Security Leftovers

posted by Roy Schestowitz on Feb 20, 2024

• LWN ☛ Security updates for Monday

  Security updates have been issued by Debian (engrampa, openvswitch, pdns-recursor, and runc), Fedora (caddy, expat, freerdp, libgit2, libgit2_1.6, mbedtls, python-cryptography, qt5-qtbase, and sudo), Gentoo (Apache Log4j, Chromium, Google Chrome, Microsoft Edge, CUPS, e2fsprogs, Exim, firefox, Glade, GNU Tar, intel-microcode, libcaca, QtNetwork, QtWebEngine, Samba, Seamonkey, TACACS+, Thunar, and thunderbird), Mageia (dnsmasq, unbound, and vim), Oracle (container-tools:4.0, container-tools:ol8, dotnet6.0, dotnet7.0, kernel, nss, openssh, and sudo), Red Hat (python-pillow), and SUSE (bitcoin, dpdk, libssh, openvswitch, postgresql12, and postgresql13).

• Data Breaches ☛ Update to the Tic Hosting Solutions data incident

  On April 30, 2023, DataBreaches reported an alleged data breach involving TorchByte (formerly known as Tic Hosting Solutions). At the time, DataBreaches had been unable to reach the firm, and the Romanian data protection authority informed DataBreaches that they had received no report from them of any breach. But the screenshots provided to this site by a third party seemed to suggest that something had happened, although what happened seemed to be in dispute.

  DataBreaches reported again on February 6 after the same source for the original story contacted this site again. This time, with the help of Daniel-Alexandru Munteanu, we were able to get a response from TorchByte, who claimed they never got our original inquiries and apologized for the delay in responding.

• Matthew Garrett ☛ Debugging an odd inability to stream video [Ed: Windows developer cannot get his video up]

  All the services that were failing were failing in identical ways, and all were using Fastly as their CDN. I complained about this on social media and then somehow ended up in contact with the engineering team responsible for this sort of thing - I sent them a packet dump of the failure, they were able to reproduce it, and it got fixed. Hurray!

• Data Breaches ☛ Developing: LockBit disrupted by law enforcement

  Shortly thereafter VX-Underground posted an exchange they had with the LockBitSupp Tox account. In that brief exchange, someone, presumably LockBitSupp, confirmed the seizure and said the FBI pwned him.

• Data Breaches ☛ Grace Lutheran Communities attacked by BlackCat; employee and resident data acquired

  Grace Lutheran Foundation, which does business as Grace Lutheran Communities in Wisconsin, offers a variety of services including rehabilitation services, assisted living, skilled nursing, independent living, adult day services, and childcare. On February 9, they posted a notice about a data breach they discovered on January 22, 2024. They emphasized that there was no indication of misuse of any data, but they also noted that their ongoing investigation had already revealed that patient information was involved: name, address, Social Security number, and health insurance information.