Hi folks,

This week was super exciting for me. I got to join two exercises in "analogue" incident response (think fires and chemical leaks, not hacks). It's amazing to see how many things line up with the digital version that I am more familiar with. Especially how much effort goes into communication and documentation.

One unfortunate thing that stood out though, was how often infosec came up as a blocker. Some folks even brought their personal laptops as backups because the too restrictive security policies get in the way of actually saving lives.

Yes, shadow IT is everywhere, but often for good reason. It reminded me of a wonderful quote: "make rivers not walls". Try and make the right path easy to follow, instead of saying no all the time. Something to ponder.

Enjoy the read!

Dieter Van der Stock

Breaches and leaks

  • Massive ransomware attack hinders services in 70 German municipalities: link.
  • Okta hit by third-party data breach exposing employee information: link.
  • Boeing confirms cyberattack amid LockBit ransomware claims: link.
  • California city warns of data breach after ransomware attack claims: link.
  • Stanford University investigating cyberattack after ransomware claims: link.
  • Toronto Public Library facing disruptions due to cyberattack: link.
  • British Library knocked offline by weekend cyberattack: link.
  • California community college Río Hondo dealing with cybersecurity incident: link.
  • Dallas County ‘interrupted’ data exfiltration, prevented encryption after attack: link.
  • Major Mexican airport confirms experts are working to address cyberattack: link.
  • Hackers email stolen student data to parents of Nevada school district: link.
  • Connecticut AG demands answers from 23andMe after data breach: link.
Dieter Van der Stock

Issues and fixes

  • Atlassian: "Take immediate action" to patch your Confluence Data Center and Server instances: link.
  • Apple patches a raft of vulnerabilities: link.
  • Apache ActiveMQ servers vulnerable to RCE attacks exposed online: link.
  • Hackers exploit recent F5 BIG-IP flaws in stealthy attacks: link.
  • RCE exploit for Wyze Cam v3 publicly released: link.
  • Exploit released for critical Cisco IOS XE flaw, many hosts still hacked: link.
  • Hackers use Citrix Bleed flaw in attacks on govt networks worldwide: link.
  • Microsoft temporarily disables SketchUp support after discovery of 117 vulnerabilities: link.
Dieter Van der Stock