{"id":46008,"date":"2024-07-28T22:17:42","date_gmt":"2024-07-29T02:17:42","guid":{"rendered":"https:\/\/www.technewsday.com\/?p=46008"},"modified":"2024-07-28T22:17:42","modified_gmt":"2024-07-29T02:17:42","slug":"google-loses-passwords-for-15-million-users-cybersecurity-today-for-monday-july-29-2024","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/google-loses-passwords-for-15-million-users-cybersecurity-today-for-monday-july-29-2024\/","title":{"rendered":"Google loses passwords for 15 million users: Cybersecurity Today for Monday, July 29, 2024"},"content":{"rendered":"<p>Google says sorry when passwords of 15 million users vanish, French authorities are pushing out a \u201cdisinfecting solution\u201d to infected computers and is our problem with patch management that it\u2019s just not sexy?<\/p>\n<p>Welcome to Cyber Security Today. I\u2019m Jim Love, sitting in for Howard Solomon.<\/p>\n<p><iframe style=\"border: none;\" title=\"Embed Player\" src=\"https:\/\/play.libsyn.com\/embed\/episode\/id\/32325242\/height\/192\/theme\/modern\/size\/large\/thumbnail\/yes\/custom-color\/2f3336\/time-start\/00:00:00\/playlist-height\/200\/direction\/backward\/font-color\/FFFFFF\" width=\"100%\" height=\"192\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p>Google has apologized for a significant bug that caused passwords to vanish for an estimated 15 million Windows users of the Chrome browser. The issue, which started on July 24 and lasted for nearly 18 hours, prevented users from finding or saving passwords in Chrome&#8217;s password manager.<\/p>\n<p>The problem affected users of Chrome version M127 on Windows. Google estimates 25% of users received the configuration change, but only 2% of that group were affected which makes the affected group somewhere in the neighbourhood of 15 million users.<\/p>\n<p>Google attributed the issue to &#8220;a change in product behavior without proper feature guard,&#8221; which sounds a lot like, something in our quality control system screwed up \u2013 reminding us of the recent CrowdStrike disruption.<\/p>\n<p>During the outage, users were unable to access previously saved passwords or see newly saved ones.<\/p>\n<p>Google initially provided a complex workaround involving command line flags, but has since fully fixed the issue. Users simply need to restart their Chrome browser for the fix to take effect.<\/p>\n<p>In their apology, Google stated, &#8220;We apologize for the inconvenience this service disruption\/outage may have caused.&#8221; They&#8217;ve encouraged users experiencing ongoing issues to contact Google Workspace Support. And if you\u2019ve ever tried that, all I can say is \u2026 good luck.<\/p>\n<p>This incident highlights the potential risks of widespread software updates, especially when a single product has a massive market share and a massive impact for any significant error.<\/p>\n<p>Sources include: Forbes<\/p>\n<p>French authorities are taking an unusual step to combat cybercrime by pushing out a &#8220;disinfection solution&#8221; that automatically removes the PlugX malware from infected devices in France. This operation, led by the French police with support from Europol and cybersecurity firm Sekoia, targets a botnet that has infected nearly 2.5 million devices worldwide.<\/p>\n<p>PlugX, a remote access trojan often used by Chinese threat actors, spread through USB flash drives, infecting up to 100,000 devices daily. While Sekoia had previously sinkholed the botnet&#8217;s command and control servers, the malware remained dormant on infected systems, posing a potential security risk.<\/p>\n<p>The clean-up mechanism uses a custom PlugX plugin to issue a self-deletion command, effectively removing the infection. This approach, while intrusive, was deemed necessary by French authorities, especially with the Paris 2024 Olympic Games on the horizon.<\/p>\n<p>Sekoia opted to turn the clean-up mechanism over to police and government authorities. &#8220;Given the potential legal challenges&#8230; we have resolved to defer the decision on whether to disinfect workstations in their respective countries to the discretion of national Computer Emergency Response Teams, Law Enforcement Agencies, and cybersecurity authorities.&#8221;<\/p>\n<p>The operation, which began on July 18, 2024, is expected to continue for several months, potentially until late 2024. But even when removed from devices, the botnet can continue to be spread from USB devices. Users are advised to remain cautious when using USB drives and to scan their devices regularly for potential infections.<\/p>\n<p>Sources include: Bleeping Computer<\/p>\n<p>A shout out to a great opinion piece in the Register this weekend which points out that patch management, which has got our attention after the CrowdStrike debacle, remains an essential function that \u201cnobody wants to own\u201d in many organizations.<\/p>\n<p>Patch management remains a critical yet underappreciated aspect of cybersecurity, with many organizations struggling to keep up. According to Forrester analysts, while companies aim for a 97 to 99 percent patch rate, they typically only manage between 75 and 85 percent.<\/p>\n<p>Despite how necessary it is, the challenges involved haven&#8217;t improved much over the past decade. In fact, they may have worsened due to an expanding ecosystem of third-party apps, inadequate endpoint management tools, and architectural issues. The average organization now manages around 2,900 software applications, with 69 percent of IT teams believing it&#8217;s impossible to patch them all on schedule.<\/p>\n<p>Erik Nost, a Forrester senior analyst, points out a key issue: &#8220;People don&#8217;t take jobs in IT operations to sit and update systems all day. They take those jobs to work on cool projects and cutting-edge technology.&#8221;<\/p>\n<p>One of the biggest hurdles is the lack of clear ownership for patching responsibilities. Security and IT operations teams often try to pass the buck, leading to inefficiencies and gaps in coverage.<\/p>\n<p>While automation tools could help, many organizations remain hesitant to adopt them fully. As Andrew Hewitt, a Forrester principal analyst, notes, &#8220;There are some things you can take a hands-off approach to, especially when they&#8217;re smaller updates. But I think this whole CrowdStrike outage is waking a lot of people up to how dangerous it can be to automate updates.&#8221;<\/p>\n<p>The message is clear: despite its challenges, effective patch management remains crucial for maintaining robust cybersecurity in today&#8217;s threat landscape.<\/p>\n<p>Sources include: The Register<\/p>\n<p>That\u2019s our show. You can find the show notes with links at technewsday.com or .ca \u2013 take your pick. Cybersecurity has returned to its three shows a week but Howard will be off for a while longer.<\/p>\n<p>I\u2019ll be sitting in for him until then. I\u2019m your host, Jim Love,<\/p>\n<p>Thanks for listening.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google says sorry when passwords of 15 million users vanish, French authorities are pushing out a \u201cdisinfecting solution\u201d to infected computers and is our problem with patch management that it\u2019s just not sexy? Welcome to Cyber Security Today. I\u2019m Jim Love, sitting in for Howard Solomon. Google has apologized for a significant bug that caused [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":45961,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360],"tags":[389,198],"class_list":["post-46008","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-podcasts","tag-cyber-security-today","tag-podcast"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/46008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=46008"}],"version-history":[{"count":1,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/46008\/revisions"}],"predecessor-version":[{"id":46009,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/46008\/revisions\/46009"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media\/45961"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=46008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=46008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=46008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}