CyberSecurity Knuggets
Sep 10, 2024
In recent security news, Microsoft has announced two important security enhancements coming to Windows. The first change involves disabling ActiveX in Office apps, a feature that has been a target for cybercrime groups for many years. This change is set to take effect in October and will help prevent the deployment of malware through Office documents. The second change involves adding a hash to the Common Log File System (CLFS) in Windows 11 to prevent threat actors from replacing or editing existing logs to trigger logic bugs. This is a significant step in addressing vulnerabilities that have been exploited in the past.
On the cybersecurity front, there have been several incidents of data breaches, including a leak of sensitive patient data from a virtual healthcare provider and a breach at a US car rental company. Additionally, a pro-democracy foundation in Russia was hacked, and its email inboxes were leaked online, raising concerns about the safety of sensitive information. These incidents highlight the ongoing challenges in securing sensitive data and the need for improved cybersecurity measures.
In the realm of cybercrime, two Nigerian brothers have been sentenced to long prison terms for a sextortion scheme that led to the suicide of a 17-year-old victim. This case underscores the serious impact of cyber-enabled crimes on individuals and the importance of addressing such criminal activities. Additionally, there have been reports of new sextortion and phishing schemes targeting unsuspecting individuals, highlighting the evolving tactics used by cybercriminals.
Overall, these developments underscore the ongoing challenges in cybersecurity and the need for continuous vigilance and improvement in security measures to protect sensitive data and individuals from cyber threats. Immediate attention and action are required to address these issues and prevent further exploitation of vulnerabilities.
Stay Well!