Security Leftovers
-
LWN ☛ Security updates for Monday
Security updates have been issued by AlmaLinux (firefox and java-1.8.0-openjdk), Debian (chromium, flatpak, guix, openjdk-11, openjdk-17, thunderbird, and tomcat9), Fedora (chromium, firefox, glibc, nghttp2, nodejs18, python-aiohttp, python-django3, python-pip, and uxplay), Mageia (putty & filezilla), Red Hat (Firefox, firefox, java-1.8.0-openjdk, java-21-openjdk, nodejs:18, shim, and thunderbird), Slackware (freerdp), SUSE (apache-commons-configuration2, nodejs14, perl-CryptX, putty, shim, and wireshark), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-azure-5.15, linux-azure-fde,
linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm,
linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle,
linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.5, linux-azure, linux-gcp, linux-gcp-6.5,
linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-nvidia-6.5,
linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-raspi,
linux-starfive, linux-starfive-6.5, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,
linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-lts-xenial, lxd, percona-xtrabackup, and pillow).
-
Linux Magazine ☛ Linux Servers Targeted by Akira Ransomware [Ed: No, Akira ransomware targets Windows and proprietary VMware; slanting this as a "Linux" thing in a "Linux" site? Come on... They also say "Xz" is Linux. In today's media, everything is "Linux" now, especially all the bad things. Xz is Microsoft GitHub (proprietary) and it targets Linux via Microsoft systemd, which it also proprietary GitHubware.]
A group of bad actors who have already extorted $42 million have their sights set on the GNU/Linux platform.
-
LinuxSecurity ☛ Spectre V2: A New Threat to GNU/Linux Systems [Ed: It is a hardware defect and dishonest to frame this as a "Linux" thing]
A significant security threat, known as the Spectre v2 exploit, has been observed targeting GNU/Linux systems running on modern defective chip maker Intel processors. Let's delve into the details of the Spectre v2 exploit, its implications, and the measures being taken to mitigate its impact.
-
Security Week ☛ CrushFTP Patches Exploited Zero-Day Vulnerability
CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
-
Security Week ☛ Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
-
OpenSSF (Linux Foundation) ☛ Join Us at the OSS Security Meetup in Tokyo, Japan With General Manager Omkhar + SOSS Community Day North America Event Report
We are excited to announce that the members of the Open Source Security Foundation (OpenSSF), A cross-industry initiative that brings together the industry’s most important open source security initiatives and the individuals and companies that support them, will hold the Meetup on Monday, May 13th at Cybertrust Japan having OpenSSF General Manager Omkhar Arasaratnam for the first time.
-
Security Week ☛ MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days
MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.
-
ZDNet ☛ If all kernel bugs are security bugs, how do you keep your GNU/Linux safe?
Since February, there've been 800 newly assigned CVEs. Your job? Update your main GNU/Linux distro more often.
-
LinuxSecurity ☛ I2P 2.5.0 Release Brings Improvements in Tunnels, I2PSnark & More
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew of improvements and new features that will certainly intrigue security practitioners. This release aims to enhance user-facing features while addressing compatibility and security issues.
-
Federal News Network ☛ Addressing GAO’s findings on national cyber risk management gaps
Cyber risk management is vital for protecting the nation’s data assets from cyber adversaries.
-
Security Week ☛ Research Shows How Attackers Can Abuse EDR Security Products
Vulnerabilities in Palo Alto Networks Cortex XDR allowed a security researcher to turn it into a malicious offensive tool.
-
Scoop News Group ☛ Cybersecurity executive order requirements are nearly complete, GAO says
CISA and OMB have just a handful of outstanding tasks to finish as part of the president’s 2021 order.
-
Bleeping Computer ☛ GitHub comments abused to push malware via Microsoft repo URLs
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.
While most of the malware activity has been based around the Microsoft GitHub URLs, this "flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.