Security Leftovers
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by Debian (yard), Oracle (buildah and kernel), Red Hat (389-ds:1.4, edk2, frr, gnutls, haproxy, libfastjson, libX11, postgresql:12, sqlite, squid, squid:4, tcpdump, and tomcat), SUSE (apache2-mod_auth_openidc and glibc), and Ubuntu (linux-gke, python-cryptography, and python-django).
-
LinuxSecurity ☛ Enhancing Security in GNU/Linux Web Applications with Advanced Secure Coding Practices
Cybersecurity is not static; it's a game of continuous evolution. As web applications burgeon, so too do the threats against them. Within GNU/Linux environments, where flexibility and open-source attributes are prized, secure coding practices, GNU/Linux devs can stand on vigilant watch against these proliferating dangers.
-
New York Times ☛ Cyberattack Paralyzes the Largest US Health Care Payment System
The hacking shut down the nation’s biggest health care payment system, causing financial chaos that affected a broad spectrum ranging from large hospitals to single-doctor practices.
-
Kubernetes Is Gaining Momentum, but Security Still Lags Behind [Ed: More complexity means more security holes]
While many organizations understand the potential benefits of Kubernetes, fewer understand the platform's cybersecurity vulnerabilities.
-
OpenSSF (Linux Foundation) ☛ OpenSSF Scorecard: Evaluating and Improving the Health of Critical OSS Projects
OpenSSF Scorecard is a way for maintainers and users of open source projects to better understand the security of a given project. Maintainers can get feedback on the security of their project, and suggestions on how to make it more secure.
-
Security Week ☛ VMware Patches Critical ESXi Sandbox Escape Flaws
The most serious flaws allow hackers with local admin rights to execute code as the virtual machine's VMX process running on the host.
-
Security Week ☛ Apple Blunts Zero-Day Attacks With iOS 17.4 Update
Apple rolls out urgent patches to fix multiple security flaws in its flagship iOS platform and warned about zero-day exploits in the wild.
-
SANS ☛ Why Your Firewall Will Kill You, (Tue, Mar 5th)
The last few years have been great for attackers exploiting basic web application vulnerabilities. Usually, home and small business products from companies like Linksys, D-Link, and Ubiquity are known to be favorite targets. But over the last couple of years, enterprise products from companies like Ivanti, Fortigate, Sonicwall, and Citrix (among others) have become easy to exploit targets. The high value of the networks protected by these "solutions" has made them favorites for ransomware attackers.
-
SANS ☛ Apple Releases iOS/iPadOS Updates with Zero Day Fixes., (Tue, Mar 5th)
Apple today released iOS 17.4 as well as iOS 16.7.6 (and the respective iPadOS versions). These updates fix a total of four vulnerabilities. Two of the vulnerabilities are already being exploited. CVE-2024-23225 is a privilege escalation issue and only affects iOS 17 as well as iOS 16. The second already exploited vulnerability, CVE-2024-23296, only affects iOS 17.
-
Federal News Network ☛ How CISA dealt with infrastructure failure
When the AT&T national network crashed a couple of weeks back, it showed just how dependent the nation has become on wireless networks and the wired internet.
-
Bruce Schneier ☛ The Insecurity of Video Doorbells
Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible.
First, these doorbells expose your home IP address and WiFi network name to the internet without encryption, potentially opening your home network to online criminals.
Anyone who can physically access one of the doorbells can take over the device—no tools or fancy hacking skills needed.
-
Security Week ☛ US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials
The Treasury Department sanctioned individuals associated with Intellexa Consortium, maker of the powerful Predator Spyware.
-
Federal News Network ☛ Amid FedRAMP reforms, GSA cloud lead says ‘speed is a security property’
GSA and other agencies are considering how to revamp and streamline the FedRAMP program for authorizing cloud services, including SaaS.
-
Windows TCO
-
Scoop News Group ☛ Ransomware group behind Change Healthcare attack goes dark
ALPHV/BlackCat reportedly received $22 million from Change Healthcare before scamming its affiliates ahead of a possible rebrand.
-
Ars Technica ☛ Hackers exploited Windows 0-day for 6 months after Microsoft knew of it | Ars Technica
Technically, Microsoft doesn't consider such bugs vulnerabilities. It patched it anyway.
-