Security Leftovers

posted by Roy Schestowitz on Mar 29, 2024

• SANS ☛ Scans for Apache OfBiz, (Wed, Mar 27th)

• Scoop News Group ☛ Spyware and zero-day exploits increasingly go hand-in-hand, researchers find

  Researchers found 97 zero-days exploited in the wild in 2023; nearly two thirds of mobile and browser flaws were used by spyware firms.

• Netcraft ☛ Out of the shadows – ’darcula’ iMessage and RCS smishing attacks target USPS and global postal services

  Chinese-language Phishing-as-a-Service platform ‘darcula’ targets organizations in 100+ countries with sophisticated techniques using more than 20,000 phishing domains  

  ‘darcula’ [sic] is a new, sophisticated Phishing-as-a-Service (PhaaS) platform used on more than 20,000 phishing domains that provide cyber criminals with easy access to branded phishing campaigns. Rather than the more typical PHP, the platform uses many of the same tools employed by high-tech startups, including JavaScript, React, Docker, and Harbor.  

• Security Week ☛ VPN Apps on Surveillance Giant Google Play Turn Android Devices Into Proxies

  Human Security identifies 28 VPN applications for Android and an SDK that turn devices into proxies.

• Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data

  Sens. Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) are holding the United Network for Organ Sharing (UNOS) accountable after a data breach allowed UNOS system users unauthorized access to over a million sensitive patient records. This technology breakdown is the latest in a string of failures at UNOS, which for 40 years has held the sole government contract to manage the U.S. organ transplant system. Grassley and Wyden, the former and current chairmen, respectively, of the Senate Finance Committee, last year authored a historic law that breaks up the organ transplant contract and encourages the most competent contractors in the field to manage the nation’s organ system.

  “Whether the exposed data was accessed by authorized users only or not, this mishandling error is another example of UNOS’s failure to operate the critical technology supporting the OPTN,” the senators wrote.“Given the large amount of sensitive data UNOS stores and collects on past and present patients, it is imperative that data breaches do not happen again.”

• Pakistan ☛ Data theft: Nadra initiates action, suspends 8 officers

  The National Database and Registration Authority (Nadra) has initiated disciplinary action against several of its officers with eight already suspended and charged, while over a dozen now likely to be penalised, The News reported on Thursday.

  According to the publication, action has begun against Nadra staffers including three officials from the government body's senior management — director general (DG) technical, DG network Karachi — and others.

• Personal data of 2.7 million Pakistanis ‘stolen’ from government records, probe finds

  An investigation has revealed that personal information of more than 2.7 million Pakistanis has been “stolen” from the records of a government-run body that regulates the database of citizens.

  A government official said on Wednesday that a team was formed to probe the data leak from the National Database and Registration Authority (Nadra) office.

  The report indicated “that data of more than 2.7 million Pakistanis has been compromised from Nadra’s records between 2019 and 2023,” an interior ministry official told EFE on Wednesday on condition of anonymity.

• Several ImageMagick Vulnerabilities Addressed in Ubuntu

  ImageMagick, a popular image manipulation program and library, has been exposed to several vulnerabilities that could leave your system vulnerable to denial-of-service (DoS) attacks. In response, the Ubuntu security team has promptly released security updates to address these issues across various Ubuntu releases. Let’s delve into the details of these vulnerabilities and their mitigation measures.