Security Leftovers

posted by Roy Schestowitz on Jul 12, 2023

• Security updates for Tuesday [LWN.net]

  Security updates have been issued by Debian (mediawiki and node-tough-cookie), Red Hat (bind, kernel, kpatch-patch, and python38:3.8, python38-devel:3.8), SUSE (kernel, nextcloud-desktop, and python-tornado), and Ubuntu (dwarves-dfsg and thunderbird).

• 2023-07-06 [Older] Suncor swaps out laptops after cybersecurity incident as energy sector takes stock of risks

• 2023-07-06 [Older] Kansas Audit Questions Whether Local Election Security Policies Are Strong Enough

• 2023-07-09 [Older] Researchers Discovered a New Linux Kernel 'StackRot' Privilege Escalation Vulnerability Discovered

• StackRot: Linux Bug so bad Linus Dives Into Code to Fix It [Ed: Misleading clickbait, the severity was not very high; Microsoft-connected anti-Linux site]

• Achieving Zero Trust Network, Application, and Cloud Security with Linux [Ed: Spam disguised as "content"; same site as above]

• Trinidad and Tobago facing outages after cyberattack

  Trinidad and Tobago’s justice department is dealing with a cyberattack that has impacted the ministry’s operations.

  The island nation of more than 1.4 million people announced on Friday that its Ministry of Digital Transformation discovered a cyberattack targeting the country’s Office of the Attorney General and Ministry of Legal Affairs (AGLA) in recent days.

• Social Security numbers, other data may have been stolen breaches at Lansing Community College and D’Youville University

  More than three-quarters of a million people may have had their social security numbers stolen in a data breach at Lansing Community College in late 2022 and early 2023, according to a law firm that says it’s investigating the incident.

  The community college notified “757,832 employees, students and vendors that their personal information may have been accessed or acquired by an unknown unauthorized person,” Federman & Sherwood, a law firm with offices in Texas and Oklahoma, said in a statement posted on its website.

• Lawsuit against cardiology practice alleges fraudulent charges from data breach

  Cybercriminals attempted to access accounts of a Scranton couple who are among clients whose personal information was exposed in a data breach at a Commonwealth Health cardiology group’s practice, according to a proposed class-action lawsuit.

  Robert and Colleen Maziarz of Scranton say there have been at least six different incidents since April in which their identity and/or banking information was improperly used, including an attempt to withdraw money from a PayPal account. Their credit union also advised them their account had been compromised.

  The couple are among approximately 181,000 people whose information was exposed in a February data breach at Great Valley Cardiology and Scranton Cardiovascular Physician Services, LLC in Scranton, which are part of the Commonwealth Health Physician Network.

• Why gay furry hackers are leaking state government documents

  Earlier this month, SiegedSec, the group of self-described “gay and transgender furry hackers” claimed responsibility for cyber attacks on five state governments in Nebraska, South Dakota, Texas, Pennsylvania, and South Carolina, leaking documents that include police files and contact details for court officials.

• Another business associate attack results in theft of patient data — Panorama Eyecare

  Earlier today, the firm was added to LockBit’s leak site with a claim that 798 GB of data had been exfiltrated from four of the firm’s clients...

• 8Base claims to have stolen patient data and employee info from Kansas Medical Center

  While LockBit was adding one physician-owned medical entity to its leak site, a relatively new group known as 8Base was adding another physician-owned medical entity to its own leak site.

  8Base claims to have attacked Kansas Medical Center on June 18 and to have downloaded data on July 11. They claim they will publish the data as a leak on July 15.