Security and Windows TCO Leftovers
-
LWN ☛ Security updates for Friday
Security updates have been issued by AlmaLinux (gnutls, java-17-openjdk, mod_http2, and squid), Debian (firefox-esr), Fedora (editorconfig, perl-Clipboard, php, rust, and wordpress), Mageia (less, libreswan, puppet, and x11-server, x11-server-xwayland, and tigervnc), Slackware (aaa_glibc), and SUSE (firefox, graphviz, kernel, nodejs12, pgadmin4, tomcat, and wireshark).
-
LinuxSecurity ☛ Linux Kernel 'Make-Me-Root' Flaw Threatens Popular Distros [Updated] [Ed: This was published back in January and linuxsecurity.com is reposting it now]
In the world of open-source software , security vulnerabilities can have widespread consequences. The recent publication of a GNU/Linux privilege-escalation proof-of-concept exploit has sent shockwaves through the GNU/Linux community, demanding the immediate attention of GNU/Linux admins, infosec professionals, internet security enthusiasts, and sysadmins.
-
Security Week ☛ OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining [Ed: Microsoft is the biggest security culprit, not expert, and it desperately tries to shift attention away from its blunders]
Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments.
> -
Windows TCO
-
Scoop News Group ☛ FBI director warns of China’s preparations for disruptive infrastructure attacks
More recently, Volt Typhoon has conducted broad targeting of American companies in the water, energy and telecommunications sectors, among others, which U.S. officials have described as “pre-positioning” for future attacks that could disrupt or halt systems responsible for critical services upon which Americans rely. Dragos, a private threat intelligence company that focuses on critical infrastructure, said in February that the group has also been observed targeting entities that provide satellite and emergency management services.
The ultimate purpose of this activity is to give Beijing “the ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” Wray said.
-
The Record ☛ DC city agency says LockBit claims tied to third-party attack
On April 13, the LockBit ransomware gang claimed it [breached] the D.C. Department of Insurance, Securities and Banking (DISB) and stole 800GB of data. DISB is a regulatory agency designed to protect consumers from abuses by financial institutions like insurance companies, investment firms, banks and mortgage lenders.
LockBit said on Thursday evening that negotiations had broken down and it planned to leak 1GB of data in order to further push the organization into paying a ransom.
-
Scoop News Group ☛ ‘Large volume’ of data stolen from UN agency after ransomware attack
A large volume of United Nations Development Programme data related to staffers and other internal operations was stolen and posted to a ransomware website in late March, the agency announced this week.
The UNDP issued a statement Tuesday saying that “local IT infrastructure in UN City, Copenhagen, was targeted,” and that a “data extortion actor had stolen data which included certain human resources and procurement information.”
-