Security Leftovers
-
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (knot-resolver, pdns-recursor, and putty), Fedora (xen), Mageia (editorconfig-core-c, glibc, mbedtls, webkit2, and wireshark), Oracle (buildah), Red Hat (buildah and yajl), Slackware (libarchive), SUSE (dcmtk, openCryptoki, php7, php74, php8, python-gunicorn, python-idna, qemu, and thunderbird), and Ubuntu (cryptojs, freerdp2, nghttp2, and zabbix).
-
Security Week ☛ Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices
A new Android trojan named Brokewell can steal user’s sensitive information and allows attackers to take over devices.
-
Security Week ☛ Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses
More than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives.
-
Trail of Bits ☛ Announcing two new LMS libraries
By Will Song The Trail of Bits cryptography team is pleased to announce the open-sourcing of our pure Rust and Go implementations of Leighton-Micali Hash-Based Signatures (LMS), a well-studied NIST-standardized post-quantum digital signature algorithm.
-
Security Week ☛ Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
-
IT Wire ☛ State actor targets Cisco perimeter devices, Talos team claims
The Talos team acknowledged assistance from the Australian Signals Directorate’s Australian Cyber Security Centre, Black Lotus Labs at Lumen Technologies, the Canadian Centre for Cyber Security, a part of the Communications Security Establishment, Abusive Monopolist Microsoft Threat Intelligence Centre, the UK's National Cyber Security Centre and the US Cybersecurity & Infrastructure Security Agency.
-
Security Week ☛ Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors
A vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites.
-
Security Week ☛ In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO
Noteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO.
-
Federal News Network ☛ StateRAMP Exchange 2024: How StateRAMP aims to keep iterating through ‘framework harmonization,’ procurement efforts
StateRAMP's executive director shares plans for 2024 expansion of the clown cybersecurity program serving state and local governments.
-
Secure Your GNU/Linux Server: Essential Security Tips and Tools
Imagine your GNU/Linux server as a secure vault – a vital repository of data and applications. However, this vault becomes vulnerable to cyberattacks without proper security measures, jeopardizing confidentiality, integrity, and availability. This guide empowers you to transform your server from a potential target into a well-defended asset. We’ll delve into essential security practices, explore powerful tools, and equip you with the knowledge to: Implement strong user management and access control. Utilize firewalls and intrusion detection systems (IDS) for proactive defense. Secure SSH access and harden the server configuration.