Security Leftovers

posted by Roy Schestowitz on Jul 21, 2023

• HCA Healthcare breach compromises 11M patients’ personal data

  Hospital operator HCA Healthcare Inc. has experienced a data breach that compromised 11 million patients’ personal information. The company disclosed the hack on Monday. The disclosure comes a few days after reports emerged that hackers had posted a portion of the stolen data on a known cybercrime forum.

• Unmasking suspected North Korean hackers’ tricks

  By impersonating journalists, they tried to gain information from experts through phishing attacks

• New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

  Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation.

  "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said. "This worm is also written in Rust, a highly scalable and cloud-friendly programming language."

  [...]

  A notable characteristic of the worm is its ability to infects vulnerable Redis instances by exploiting a critical Lua sandbox escape vulnerability, CVE-2022-0543 (CVSS score: 10.0), which has been previously exploited to deliver multiple malware families such as Muhstik, Redigo, and HeadCrab over the past year.

• Security updates for Thursday [LWN.net]

  Security updates have been issued by Debian (chromium), Fedora (sysstat), Gentoo (openssh), Mageia (firefox/nss, kernel, kernel-linus, maven, mingw-nsis, mutt/neomutt, php, qt4/qtsvg5, and texlive), Red Hat (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and kpatch-patch), Slackware (curl and openssh), SUSE (curl, grafana, kernel, mariadb, MozillaFirefox, MozillaFirefox-branding-SLE, poppler, python-Flask, python310, samba, SUSE Manager Client Tools, and texlive), and Ubuntu (curl, ecdsautils, and samba).

• Kevin David Mitnick

  Kevin David Mitnick, 59, died peacefully on Sunday, July 16, 2023, after valiantly battling pancreatic cancer for more than a year. Kevin is survived by his beloved wife, Kimberley Mitnick, who remained by his side throughout their 14-month ordeal. Kimberley is pregnant with their first child. Kevin was ecstatic about this new chapter in his and Kimberley's life together, which has now been sadly cut short.

  Kevin was preceded in death by his devoted mother, Shelly Jaffe, and his loving grandmother, Reba Vartanian, his father, Alan Mitnick, and his half-brother, Adam Mitnick.

• Estee Lauder Breached by Two Ransomware Groups

  Estee Lauder has become the latest big name to suffer an apparently serious ransomware breach, after two groups claimed to have compromised the firm.

  The cosmetics giant was posted to the leak site of both the Alphv/BlackCat and Clop ransomware gangs, according to security researchers on Twitter. Researcher Dominic Alvieri was just one of many citing the news.