Security Leftovers
-
LWN ☛ Security updates for Thursday
Security updates have been issued by CentOS (python-pillow), Debian (firefox-esr and imagemagick), Fedora (kernel, mbedtls, rust-asyncgit, rust-bat, rust-cargo-c, rust-eza, rust-git-absorb, rust-git-delta, rust-git2, rust-gitui, rust-libgit2-sys, rust-lsd, rust-pore, rust-pretty-git-prompt, rust-shadow-rs, rust-silver, rust-tokei, and rust-vergen), Gentoo (LibreOffice), Red Hat (kpatch-patch), Slackware (mozilla), SUSE (docker, python-pycryptodome, python3, and qemu), and Ubuntu (firefox and linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-gcp, linux-gkeop,
linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm,
linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4,
linux-xilinx-zynqmp).
-
CRN ☛ Google Cloud Run Is ‘Being Abused’ By Cyberattacks Via Microsoft Installers: Cisco Report
Furthermore, in many instances, the malware was dropped with a malicious Microsoft Installer directly from Google Cloud’s Run Web service, according a new threat intelligence research report by Cisco Talos.
-
TechCrunch ☛ Spyware leak offers ‘first-of-its-kind’ look inside Chinese government hacking efforts
Over the weekend, someone posted a cache of files and documents apparently stolen from the Chinese government hacking contractor, I-Soon.
This leak gives cybersecurity researchers and rival governments an unprecedented chance to look behind the curtain of Chinese government hacking operations facilitated by private contractors.
Like the hack-and-leak operation that targeted the Italian spyware maker Hacking Team in 2015, the I-Soon leak includes company documents and internal communications, which show I-Soon was allegedly involved in hacking companies and government agencies in India, Kazakhstan, Malaysia, Pakistan, Taiwan, and Thailand, among others.
-
New York Times ☛ China’s Hacker Network: What to Know About the I-Soon Document Leak
Documents leaked on a public website show that China is hiring private hackers to obtain sensitive information from foreign companies and governments.
-
New York Times ☛ As China Expands Its Hacking Operations, a Vulnerability Emerges
New revelations underscore the degree to which China has ignored, or evaded, U.S. efforts to curb its extensive computer infiltration efforts.
-
Security Week ☛ Russian Turla Cyberspies Target Polish NGOs With New Backdoor
Russian state-sponsored threat actor Turla has been using a new backdoor in recent attacks targeting Polish NGOs.
-
LinuxSecurity ☛ Joomla XSS Bug Puts Millions of Websites at Risk of RCE
A critical security vulnerability has been found in the popular Joomla open-source content management system that has left millions of websites open to the risk of remote code execution (RCE) due to multiple cross-site scripting (XSS) bugs. The vulnerability is linked to a fundamental flaw in Joomla's core filter component and is tracked as CVE-2024-21726 .