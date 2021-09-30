Security Leftovers
Azure Active Directory logs are lagging, alerts may be wrong or missing [Ed: This is a defective 'service' which compromises]
Microsoft has warned users that Azure Active Directory isn't currently producing reliable sign-in logs.
"Customers using Azure Active Directory and other downstream impacted services may experience a significant delay in availability of logging data for resources," the Azure status page explains. Tools including Azure Portal, MSGraph, Log Analytics, PowerShell, and/or Application Insights are all impacted.
Security updates for Wednesday
Security updates have been issued by Debian (libjpeg-turbo, webkit2gtk, and wpewebkit), Fedora (golang-github-opencontainers-runc, mingw-pcre2, python-jwt, python-ujson, and weechat), Oracle (nodejs:16 and rsyslog), Red Hat (container-tools:3.0, expat, fapolicyd, kernel, kernel-rt, kpatch-patch, mariadb:10.3, postgresql:12, rsyslog and rsyslog7, and zlib), Slackware (mozilla), SUSE (bind, dpdk, fribidi, hdf5, librelp, php74, postgresql12, and postgresql13), and Ubuntu (cups, linux-gcp-5.13, linux-oracle, linux-oracle-5.13, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, and webkit2gtk).
Karakurt Data Extortion Group [Ed: Microsoft Windows TCO]
CISA, the Federal Bureau of Investigation (FBI), the Department of Treasury, and the Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory (CSA) to provide information on the Karakurt data extortion group. Karakurt actors steal data and threaten to auction it off or release it to the public unless they receive payment of the demanded ransom.
Watch out for phishing emails that inject spyware trio • The Register [Ed: Microsoft Windows TCO]
An emailed report seemingly about a payment will, when opened in Excel on a Windows system, attempt to inject three pieces of file-less malware that steal sensitive information.
Researchers with Fortinet's FortiGuard Labs threat intelligence unit have been tracking this mailspam campaign since May, outlining how three remote access trojans (RATs) are fired into the system once the attached file is opened in Excel. From there, the malicious code will not only steal information, but can also remotely control aspects of the PC.
The first of the three pieces of malware is AveMariaRAT (also known as Warzone RAT), followed by Pandora hVCN RAT and BitRAT.
Smart homes are hackable homes if not equipped with updated, supported tech [Ed: Homes that reject these mass surveillance devices are impenetrable to such attacks; fully updated devices still spy on you]
Smart homes are increasingly becoming hackable homes, according to consumer research.
The report by consumer rights organization Which? paints a grim picture for people who have equipped their residences with gadgets, many from trusted tech names.
As with pretty much everything in IT, if you connect a device to the internet, ensuring it's patched and has a decent password is the very least owners can do. Even then, there are no guarantees that this is secure.
Plasma System Monitor & custom graphs
The new Plasma System Monitor is a great example of the wider Linux ecosystem. There was a tool, called KSysGuard, which worked pretty well. And so, a new tool was created, which for quite a while lacked the functional parity and was far buggier. This new tool was called Plasma System Monitor. Now, it has become the Plasma default, the old tool is gone, but you still don't quite get the functionality equivalence, and the graphs are significantly worse (by default and else). Feels like a lot of unnecessary effort. Linux, and modern software to boot. That said, Plasma System Monitor is an extensible program, and you can tweak its look & feel. You can add new custom graphs, edit the existing ones, and make it work the way you want it. This is great, for tinkering nerds who want to invest time in something like this. This is horrible for the average user, who just needs to see some basic metrics for their system. But hey. The wheel of code must forever turn. Hopefully, this tutorial slash rant provides the necessary guidance to help you tame Plasma System Monitor to your liking, so that you can have a reasonably productive and accurate experience. Now you have the tools to be your own ... whatever. Thank you for reading, and see you soon.
