Sans News bites for February 17, 2023Sans News bites for February 17, 2023

I know I usually try to read these on Friday or Saturday and the Tuesday ones on Tuesday or Wednesday, but now is better than later for last Friday.

Lots of annotated news, some of which we’ve covered here on the blog.

Top of the news

• FAA Tells Senate Panel About New Procedures to Protect Against NOTAM Outages
• Microsoft’s February Patch Tuesday Includes Three Zero-days
• Cisco Updates Address ClamAV Vulnerability

The Clam AV story is interesting as its an antivirus engine. What I didn’t know is that it could be in products that we don’t know has it. That’s an interesting development, and why Cisco is pushing out the patch.

The patch Tuesday articles are here and we posted Krebs on Security’s and an article from Kim within that week. Others are in that list too.

As for the FAA issue, its going to get interesting. We know that lots of flights were grounded and I know it is a tricky issue so I’m not going to trash an agency who is trying to deal with something that has probably only happened once and its been working so well before hand.

The Rest of the news

• Hyundai and Kia Release Software Updates to Prevent Auto Theft
• Microsoft Update Removes Internet Explorer 11 from Most Versions of Windows 10
• CommonSpirit Health Cyberattack Costs Top $150m to Date
• Community Health Systems Discloses Breach That Affected Patient Data 
• US Customs and Border Protection Can Now Read e-Passports
• CISA Adds Five Vulnerabilities to Known Exploited Vulnerabilities Catalog

The Hyundai and Kia story was published through Kim Komando’s breaking news newsletter. While i don’t cover cars on a regular basis, people need to know what’s going on and I found what they had to write quite interesting.

The fact is, Social Media, especially TikTok, allow anything to be posted. Since they’re called challenges on TikTok, anyone will do anything they see on that platform. Maybe it isn’t so prevalent on Facebook and Twitter, but I bet these types of things do occur.

Its sad about the Community Health situation. If the 150 million is only a third of the total cost they’ve lost or had to pay, we have no real answers. We know mistakes occur, but breaches in this magnitude are only going to increase and I suppose, the cost as well.

As for Microsoft removing Internet Explorer, yeah! Its out of date and probably has more bugs in it than it trying to keep up with the times. Edge using Chromium is probably people’s best bet as well as trying applications like firefox, chrome itself or even brave.

I understand brave is accessible and searching brave browser may come up with the right web site. I don’t have a URL on it, but be careful searching as actors may try to get you to click.

Want to read the newsletter? Here is the link to the February 17, 2023 newsletter for those who want to read it.

Stay safe!