Commit 12_12_2023: Patch Tuesday mends a few scratches

Diana Polekhina / Unsplash

Welcome to Commit 12_12_2023! README senior editor Nathaniel Mott here with the day’s leading security news.

BleepingComputer: Microsoft addresses one zero-day


Christmas, Hanukkah and Kwanzaa aren’t the only special days on December’s calendar. Today is Patch Tuesday, and BleepingComputer reported that this time around Microsoft’s released “security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs.”

That zero-day is caused by a “division-by-zero bug in specific AMD processors that could potentially return sensitive data.” The flaw was disclosed in August—which seems like an eternity for zero-day vulnerabilities—and now it’s finally been patched. Microsoft’s releases also included fixes for 34 other vulns that run the gamut from privilege escalation and remote code execution to denial of service.

The Record: Ukraine’s leading telecom shuts down

The Record today reported that a cyberattack on Kyivstar, which is reportedly Ukraine’s largest telecom operator, has left “millions of people without cell service and internet.” The investigation into the attack is still under way, but I don’t think it will require too many guesses to figure out who was behind the hack. (Especially since the country’s been actively engaged in war with Russia since February 2022.)

It wouldn’t be the first time Russia’s targeted Ukraine’s telecommunications networks. Reuters said last year that another telecom, Ukrtelecom, “experienced a disruption in internet service on Monday after a ‘powerful’ cyberattack.” The satellite-reliant internet service Viasat was also targeted at the beginning of the conflict. Now it seems it was Kyivstar’s turn to be targeted as well.

Reuters: Cybercriminals seem to love… Wyoming?

This is normally where I would list some of the things that come to mind when I think about Wyoming so I can contrast them with Reuters today reporting that “digital defenders have implicated Wyoming LLCs in high-profile hacking activity” three times over the last four months. But I can’t think of anything—which I suppose might be the reason why cybercriminals are using the state as a virtual base of operations?

“Interviews with half a dozen tech and compliance experts and hacking victims like Mumin suggest that the state once known as the rugged refuge for 19th century bandits is now catering to 21st century outlaws,” Reuters said, with one source declaring the state is “the virtual Wild, Wild West.” What’s next, Idaho ditching the potatoes to become a hub for artificial intelligence startups? (Maybe – shoutout to Idaho National Lab’s AI research hub.)

TechCrunch: Unclear how Bitcoin ATM company was hacked

A company being hacked is rarely good news. It’s made even worse when the company has to admit that it’s not clear how it was compromised long after an incident, which TechCrunch today reported is exactly the case with Coin Cloud, a Bitcoin-focused ATM provider that went bankrupt in February. Its new owners—which also operate ATMs for Bitcoin for some reason—still don’t know how it was hacked.

That’s a shame, because the hacker reportedly made off with “70,000 pictures of customers taken from cameras embedded in the ATMs, as well as the personal data of 300,000 customers.” That data is said to include users’ names, Social Security numbers and contact information, which seems like the exact opposite of what people tend to expect from cryptocurrency-based transactions.