Security Leftovers

posted by Roy Schestowitz on Jun 16, 2023

• Hundreds of Thousands of eCommerce Sites Impacted by Critical Plugin Vulnerability

  Hundreds of thousands of ecommerce sites are impacted by a critical vulnerability in the WooCommerce Stripe Payment Gateway plugin.

• Supervision and Verification in Vulnerability Management, (Thu, Jun 15th)

  Managing vulnerabilities in operating systems and software can be challenging and even contentious.

• Security and Human Behaviour 2023

  The Workshop on Security and Human Behaviour is happening right now in Carnegie-Mellon University and I’ll be liveblogging it in followups to this post.

• Navigating the Ever-Evolving Landscape of Cybersecurity Threats

  In daily interactions with tech leaders, the term Digital Trust almost always comes up.  Organizations want to ensure that their customers feel safe interacting with them digitally, that their data is secure and that the systems they interact with are reliable.

• Fedora Magazine: Use systemd-cryptenroll with FIDO U2F or TPM2 to decrypt your disk [Ed: Microsoft systemd pushing Microsoft garbage disguised as "security" (it's not)]

  A TPM2 chip is a little piece of storage with secure APIs where you can store secrets protected by Secure Boot. Secure Boot establishes a chain of trust by computing hashes based on, for example, hardware or software components. This way you can store a LUKS decryption key which is only accessible if the system is in a non-tampered state (in theory). Unfortunately, this means you’ll want to measure things like your initramfs and kernel into this state which means invalidating this factor every time you do a system upgrade. FIDO U2F keys do not suffer from this problem as they are not tied to the hardware platform.

  Check out my previous article about using an integrated TPM2 secure storage device to learn more in-depth specifics about how TPM2-based unlocking works and its security implications.

• SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates

  SAP has released eight new security notes on June 2023 Security Patch Day, including two that address high-severity vulnerabilities.

• ICS Patch Tuesday: Siemens Addresses Over 180 Third-Party Component Vulnerabilities

  ICS Patch Tuesday: Siemens and Schneider Electric have published more than a dozen advisories addressing over 200 vulnerabilities.

• Fake Zero-Day PoC Exploits on GitHub Push Windows, Linux Malware [Ed: Microsoft proprietary prison has issues; Microsoft-linked sites try to use it to badmouth "Linux" somehow]

  Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware.

• Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs [Ed: The latest NSA bug doors are ready to be installed, whether you want these or not...]

  Today is Microsoft's June 2023 Patch Tuesday, with security updates for 78 flaws, including 38 remote code execution vulnerabilities.

• Microsoft links data wiping attacks to new Russian GRU hacking group [Ed: Distracting from the fact Microsoft itself causes entities to get cracked, instead using allegations about the exploiters, with political slants]

• CISA Instructs Federal Agencies to Secure Internet-Exposed Devices

  CISA’s Binding Operational Directive 23-02 requires federal agencies to secure the network management interfaces of certain classes of devices.