Security Leftovers

posted by Roy Schestowitz on Oct 28, 2023

• Computer Weekly ☛ Microsoft warns over growing threat from Octo Tempest gang [Ed: Chaff and spam helping Microsoft distract from Azure breach and many other recent scandals, caused primarily by Windows, costing billions in damages]

• TechRadar ☛ Over a million Windows and Linux systems infected by this tricky new malware [Ed: More of a Windows issue, based on the reports]

  However, a new investigation has shown that StripedFly is capable of a lot more than just mining cryptocurrency: it can execute commands remotely, grab screenshots and execute shellcodes, steal passwords and other sensitive data, record sounds using the integrated microphone, move to adjacent endpoints using previously stolen credentials, abuse the EternalBlue exploit to worm into other systems, and lastly - mine Monero.

• CyberRisk Alliance LLC ☛ Widespread StripedFly malware framework compromise reported in Windows, Linux systems

  Aside from having advanced mechanisms for hiding TOR-based traffic and automated updates, StripedFly also included worm functionality and a custom exploit for an EternalBlue SMBv1 flaw, a report from Kaspersky revealed.

• SANS ☛ Size Matters for Many Security Controls, (Sat, Oct 28th)

• Support for Istio 1.17 has ended

  As previously announced, support for Istio 1.17 has now officially ended.

  At this point we will no longer back-port fixes for security issues and critical bugs to 1.17. We highly recommend that you upgrade to the latest version of Istio (1.19.3) if you haven’t already.

• Gizmodo ☛ 2023-10-26 [Older] Pro-Russia Hackers Target European Government With Roundcube Webmail Bug

• CISA ☛ 2023-10-26 [Older] Apple Releases Security Advisories for Multiple Products

• CISA ☛ 2023-10-26 [Older] VMware Releases Security Advisory for vCenter Server

• CISA ☛ 2023-10-25 [Older] Mozilla Releases Security Advisories for Multiple Products

• RIPE ☛ 2023-10-24 [Older] How to Secure Your Online Identity with Security Keys

• 2023-10-24 [Older] The End of iTunes?

• Gizmodo ☛ 2023-10-26 [Older] Hyundai Rolls Out Anti-Theft Software Upgrade, Spurred by TikTok's 'Kia Challenge'

• Ruben Schade ☛ iLeakage

  iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices:

  We present iLeakage, a transient execution side channel targeting the Safari web browser present on Macs, iPads and iPhones. iLeakage shows that the Spectre attack is still relevant and exploitable, even after nearly 6 years of effort to mitigate it since its discovery. We show how an attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using speculative execution.

• CISA ☛ 2023-10-27 [Older] CISA Announces Launch of Logging Made Easy

• CISA ☛ 2023-10-27 [Older] CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities With Additional Releases

• CISA ☛ 2023-10-26 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

• CISA ☛ 2023-10-26 [Older] CISA Releases Nine Industrial Control Systems Advisories

• CISA ☛ 2023-10-26 [Older] Dingtian DT-R002

• CISA ☛ 2023-10-26 [Older] Centralite Pearl Thermostat

• CISA ☛ 2023-10-26 [Older] Ashlar-Vellum Cobalt, Graphite, Xenon, Argon, Lithium

• CISA ☛ 2023-10-26 [Older] Rockwell Automation Arena

• CISA ☛ 2023-10-26 [Older] Rockwell Automation FactoryTalk View Site Edition

• CISA ☛ 2023-10-26 [Older] Rockwell Automation FactoryTalk Services Platform

• CISA ☛ 2023-10-26 [Older] Sielco PolyEco FM Transmitter

• CISA ☛ 2023-10-26 [Older] Sielco Radio Link and Analog FM Transmitters

• CISA ☛ 2023-10-24 [Older] CISA Releases One Industrial Control Systems Advisory

• CISA ☛ 2023-10-24 [Older] Rockwell Automation Stratix 5800 and Stratix 5200

• CISA ☛ 2023-10-23 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

• CISA ☛ 2023-10-23 [Older] CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities