Terry Cutler – The Ethical Hacker
Home » Cyber Security Today, Week in Review for Friday, December 23, 2022
Business Content

Cyber Security Today, Week in Review for Friday, December 23, 2022

Listen to Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and Terry Cutler as they talk about the U.S. Justice Department seizure of 48 internet domains of crooks offering DDoS-for-hire services, a Canadian supermarket chain Empire Co. said they might have to take charge of $25 million financial costs not covered by cyber insurance. Personal information of customers who dined in restaurants that use the SevenRooms customer management platform is being offered for sale on the Internet…and more.

You can listen to the full podcast here.

Howard: Joining us now from Montreal is Terry Cutler. Let’s start with Samba. The Samba project issued four patches to plug vulnerabilities. First, what is Samba?

Terry: In a nutshell, Samba is the standard interoperability suite that allows integration of both Linux and Windows. This will enable IT administrators to link Linux and Unix servers and desktops into Active Directory. This way, administrators can manage setup and configuration from one place. Many large companies deploy Linux because it takes fewer resources and it’s more stable than Windows, in my opinion. The challenge is finding Linux experts to manage these things. One of the reasons why some get installed is so they can be centrally managed.

Howard: How serious are the four vulnerabilities that the Samba project identified?

Terry: By default, Samba will accept connections from any host, which means that if you run an insecure version of Samba on a host that’s directly connected to the internet, you’re especially going to be vulnerable. But here’s where it gets worse: If the Samba server is misconfigured and allows unauthenticated users to connect, then an authenticated attacker could leverage a cryptographic flaw. This will enable the security feature to be bypassed in Windows Active Directory. Attackers can leverage a Linux box to access a Windows environment.

Howard: Do IT departments that generally run Samba well-configured?

Terry: In my opinion, it’s not always safely configured. We’ll often find configurations that are set for anyone, so it’s like a general public folder where anyone could upload malicious content to that folder, and then somebody will open it. We’ve seen it in a case where it was vulnerable and could be exploited.

Subscribe to our mailing list

* indicates required

Related posts

Phishing and vishing

Terry Cutler

99 problems but cloud backup isn’t 1

Terry Cutler

Lack of cybersecurity professionals another threat to company executives

Terry Cutler

Cyber Security Today, Week in Review for Nov. 19, 2021

Terry Cutler

Dark Web monitoring

Terry Cutler

Cyber Security Today, Week in Review for Friday August 19, 2022

Terry Cutler


Privacy & Cookies Policy