Security: Microsoft Windows Strikes Again

Submitted by Roy Schestowitz on Friday 12th of July 2019 05:00:19 PM Filed under
Microsoft
Security
  • U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack

    The U.S. Coast Guard has issued an official warning to owners of ships that cybersecurity at sea needs updating, and updating urgently. In the Marine Safety Alert published June 8, the Coast Guard "strongly encourages" that cybersecurity assessments are conducted to "better understand the extent of their cyber vulnerabilities." This follows an interagency investigation, led by the Coast Guard, into a "significant cyber incident" that had exposed critical control systems of a deep draft vessel bound for the Port of New York in February 2019 to what it called "significant vulnerabilities."

  • Malware on the High Seas: US Coast Guard Issues Alert [iophk: Windows TCO is not a laughing matter. Get rid of it.]

    The ship's network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard, according to the report.

  • Eurofins Scientific: Forensic services firm paid ransom after cyber-attack [iophk: Windows TCO]

    BBC News has not been told how much money was involved in the ransom payment or when it was paid.

    The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid.

  • Eurofins Scientific Paid Up in Response to Ransomware Attack: Report [iophk: Windows TCO]

    Luxembourg-based laboratory testing services giant Eurofins Scientific reportedly paid the ransom demanded by cybercriminals following a successful ransomware attack that led to the company taking offline many of its systems and servers.

  • Eurofins Scientific forensics firm pays after hit with ransomware [iophk: Windows TCO]

    Eurofins didn’t disclose how much it paid to retrieve its information but the money was likely paid between June 10, when Eurofins issued a statement about the attack, and June 24 when it published an update saying it had “identified the variant of the malware used” in the attack and had strengthened its cybersecurity.

  • [Old] Combating WannaCry and Other Ransomware with OpenZFS Snapshots [iophk: use FreeBSD, OpenBSD, or GNU/Linux on the desktop to avoid ransomware and servers to avoid ransomware damage]

    OpenZFS is the powerful file system at the heart of every storage system that iXsystems sells and of its many features, snapshots can provide fast and effective recovery from ransomware attacks at both the individual user and enterprise level as I talked about in 2015. As a copy-on-write file system, OpenZFS provides efficient and consistent snapshots of your data at any given point in time. Each snapshot only includes the precise delta of changes between any two points in time and can be cloned to provide writable copies of any previous state without losing the original copy. Snapshots also provide the basis of OpenZFS replication or backing up of your data to local and remote systems. Because an OpenZFS snapshot takes place at the block level of the file system, it is immune to any file-level encryption by ransomware that occurs over it. A carefully-planned snapshot, replication, retention, and restoration strategy can provide the low-level isolation you need to enable your storage infrastructure to quickly recover from ransomware attacks.

Initial Raspberry Pi 4 Performance Benchmarks

It's been (and still is) a particularly busy few weeks for benchmarking. For those curious about the Raspberry Pi 4 performance that was announced at the end of June along with Raspbian 10, here are our initial performance benchmarks of the Raspberry Pi 4 Model B in 2GB and 4GB variants compared to various other ARM SBCs. In case you missed the original announcement, the Raspberry Pi 4 features a quad-core Cortex-A72 CPU clocked up to 1.4GHz, new 1GB / 2GB / 4GB versions, dual HDMI outputs and can handle up to 4K displays with the new Broadcom VC4 hardware using their V3D open-source driver stack, full-throughput Gigabit Ethernet, dual-band 802.11ac WiFi, two USB 3.0 ports complementing two USB 2.0 ports, and various other improvements. Read more

Raspberry Pi 4 Model B and Raspbian Buster: How to set up your board

The glaring omission here is any kind of micro-HDMI cable or adapter. There are still no such cables in stock at the Pi-Shop (which probably also explains why there wasn't one included in this starter kit), so I had also ordered an adapter. There is a limitation when using the micro-HDMI adapter, which is perhaps not obvious from just looking at these pictures. Because the two micro-HDMI connectors are relatively close together on the board, it is not possible to use two adapters side by side - there's just not enough room for the HDMI heads of both of them. Read more

Debian Linux 10 'Buster' Places Stability Ahead of Excitement

If you are relatively new to using Linux, Debian's design decisions will not pose obstacles to using it. If you insist on speedier application updates, you might spend excessive time grabbing newer versions from .deb repositories that are outside Buster's reach. Get Debian 10 Buster ISO downloads here. You will have plenty of time to resolve those issues. The developers have a long slog to the release of Debian 11, aka "Bullseye." I can only hope that the next Debian upgrade comes a lot closer to hitting an improved bull's-eye that is less boring. Read more

GNOME Software in Fedora will no longer support snapd

In my slightly infamous email to fedora-devel I stated that I would turn off the snapd support in the gnome-software package for Fedora 31. A lot of people agreed with the technical reasons, but failed to understand the bigger picture and asked me to explain myself. I wanted to tell a little, fictional, story: In 2012 the ISO institute started working on a cross-vendor petrol reference vehicle to reduce the amount of R&D different companies had to do to build and sell a modern, and safe, saloon car. Read more

