TWINN #95 Time to re-evaluate Microsoft
Article Contents
Today is a day to seriously question any planned long-term usage of Windows and Microsoft 365 products. The dominance of Microsoft’s platform has made it so that prioritizing proper security hasn’t been essential to-date as it hasn’t affected their market share. The problem is that too many industries used to offer software solutions predominantly on a Microsoft stack. However, entire companies can be moved to Linux, or macOS, or to cloud solutions that don’t use Microsoft products, and can be run entirely from iOS devices.
Microsoft leaked 2.4TB of data belonging to sensitive customer. Critics are furious.
As we now know, Microsoft wasn’t even honest with their statement of “We are unable to provide the specific affected data from this issue” as those buckets were publicly indexed for months already, and anyone on the internet could find out what the data was that had been affected.
Read More: Microsoft leaked 2.4TB of data belonging to sensitive customer. Critics are furious.
Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware.
“The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems.”\
Read More: Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware.
VMware bug with 9.8 severity rating exploited to install witch’s brew of malware.
“If you haven’t patched CVE-2022-22954 yet, now would be an excellent time to do so.”
Read More: VMware bug with 9.8 severity rating exploited to install witch’s brew of malware.
Exploited Windows zero-day lets JavaScript files bypass security warnings.
Such javascript files can be used by attackers outside a web browser. Powerful attack surface. In fact, *any* Authenticode-signed file, including executables, can be modified to bypass warnings. Time to bring up more defenses.\
Read More: Exploited Windows zero-day lets JavaScript files bypass security warnings.
Text4Shell Vulnerability Exploitation Attempts Started Soon After Disclosure
This reminds us of the Log4Shell vulnerability but the likelihood of this one being exploited by criminals is quite different, given that proof-of-concept and technical details are available.
Read More: Text4Shell Vulnerability Exploitation Attempts Started Soon After Disclosure
Did you know?
There are lots of reasons to consider networking to be cool again as explored in this techradar article.
As I’m traveling this week, I am skipping the video version of this one, but will be back next week.
