As a followup to the Microsoft Autodiscover problem from last week, Microsoft is registering a variety of domains .. .like autodiscover.com, .uk, and .de. Despite their efforts to try and minimize the leak, a fix for the issue will still be required.
There’s also a bug in Windows Platform Binary Table, which allows a rootkit – and dates back to Windows 8. Microsoft recommends use of a Windows Defender Application Control to restrict binaries. Microsoft has also announced that Basic Authentication will be turned off on October 1 of next year for all Exchange Online users. And they also published information about a new attack by Nobelium (of SolarWinds hack fame), which is a backdoor to Active Directory Federation Services.
In new vectors of attack news… how about Google Ads? Microsoft is reporting about the Zloader malware being spread via Google Ads. ZLoader operators are buying Google keyword ads to distribute several strains. Not an entirely new technique, just a much, much larger reach.
Direct from the Verge, Almost a quarter of healthcare organizations that were hit with a ransomware attack in the last two years said they had increases in patient death rates in the aftermath, according to a new report sponsored by cybersecurity company Censinet.
On the regulation front, the head of CISA testified last week to the Senate in favor of requiring requiring critical infrastructure owners and operators, federal contractors and agencies to report attacks to CISA within 24 hours of detection. The debate is ranges between 24 hours, to 72 hours, to seven days.
There’s clearly momentum for cyber security, as there is a rewrite of the law governing federal information security requirements and procedures maneuvering through Congress right now.
Why do we care?
I feel like this is the tactical portion of the show. It’s a lot. I’m going to focus on one here – that research about the increase in patient death rates. The problem is literally killing people. Will the momentum for regulation make a difference? Watching that trend is the reason to take notice.