Security Leftovers

posted by Roy Schestowitz on Sep 18, 2022

• Chinese hackers create Linux version of the SideWalk Windows malware [Ed: With Windows, there are back doors. With Linux, one need to actually take over a system somehow]

• You never walk alone: The SideWalk backdoor gets a Linux variant

• U-Haul reports data breach, customers’ info exposed

  U.S. moving and storage rental company U-Haul has suffered a data breach due to an unauthorized person having accessed an unspecified number of rental contracts, U-Haul’s parent company Amerco has revealed in a last week.

• Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)

  CVE-2022-27593 exists because of an externally controlled reference that resolves to a resource that is outside of the intended control sphere, and affects the widely used Photo Station application.

  The vulnerability allows attackers to modify system files and, ultimately, install and deploy ransomware.

  According to its entry in the National Vulnerability Database, the flaw can be exploited by remote, unauthenticated attackers without any user interaction. Also, the attack complexity is low.

• Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917) - Help Net Security

  This is the eight time this year that Apple fixes a zero-day vulnerability in the operating systems powering their Macs and iPhones.

• How prepared are organizations to tackle ransomware attacks? [Ed: This is primarily a Microsoft Windows problem]

  HYCU has announced its State of Ransomware Preparedness report in partnership with ActualTech Media, which reveals that ransomware is an unavoidable risk for businesses, which is why ransomware preparedness is a top priority.

• Userland Rootkits are Lame

  Let’s start with a summary of functionality, and then enumerate some simple techniques to detect and evade userland rootkits.