Security Leftovers

posted by Roy Schestowitz on Mar 24, 2023

• Security updates for Thursday [LWN.net]

  Security updates have been issued by CentOS (firefox, nss, and openssl), Fedora (firefox, liferea, python-cairosvg, and tar), Oracle (openssl and thunderbird), Scientific Linux (firefox, nss, and openssl), SUSE (container-suseconnect, grub2, libplist, and qemu), and Ubuntu (amanda, apache2, node-object-path, and python-git).

• Windows 11, Tesla, Ubuntu, and macOS hacked at Pwn2Own 2023

  The first to fall was Adobe Reader in the enterprise applications category after Haboob SA's Abdul Aziz Hariri (@abdhariri) used an exploit chain targeting a 6-bug logic chain abusing multiple failed patches which escaped the sandbox and bypassed a banned API list on macOS to earn $50,000.

• Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals

  Companies in every industry continue to leave backup and storage platforms unsecured, with more than a dozen issues, including insecure network settings and unaddressed CVEs, affecting the average device. That leaves these repositories — often the first line of protection in the event of a ransomware attack — as sitting ducks for cybercriminals.

  That's according to a data analysis published on March 22 by storage security firm Continuity Software, which found that the average device had 14 security risks, including three critical issues, which are considered those capable of allowing a significant compromise. The top three risks affecting companies' storage systems are insecure network settings, unaddressed vulnerabilities, and lax access privileges.

• Shoreline College website hacked; officials investigating

• Kroger notifies more than 82,000 Postal Prescription Service patients of mistaken information sharing

  On March 10, Kroger’s Healthy Options program, Postal Prescription Services (PPS), issued a statement about a privacy breach.

  According to their statement, some PPS patients’ names and email addresses were erroneously shared with the grocery side of Kroger’s business due to an internal error.

• New victims come forward after mass-ransomware attack [Ed: Microsoft issue, as covered by 'former' Microsoft employee Zack Whittaker]

  The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCrunch that it was also hacked.

• Cyber attack disrupts Spanish medicine distribution

  A cyberattack on a leading pharmaceutical supply company has disrupted the distribution of medicines to Spanish pharmacies.

  The attack, which started last Friday and is still ongoing, has affected wholesale supplier Alliance Healthcare's servers and delayed and even prevented the normal delivery of some medicines to pharmacies in Spain, according to Spanish daily El País. Alliance Healthcare is the fourth biggest supplier in Spain.

• Oak Ridge malware attack: Police investigating as city offices remain closed

  As city of Oak Ridge employees continued to work offline because of a malware attack on the city's computer network, officials announced Wednesday afternoon they are working with law enforcement to investigate the attack.

  When asked if foul play was suspected, city senior communications specialist Lauren Gray said an investigation is considered standard practice for a malware attack.