Security Leftovers

posted by Roy Schestowitz on Mar 28, 2023

• Apple Updates Everything (including Studio Display), (Mon, Mar 27th)

  Apple today released updates for all of its operating systems. The updates also apply for some of the older versions of iOS and macOS. For iOS/iPadOS 15, Apple now patched an already exploited vulnerability (CVE-2023-23529). Current operating systems received a patch for this vulnerability mid January.

• Another Malicious HTA File Analysis - Part 1, (Mon, Mar 27th)

  In this series of diary entries, I will analyze an HTA file I found on MalwareBazaar.

• GitHub Rotates Publicly Exposed RSA SSH Private Key [Ed: Microsoft attracting people who expose themselves]

  GitHub replaced the RSA SSH private key used to secure Git operations for GitHub.com after it was exposed in a public GitHub repository.

• Hackers Earn Over $1 Million at Pwn2Own Exploit Contest

  Security researchers raked in more than $1 million in prizes at this year's CanSecWest Pwn2Own software exploitation contest.

• GoAnywhere Zero-Day Attack Hits Major Orgs

  Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

• Australia Dismantles BEC Group That Laundered $1.7 Million

  Law enforcement in Australia announce the arrest of four individuals accused of running business email compromise (BEC) schemes.

• Verifying Linux Server Security: What Every Admin Needs to Know

  Linux is a widespread OS known for its robust security. That being said, vulnerabilities are inevitable in any OS, and Linux system administrators must be vigilant about monitoring and verifying the security of their servers on an ongoing basis in order to protect sensitive data and prevent attacks. After all, the majority of attacks on Linux systems can be attributed to poor administration.

  The only way to be sure your server is as well protected as you think it is - or as it needs to be - is to actually test it and verify it is working as you expect. This article will introduce LinuxSecurity’s top methods and tools for verifying the security of your Linux servers - specifically, port scanning, intrusion detection, penetration testing, reverse engineering and auditing - and will point you in the direction of some other valuable resources to help you get started on this journey.

  Let's examine some great methods for verifying Linux server security.

• Vali Cyber Introduces SecurityPerf, Revolutionizing Linux Security

• FBI warns business email compromise attacks are now targeting commodities

  The U.S. Federal Bureau of Investigation warns that criminal actors are using business email compromise schemes to facilitate the acquisition of a wide range of commodities. BEC attacks, an attack method that involves fraud enabled by social engineering, are not new.

• Microsoft releases emergency updates to address cropped screengrab privacy flaws

  Following the discovery of serious vulnerabilities in the Snipping Tool app for Windows 11 and Snip & Sketch in Windows 10, Microsoft has released out-of-band updates to plug the security holes.

  The flaws are similar to the recently discovered aCropalypse bug affecting Pixel mobiles, making it possible to "uncrop" cropped images and potentially expose sensitive information. Having briefly tested updates with Windows Insiders, Microsoft has now made fixes available to all Windows 10 and Windows 11 users.

• Crown says global hacker group demands ransom

  Crown Resorts has confirmed it is investigating a potential data breach after a ransomware gang claimed it had accessed the company’s data. In a statement posted on its website on Monday, Crown said it had notified law enforcement of the potential breach.