Microsoft Teams takes another hit
Adding to Microsoft’s recent woes, on the heels of the outage on Friday that we reported on yesterday, the company has now faced yet another outage. That’s two outages across North and South America in the last three days. Microsoft confirmed that Monday’s outage impacted users in North America, Canada, and Brazil, with customers experiencing connectivity issues or delays in sending and receiving messages. As of this recording, Microsoft released a statement on their X account (formerly known as Twitter), stating they are actively monitoring the situation, but “all internal service telemetry is healthy.”
(Bleeping Computer), Microsoft’s X Account
Cactus ransomware inflicts damage on energy giant
Schneider Electric continues to grapple with the aftermath of a ransomware breach that targeted their sustainability business division earlier this month. The energy management and automation giant fell victim to a Cactus ransomware attack, reportedly resulting in the theft of terabytes of corporate data. According to Bleeping Computer, the ransomware gang is now attempting to extort the company by threatening to leak the stolen data.
In a statement provided to Bleeping Computer, Schneider Electric confirmed the attack and clarified that only one division of the company was impacted., No word on whether the company plans to negotiate with the ransomware group. Customers of the sustainability business division include Clorox, DHL, Hilton, and Walmart.
The NSA is secretly buying your data
The U.S. National Security Agency (NSA) wants to know what websites and apps Americans are using. The agency has acknowledged purchasing internet browsing records without the need for a court order, as revealed in a statement from Senator Ron Wyden, a member of the Senate Intelligence Committee. In a letter to the Director of National Intelligence, Wyden stated, ‘The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ privacy are not just unethical but also illegal.” In response, the NSA stated that they are “ taking steps to minimize the collection of U.S. person information.”
(Hacker News, Wyden Release)
Ivanti struggles with zero-day deadline
The IT software firm Ivanti is officially one week behind schedule in releasing critical zero-day patches, and this delay is just the beginning. We’ve been covering this story since early January when researchers at Volexity discovered a Chinese government-backed hacking team exploiting two zero-day vulnerabilities in Ivanti. The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive, setting a deadline for federal agencies to deploy fixes by January 22nd. However, Ivanti has confirmed that the release of patches will be delayed. Ivanti now aims to release some patches next week for Ivanti Connect Secure (versions 9.1R17x, 9.1R18x, 22.4R2x, and 22.5R1.1), Ivanti Policy Secure (versions 9.1R17x, 9.1R18x, and 22.5R1x), and ZTA version 22.6R1x. Additional patches are still expected to be released on a staggered schedule, but the timing of those releases remains unclear.
Huge thanks to our sponsor, Vanta
DHS employees headed to jail for data theft
Three former Department of Homeland Security (DHS) employees have been sentenced for conspiring to steal proprietary software and sensitive law-enforcement databases from the U.S. government for commercial use. According to court documents, the stolen information included sensitive law-enforcement data and personally identifiable information of over 200,000 federal employees. The three individuals charged are Charles K. Edwards, former Acting Inspector General of the DHS Office of Inspector General, who received a 1.5-year prison sentence; Sonal Patel and Murali Y. Venkata, both from the DHS-OIG’s information technology department, were sentenced to 2 years of probation and 4 months in prison, respectively. The trio had planned to use the stolen data to create a commercial software product for sale to other government agencies.
(Bleeping Computer), (U.S. Department of Justice)
SolarWinds hits back at SEC
SolarWinds is dismissing the SEC’s fraud charges against the company “as unfounded as they are unprecedented.” We of course, all remember that 18,000 organizations were impacted by the supply chain attack, ranging from major entities like Microsoft and Intel to government agencies such as the Pentagon and Treasury. In the aftermath, the SEC filed a lawsuit against SolarWinds, alleging the company and its CISO misled investors about their security practices. SolarWinds has filed a motion to dismiss the lawsuit, with a representative for the company telling The Register that SolarWinds took the proper steps when disclosing the incident. The company claims the SEC’s lawsuit is an attempt to “force companies to disclose internal details about their cybersecurity programs.” As of this recording, the SEC has not responded to The Register’s request for comment.
Ukraine’s prison of war agency victim of cyberattack
Ukraine’s agency for Prisoners of War faced a weekend denial-of-service (DDoS) attack. According to The Record, the agency works with families of military personnel who were captured or missing and negotiates prison exchanges and the return of bodies of fallen soldiers. Access to the website has since been restored, the state agency claims the attack aimed at suppressing information on a planned prisoner exchange. While the hackers behind the attack have not been identified, the agency has accused Moscow as retribution for a recent Russian transportation crash.
Tech support and government impersonation scams evolve
Scammers beware. The FBI is warning about a government impersonation scam that is primarily targeting seniors. According to the FBI, from May to December 2023 this scam cost victims over $55 million dollars. The fraudulent scheme consists of instructing victims to liquidate their assets into cash and/or buy gold, silver, or other precious metals. Once completed, the scammers would send couriers to retrieve the items from the victim with the promise they would be put into a secure account. Needless to say, those items were never seen again.
(Federal Bureau of Investigations)