Linux FUD and Security News

posted by Roy Schestowitz on Oct 05, 2023

• ‘Looney Tunables’ Linux vulnerability could allow threat actors to run malicious code [Ed: It is not a Linux vulnerability. Misreporting by Microsoft sponsored "news" (SPAM) site.]

  A newly discovered high-severity Linux vulnerability that has been present on many Linux distributions for at least two years could allow threat actors to run malicious code with elevated privileges.

• Make-me-root 'Looney Tunables' security hole on Linux needs your attention [Ed: It's not a Linux hole]

  Specifically, a buffer overflow vulnerability in the GNU C Library's handling of an environmental variable was spotted by security firm Qualys, which has gone public with some of the details now that patches are being emitted.

• Cyber Security Today, Oct. 4, 2023 – Critical vulnerabilities found in Linux and TorchServe [Ed: No, it is not in Linux]

  Linux administrators are being urged to patch their operating systems to close a just-discovered 16-month-old vulnerability. Default installations of Fedora, Ubutu and Debian are open to being exploited, say researchers at Qualys. The hole is a buffer overflow vulnerability which can give an attacker full root privileges. The researchers believe threat actors can easly produce an exploit. It’s imperative system administrators act swiftly, the researchers say. Only those using Alpine Linux are exempt from being hit by this particular hole.

• 'Looney Tunables' Bug Opens Millions of Linux Systems to Root Takeover [Ed: The conditions for exploitation make it non-critical]

  The flaw poses a significant risk of unauthorized data access, system alterations, potential data theft, and complete takeover of vulnerable systems, especially in the IoT and embedded computing space.

• Security updates for Wednesday

  Security updates have been issued by Debian (glibc, postgresql-11, and thunderbird), Fedora (openmpi, pmix, prrte, and slurm), Gentoo (glibc and libvpx), Oracle (kernel), Red Hat (kernel), Slackware (libX11 and libXpm), SUSE (firefox, kernel, libeconf, libqb, libraw, libvpx, libX11, libXpm, mdadm, openssl-1_1, poppler, postfix, python311, rubygem-puma, runc, and vim), and Ubuntu (freerdp2, glibc, grub2-signed, grub2-unsigned, libx11, libxpm, linux-intel-iotg, linux-intel-iotg-5.15, linux-oracle, linux-oracle-5.15, and mozjs102).

• LockBit 3.0 tops hacking list in August amid drop in ransomware attacks [Ed: Microsoft Windows TCO]

  Infamous hacking group LockBit 3.0 was once again the most active threat actor amid a surprising drop in ransomware attacks in August, according to a new report released today by NCC Group plc. The NCC Group Monthly Threat Pulse for August 2023 details 390 ransomware attacks in the month, a figure that is down 22% from July.

• Comparitech report details alarming rise in cyberattacks targeting the education sector[Ed: Microsoft Windows TCO]

  A new report today from tech research site Comparitech details an alarming rise in cyberattacks targeting the education sector, including 85 attacks in the first half of 2023.

• Sony Ransomware: The Causes, Consequences and Solutions

  Explore the Sony ransomware incident: its origins, impacts, and remedies. Learn how to safeguard your data against ransomware threats.

• Sony confirms data breach impacting thousands in the U.S. [Ed: Windows TCO]

  Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.

  The company sent the data breach notification to about 6,800 individuals, confirming that the intrusion occurred after an unauthorized party exploited a zero-day vulnerability in the MOVEit Transfer platform.

• Yet another hack hits NFT marketplace OpenSea

  One of the largest nonfungible token marketplaces OpenSea was hacked once again this week. The hack follows two other attacks, the last back in June 2022, when a third-party contractor was able to download emails of its users and newsletter subscribers and provide a copy to an unauthorized party.

• Cleaning products maker Clorox warns of shortages following August cyberattack

  Cleaning products maker Clorox Co. is warning of shortages following a cyberattack that struck the company on Aug. 14. The type of attack was not disclosed, with Clorox only describing it as “unauthorized activity” on some of its information technology systems in an Aug. 14 filing with the U.S. Securities and Exchange Commission.

• What are QR codes and are they safe to use?

  The technology isn't exactly new (these barcodes have been around since 1994), but what are they used for, and are they safe? We explain more about the technology and link to some free QR scanner apps you might want to try out.

• 20th National Cybersecurity Awareness Month kicks off

  As National Cybersecurity Awareness Month kicks off, it's a good time to reflect on how secure the systems you manage are – whether they’re running Linux, Windows or some other OS. While Linux is considered by many to be more secure due to its open-source nature and because privileges are clearly defined, it still warrants security reviews, and this month's focus on cybersecurity awareness suggests that an annual review is more than just a good idea.

  The designation became official in 2004, when President George W. Bush and Congress declared October to be National Cybersecurity Awareness Month. Keep in mind that in 2004, security practice often involved little more than updating antivirus software. Today, cybersecurity practices are much more intense as the threats have grown to be far more significant and far more challenging.

• “Sébastien had a large rock threatening to fall on his head” — Paul Raoult, on his son’s plea deal

  On September 27, the U.S. Department of Justice announced that Sébastien Raoult (aka “Sezyo Kaizen”), a 22-year-old French national who had been extradited to the U.S., pleaded guilty to two of nine counts alleging fraud and aggravated identity theft. DataBreaches had been covering his case since he was detained in Morocco on a red notice from the U.S. France never attempted to get him extradited to France although he was one of multiple people arrested on the same day in France on suspicion of involvement with ShinyHunters.