Security Leftovers
-
Security updates for Friday [LWN.net]
Security updates have been issued by Debian (sox and thunderbird), Fedora (containerd, libtpms, mingw-binutils, mingw-LibRaw, mingw-python-werkzeug, stargz-snapshotter, and tkimg), Slackware (mozilla and openssh), SUSE (apache2, firefox, hdf5, jakarta-commons-fileupload, kernel, perl-Net-Server, python-PyJWT, qemu, and vim), and Ubuntu (abcm2ps, krb5, and linux-intel-iotg).
-
Project Zero: Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Exploits
Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs the victim’s phone number.
-
Insecuring Your Home And Data: Ring Vendor Apparently Hit With Ransomware Attack
Ring offers security products. Shame they’re not all that secure. Sure, things have improved in recent years, but there was nowhere to go but up.
-
Mozilla Patches High-Severity Vulnerabilities With Release of Firefox 111
Firefox 111 patches 13 CVEs, including several vulnerabilities classified as high severity.
-
Microsoft: 17 European Nations Targeted by Russia in 2023 as Espionage Ramping Up [Ed: Microsoft puts back doors in everything, gets everything cracked, then blames "Russia"; the usual...]
Microsoft says Russia targeted at least 17 European nations in 2023 — mostly governments — and 74 countries since the start of the Ukraine war.
-
Conti-based ransomware ‘MeowCorp’ gets free decryptor
A decryption tool for a modified version of the Conti ransomware could help hundreds of victims recover their files for free.
The utility works with data encrypted with a strain of the ransomware that emerged after the source code for Conti was leaked last year in March [1, 2].
-
#StopRansomware: LockBit 3.0 [Ed: Microsoft Windows TCO. They should stay #StopWindows]
Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.
-
Google Reveals Samsung Phones Could Be Hacked Without Owners Knowing: Here's How
Google has warned that some of its smartphones running the company's own Android operating system, as well as other devices from manufacturers such as Samsung and Vivo, could be accessed by third-party actors without owners ever becoming aware of such a breach.
-
Orlando Family Physicians data breach class action settlement
TopClassActions reports that a class action lawsuit against Orlando Family Physicians (OFP) has settled for an undisclosed sum. The settlement, which doesn’t include any admission of guilt by OFP, resolves claims surrounding an April 2021 data breach.
-
Russia-Linked APT ‘Winter Vivern’ Targeting Governments in Europe, Asia
Russia-backed threat group Winter Vivern has targeted government entities in Poland, Ukraine, Italy, and India in recent campaigns
-
Data Breach at Independent Living Systems Impacts 4 Million Individuals
Health services company Independent Living Systems has disclosed a data breach that impacts more than 4 million individuals.
-
El Camino Health investigating claims of a data breach
On February 22, DataBreaches received a tip about a listing offering patient data allegedly from El Camino Health in California. The listing was not on any of the usual leak sites, markets, or forums, and the poster was unknown to DataBreaches.
-
RAT developer arrested for infecting 10,000 PCs with malware
Ukraine’s cyberpolice has arrested the developer of a remote access trojan (RAT) malware that infected over 10,000 computers while posing as game applications.
“The 25-year-old offender was exposed by employees of the Khmelnychchyna Cybercrime Department together with the regional police investigative department and the SBU regional department,” reads the cyberpolice’s announcement.
-
Dark Web ‘BreachForums’ Operator Charged With Computer Crime
Federal agents have arrested a Peekskill, New York, man they say ran the notorious dark web data-breach site “BreachForums” under the name “Pompompurin.”
Conor Brian Fitzpatrick was arrested by a team of investigators at his home around 4:30 p.m. Wednesday, an FBI agent said in a sworn statement filed in court the next day. Fitzpatrick is charged with a single count of conspiracy to commit access device fraud.
-
Feds Charge NY Man as BreachForums Boss “Pompompurin”
The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forum’s administrator “Pompompurin” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums, a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022.