Security Leftovers
-
StackRot is s new security vulnerability in the Linux kernel that could be exploited to gain elevated privileges on a target system. [Ed: Not as sever as Microsoft-connected media tried to put it]
A security vulnerability, dubbed StackRot was found impacting Linux versions 6.1 through 6.4. The issue, tracked as CVE-2023-3269, (CVSS score: 7.8), is a privilege escalation issue that resides in the memory management subsystem. An unprivileged local user can trigger the flaw to compromise the kernel and escalate privileges.
-
StackRot – New Linux kernel Privilege Escalation Vulnerability [Ed: Fixed before it could even be exploited, unlike Windows and other Microsoft stuff]
A security flaw has been identified in the Linux kernel called “stockRot” (CVE-2023-3269). This vulnerability grants attackers access to the kernel and the ability to elevate their privileges.
It has been discovered that “Stack Rot,” a vulnerability in stack expansion, is present in Linux kernel versions 6.1 to 6.4.
-
Global Document Translation Service Exposed Highly Sensitive Records Online
The unsecured database contained internal screenshots of source code as well as customer documents that were stored in uploads folders. These documents include: US Federal and State tax filings, passports, driver licenses, birth and marriage records, business documents, denied visa petitions, among other files from customers around the world. Upon further research, there were references and invoices linked to a NYC-based translation service provider, Kings of Translation. The company offers translation services and claims to have locations in the UK and Latvia.
-
Onix Group Faces 3 Lawsuits in Addiction Center Breach
Onix reported the breach to HHS as affecting 319,500 patients, but did not reply to inquiries sent by this site. There has been no report as to which ransomware group was responsible for the attack and no update to the March 26 notice on its website.
Now Marianne Kolbasuk McGee reports that Onix Group has already been hit with three proposed class action lawsuits. But looking at one of the complaints, it is based on claiming risk of future harm, etc. Has anyone claimed that their data has already been misused in any way? And if they don’t, will their complaints survive a challenge to standing?
-
Gates Corporation (no, not THAT Gates) discloses a ransomware attack
Gates Corporation in Denver describes itself as a leading manufacturer of application-specific fluid power and power transmission solutions.
On July 7, its external counsel filed a notice of a breach with the Maine Attorney General’s Office. According to the notification, 11,090 people were affected by a ransomware attack that occurred on February 11. The firm’s notification to those affected included the following statement:
-
Intellectual property allegedly from Razer appears for sale on hacking forum
The seller insists on using a middleman, which is usually a protection and reassurance to both any buyer and the seller that this is not a scam.
In this case, the seller says they will sell to only one party and will consider offers less than $100k.
-
Increased Truebot Activity Infects U.S. and Canada Based Networks
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) are releasing this joint Cybersecurity Advisory (CSA) in response to cyber threat actors leveraging newly identified Truebot malware variants against organizations in the United States and Canada. As recently as May 31, 2023, the authoring organizations have observed an increase in cyber threat actors using new malware variants of Truebot (also known as Silence.Downloader). Truebot is a botnet that has been used by malicious cyber groups like CL0P Ransomware Gang to collect and exfiltrate information from its target victims.
-
Jackson Township hit by digital security 'incident.' No personal data accessed
The township government has been hit by an unspecified computer network "incident" that's been affecting the function of multiple systems.
Administrator and Law Director Mike Vaccaro said in a prepared statement Friday afternoon that officials are working with external cybersecurity experts to work through the problem. An investigation has also been launched into the matter, which has not resulted in any known access of unauthorized, personal or employee data.
"We will notify affected individuals if the investigation identifies evidence to the contrary," Vaccaro said via the statement. "Our goals right now are to make sure our network is secure, all devices are clean and to restore our full functionality of data."
Township officials declined to comment beyond Friday afternoon's statement, which did not elaborate on the type of incident or provide other details.