CISA – The US Cybersecurity and Infrastructure Security agency added 95 security flaws to its Known Exploited Vulnerabilities catalog. The list of active exploits now sits at 478
38 are cisco
27 for Microsoft
16 for adobe
7 for oracle
All are related to Apache Tomcat, ChakraCore, Exim, Mozilla Firefox, Linux Kernel, Siemens SIMATIC CP, and the Treck TCP/IP stack. If you use any of these systems please check the list and your systems to make sure you aren’t vulnerable
Source:
Story 2:
Hackers are using 100k misconfigured servers to ddos websites. Akamai says attackers are exploiting the servers to target sites in the banking, travel, gaming, media, and web-hosting industries. DDOS attacks like this are usually orchestrated by APTs like China to censor restricted content based on regime’s demands. Security researchers state they have no evidence currently of this type of attack dubbed Middlebox DDOS Amplification are currently in use, but suspect that its only a matter of time.
Source:
Story 3
On February 26th Mykhailo Fedorov, Ukraine’s minister for digital transformation announced the creation of a volunteer cyber army to counter Russia’s online assault that accompanies the invasion in real time. “We have a lot of talented Ukrainians in the digital sphere: developers, cyber specialists, designers, copywriters, marketers,” stated on the official Telegram channel.
There is no confirmed successes, but I am sure they are doing an excellent job countering the Russian Advanced Persistent Threat.
Story 5
According to an official press release, Microsoft has successfully completed it’s acquisition of Nuance Communications. With the new AI expertise onboard covering healthcare, financial services, retail and telecommunications we can expect a leap forward in capabilities on Azure’s machine learning platform. Especially with the new resources at Nuance’s disposal.
In AWS News:
Cipher suites in Amazon Aurora PostgreSQL are now configurable
Amazon RDS now supports MariaDB versions 10.6.7, 10.5.15, 10.4.24, 10.3.34, and 10.2.43
Asynchronous Inference add support for SageMaker Python SDK
Amazon FSx for OpensZFS data storage is now customizable to optimize performance in database applications
Now to Google Cloud
Google Cloud Deploy now supports Anthos clusters
Google Cloud Managed Service for Prometheus is now generally available
Eventarc is now HIPAA compliant
And don’t forget the Google Data Cloud Summit is on April 6th at 9am- Noon PDT
Thanks for swinging by, see you later with more tech news.
