Security Leftovers
-
Security Boulevard ☛ Multiple Node.js Vulnerabilities Fixed in Ubuntu [Ed: The issue here is not Ubuntu and the fix not limited to Ubuntu]
Ubuntu 22.04 LTS has received security updates addressing several Node.js vulnerabilities that could be exploited to cause a denial of service or arbitrary code execution. It is crucial to keep your Node.js packages up to date to avoid falling victim to these vulnerabilities.
-
Cyber Security Headlines: Shields Ready campaign, AI imagery rules for the election, App Defense Alliance moves to Linux Foundation
Google started the App Defense Alliance back in 2019, initially to help detect malicious apps in the Play Store. Since then it expanded to security assessments for apps and cloud services, as well as malware mitigation. The company announced that the ADA will not join the Linux Foundation project Joint Development Foundation as an independent organization. The move will also see Meta and Microsoft join the ADA’s steering committee. The hope is that the project will collaborate on mobile industry standards to improve app security.
-
Google ☛ Evolving the App Defense Alliance [Ed: Google disguising this as "security" and vendor neutrality]
The App Defense Alliance (ADA), an industry-leading collaboration launched by Google in 2019 dedicated to ensuring the safety of the app ecosystem, is taking a major step forward. We are proud to announce that the App Defense Alliance is moving under the umbrella of the Linux Foundation, with Meta, Microsoft, and Google as founding steering members.
-
Security Boulevard ☛ Evaluating the Impact of Linux Kernel Patches on System Performance
Kernel patches are changes in code that are applied to the Linux kernel to address bugs and security issues as well as improve hardware support. They are essential to maintaining the security and updates of the operating system. However, applying Linux kernel patches can sometimes lead to unexpected issues that can impact the performance of a system.
-
LWN ☛ Security updates for Friday
Security updates have been issued by Fedora (community-mysql, matrix-synapse, and xorg-x11-server-Xwayland), Mageia (squid and vim), Oracle (dnsmasq, python3, squid, squid:4, and xorg-x11-server), Red Hat (fence-agents, insights-client, kernel, kpatch-patch, mariadb:10.5, python3, squid, squid:4, tigervnc, and xorg-x11-server), Scientific Linux (bind, firefox, java-1.8.0-openjdk, java-11-openjdk, kernel, libssh2, python-reportlab, python3, squid, thunderbird, and xorg-x11-server), SUSE (go1.21), and Ubuntu (linux-gke and linux-iot).
-
Breaches
-
Butte School District shuts down computer network after system compromised
The Butte School District was forced to shut down its computer system this week to investigate an unknown breach of the network that serves all the public schools in the city.
“All I can say is that we’re still investigating the issue and we do not have any clear information of what it was,” said Butte School District Superintendent Judy Jonart.
-
Data Breaches ☛ McLaren Health Care notifying 2.2 million patients about the BlackCat attack in August
On September 30, AlphV threat actors (aka BlackCat) added McLaren Health Care to their dark web leak site. They updated their listing on October 4, claiming to have data on 2.5 million people. That same week, McLaren confirmed that they had been the victim of a ransomware attack it first detected on August 22. Michigan’s Attorney General Nessel also issued a press release that week to inform citizens and provide them with steps to take to remain vigilant and protect themselves.
-
The Guardian UK ☛ Optus loses court bid to keep report into cause of cyber-attack secret [Ed: Deloitte itself was cracked for using Microsoft]
Optus had argued in court that the dominant purpose of the report was to assess the legal risk to the company. It claimed Deloitte’s report would assist the company’s internal and external lawyers on how to advise the company about the risks associated with the hack.
-
Engadget ☛ Basically all of Maine had data stolen by a ransomware gang
The state agencies of Maine had fallen victim to cybercriminals who exploited a vulnerability in the MOVEit file transfer tool, making them the latest addition to the growing list of entities affected by the massive hack involving the software. In a notice the government has published about the cybersecurity incident, it said the event impacted approximately 1.3 million individuals, which basically make up the state’s whole population. The state first caught wind of the software vulnerability in MOVEit on May 31 this year and found that cybercriminals were able to access and download files from its various agencies on May 28 and 29.
-
Nearly £2 million of stolen cryptocurrency to be paid back to victims
Around £1.9 million worth of stolen cryptocurrency is to be paid back to victims of theft as a result of work by the South East Regional Organised Crime Unit (SEROCU).
On 27 January this year, 40-year-old Wybo Wiersma, of Het Weike, Goredijk, the Netherlands, was jailed for four and a half years for theft.
-
Data Breaches ☛ PJ&A data breach also affected millions of Northwell Health patients
PJ&A is the same medical transcription service vendor whose breach affected 1.2 million patients of Cook County Health in Illinois. That health system was notified in July by the vendor that an unauthorized individual accessed PJ&A systems where CCH patient data was stored in April 2023. On July 26, 2023, PJ&A informed CCH that personal information of CCH patients may be affected. CCH disclosed the breach on September 24. Notice sent to Northwell patients indicated a similar timeframe: unauthorized access occurred between March 27 and May 2, with access to the Northwell data occurring specifically between April 7 and April 19.
-