Microsoft Issues ‘Important’ Security Fix for Azure AD Connect

This type of unpatched vulnerability could have serious implications for any organization running MS components in the Azure cloud.  The compromise of a domain controller could lead to the complete infiltration of an environment, providing bad guys with the ability to touch and review hundreds of servers, create unknown numbers of hidden accounts with elevated privileges, and lay the groundwork for data ex-filtration and ransomware-style infections.  Please review your environments and patch accordingly.

Petya Ransomware Outbreak Originated in Ukraine via Tainted Accounting Software

Here are two different articles with two very different conclusions as to the severity of the Petya / NotPetya outbreak that began yesterday.  One common thread is that all sources agree on the root cause / distribution method.  It is very scary to consider the implications of a compromised, yet trusted software vendor and the update processes that take place everyday from and with these vendors.

For this author’s perspective, I tend to see this outbreak as less devastating than WannaCry simply because of the lack of an active Internet worm component.  It is certainly more harmful in any given LAN that it infects, but the number of potential LAN’s to be infected is limited.

Snapchat starts sharing your (and your kids’) location. Turn it off.

Please take the time to review these linked articles and protect yourself and your children from the exploitation of leaked location data and the evil that comes with that practice.

Anthem agrees to pay record $115M to settle data breach suit

I think the most interesting piece on this article is not the amount of the settlement, but instead the fact that Anthem is admitting NO wrongdoing and No harm.  Be disturbed.  Be concerned.  Do you believe Anthem has taken this breach seriously and made the changes necessary to protect patient data if they do not believe they were at fault?