Security: Patches, Linux Long-Term Support, and Windows TCO/Incidents
-
Security updates for Thursday
Security updates have been issued by Debian (libcue, org-mode, python3.7, and samba), Fedora (libcue, oneVPL, oneVPL-intel-gpu, and xen), Mageia (glibc), Oracle (glibc, kernel, libssh2, libvpx, nodejs, and python-reportlab), Slackware (libcaca), SUSE (gsl, ImageMagick, kernel, opensc, python-urllib3, qemu, rage-encryption, samba, and xen), and Ubuntu (curl and samba).
-
Civil Infrastructure Platform to maintain 6.1 for 10 years
The Civil Infrastructure Platform project has announced that it will be maintaining the 6.1 kernel for a minimum of ten years past its initial release (and, thus, through 2032).
-
Civil Infrastructure Platform Expands Super-Long-Term Stable Kernel Program with a 6.1-Based Series
Announced today, the Civil Infrastructure Platform project has expanded its super-long-term stable (SLTS) kernel program with a 6.1-based series. Just like for the previously started kernel series (4.4-cip, 4.19-cip and 5.10-cip), the project is committed to maintaining the 6.1-cip kernel for a minimum of 10 years after its initial release.
-
Philippine Statistics Authority cyberattack being probed
The Department of Information and Communications Technology (DICT) confirmed on Wednesday that it is now investigating another cyberattack, this time on the Philippine Statistics Authority (PSA). Separately, the National Privacy Commission (NPC) said it received a breach notification from the PSA on Tuesday.
Based on its initial assessment, the PSA said its community-based monitoring system (CBMS) has been compromised. “The PSA is assessing what personal data from the CBMS may have been compromised and will share information with the relevant authorities and the public in due course,” it added.
-
The largest cyberattack of its kind recently happened. Here’s how.
Welcome to The Cybersecurity 202! Hey, there’s a Washington Post Live event that I’ll be participating in tomorrow morning along with some of my other Post colleagues and the cyber experts we’ll be interviewing. Please join us.
-
Steam upgrades security after games hijacked to spread malware
Valve has been in contact with several game developers who were hit by hackers who used a vulnerability to hide malware in their games on Steam.
-
88% of Hospitals and Other Health Care Organizations Faced Cyberattacks Last Year
Hospitals, clinics and other health care organizations are facing a barrage of cyberattacks and struggling to provide normal services amid computer outages and loss of important files, according to newly published research by Proofpoint, an email security firm.
Nearly 90% of health care organizations have experienced at least one cyberattack in the past year, Proofpoint said in a report published on Wednesday. In the past two years, more than half of organizations reported suffering an average of four ransomware attacks, and 68% of those respondents said the attacks “negatively impacted patient safety and care.”
-
Seattle Housing Authority allegedly compromised by ransomware gang
The NoEscape ransomware site claims to have successfully compromised the Seattle Housing Authority (SHA). In a post on their leak site, they claim to have encrypted the SHA’s main servers and exfiltrated 158 GB of data.
-
Ransomware group starts leaking data allegedly from NJ cardiology consultants group
On September 23, DataBreaches reported that the NoEscape ransomware gang had added Mulkay Cardiology Consultants (Mulkay) in New Jersey to their leak site with a date of September 2. At the time, they claimed to have successfully encrypted them and exfiltrated 60 GB of files.
“We have 60GB of confidential and personal data on more than 30,000 patients, scans, doctor’s conclusions about patients and many other confidential information,” they claimed in their listing about the New Jersey medical practice.