Hacker Tracker | September in Review

Where are we in the world of cybersecurity? It’s easy to miss the cybersecurity threats and attacks happening right in our “backyard”. Our goal at PK Tech is to educate and offer proactive steps for cybersecurity safety. It’s important to be aware–without being afraid–of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity.

Check out our monthly “Hacker Tracker” for the latest in cybersecurity hacks, breaches and updates…

#1 Windows Exploit Released For Microsoft ‘Zerologon’ Flaw | 9.15.20

• Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies’ Active Directory domain controllers (DCs).
• This basically allows any attacker on the local network (such as a malicious insider or someone who simply plugged in a device to an on-premise network port) to completely compromise the Windows domain.
• The flaw stems from the Netlogon Remote Protocol which is used for various tasks related to user and machine authentication.
• View the Source

#2 Cyber Attack Suspected in German Woman’s Death | 9.18.20

• Ransomware invaded 30 servers at University Hospital Düsseldorf last week, crashing systems and forcing the hospital to turn away emergency patients.
• This marks the first known death directly caused by a cybersecurity attack, though hospitals are known to be a frequent target for such attacks.
• German prosecutors are now investigating possible manslaughter charges against the cybercriminals.
• View the Source

#3 Microsoft Windows XP Source Code Reportedly Leaked Online | 9.25.20

• The source code for Microsoft’s 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan.
• This is the first time when source code for Microsoft’s operating system has been leaked to the public.
• The leaked source code should not come as a surprise as Microsoft does have a history of providing its OS source code to governments worldwide via a special Government Security Program (GSP) the company runs that allows governments and organizations controlled access to the source code.
• View the Source

Lessons Learned From This Month’s Hacks

For #1, we hope your IT Company has mitigated what Microsoft calls “the most severe bug ever reported.” Not only do you need August’s monthly update, but a policy also has to be changed on the Domain Controller(s). Again, updating isn’t an automatic fix — your IT Company has to spend some effort on fixing this problem. Read our full blog about it here.

For #2, cybersecurity has first confirmed casualty. From what we’ve read in international news, the future may hold CEOs criminally liable for deaths due to negligence. Preventable deaths due to downtime related to cybersecurity exploitation that you could have prevented are negligent. This will only get worse over time, and we expect the USA adopts this stance as well. Think of OSHA for cybersecurity. 

For #3, we hope you aren’t running Windows XP anymore! It’s highly likely that Windows 7 and 10 contain parts of XP’s code. This unprecedented leak will create devastating exploits in the future for modern versions of Windows. Working with an IT Company that actively manages your Windows Updates and IT environment has never been more critical. 

Reach out if you have questions here.