of transparency when a company is being attacked: do we need to inform or not? Doing that, we will let the bad actor know we know they are in our systems? Is it better? Is it worse?
Honda also had some problems with malware. They have not specified the type of attack, although it is thought it might be related to industrial tools, and this leads to state-sponsored (typically). But to be confirmed.
That’s all for now! Remember to follow me on Twitter and, as usual, stay safe!