Security and Fear, Uncertainty, Doubt/Fear-mongering
-
LWN ☛ Security updates for Wednesday
Security updates have been issued by AlmaLinux (container-tools, firefox, and flatpak), Debian (composer, roundcube, and thunderbird), Fedora (kitty and webkitgtk), Oracle (container-tools and flatpak), Red Hat (flatpak and java-1.8.0-ibm), SUSE (gdcm, gdk-pixbuf, libarchive, libzypp, zypper, ntfs-3g_ntfsprogs, openssl-1_1, openssl-3, podman, python-Werkzeug, and thunderbird), and Ubuntu (git, linux-hwe-6.5, mariadb, mariadb-10.6, and thunderbird).
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by Debian (php7.3), Fedora (galera, ghostscript, and mariadb), Mageia (cups, iperf, and libndp), Oracle (firefox and flatpak), Red Hat (container-tools:rhel8, Firefox, firefox, and flatpak), SUSE (booth, bouncycastle, firefox, ghostscript, less, libaom, openssl-1_1, openssl-3, podman, python-Authlib, python-requests, python-Werkzeug, webkit2gtk3, and xdg-desktop-portal), and Ubuntu (ghostscript, ruby-rack, ruby2.7, ruby3.0, ruby3.1, ruby3.2, and sssd).
-
Linux Kernel 6.8 End of Life: Upgrade to Linux Kernel 6.9 Now
Linux kernel 6.8 was released on March 10, 2024, with some exciting new features and improvements. However, it was not designated as a Long Term Support (LTS) branch. Linux kernel 6.8 reached the end of life (EOL) on May 30, 2024. The Linux kernel developer and maintainer Greg Kroah-Hartman announced the release of Linux 6.8.12, marking the final update in this series. Users are strongly encouraged to upgrade to Linux kernel 6.9 as soon as possible to maintain system security.
-
New ARM ‘TIKTAG’ Attack Impacts Google Chrome, Linux Systems [Ed: Hardware issue, not "Linux"]
Memory corruption lets attackers hijack control flow, execute code, elevate privileges, and leak data.
ARM’s Memory Tagging Extension (MTE) aims to mitigate by tagging memory and checking tags on access.
-
Cyble Inc ☛ Linux Malware Campaign Uses Discord Emojis in Attack on Indian Government Targets [Ed: This is not a Linux issue at all. Microsoft sites try to spin that as one.]
Cybersecurity researchers are tracking a novel Linux malware campaign that makes use of Discord emojis for command and control (C2) communication with attackers.
-
EFF ☛ New ALPR Vulnerabilities Prove Mass Surveillance Is a Public Safety Threat
The Cybersecurity and Infrastructure Security Agency (CISA), a component of the U.S. Department of Homeland Security, released an advisory last week that should be a wake up call to the thousands of local government agencies around the country that use ALPRs to surveil the travel patterns of their residents by scanning their license plates and "fingerprinting" their vehicles. The bulletin outlines seven vulnerabilities in Motorola Solutions' Vigilant ALPRs, including missing encryption and insufficiently protected credentials.
-
Security Week ☛ Two Men Plead Guilty to Hacking Law Enforcement Database for Doxing
Sagar Steven Singh and Nicholas Ceraolo pleaded guilty to hacking a database maintained by a US federal law enforcement agency.
-
Silicon Angle ☛ AMD investigates alleged data theft as stolen data appears for sale on BreachForums
Advanced Micro Devices Inc. is reportedly investigating a claim that data from the company has been stolen in an apparent hack. First spotted today by HackManac on X Inc., the claim that AMD has been hacked and data was stolen is per a listing on the infamous hacking site BreachForums.
-
IT Wire ☛ Attackers demanding up to US$5m from compromised Snowflake customers
It said it "received threat intelligence on database records that were subsequently determined to have originated from a victim’s Snowflake instance. Mandiant notified the victim, who then engaged Mandiant to investigate suspected data theft involving their Snowflake instance".
-
Security Week ☛ Critical Code Execution Vulnerabilities Patched in VMware vCenter Server
Serious vulnerabilities that can allow remote code execution and privilege escalation have been patched in VMware vCenter Server.
-
Security Week ☛ New BadSpace Backdoor Deployed in Drive-By Attacks
The BadSpace backdoor is being distributed via drive-by attacks involving infected websites and JavaScript downloaders.
-
OpenSSF (Linux Foundation) ☛ OpenSSF Newsletter – June 2024
Welcome to the June 2024 edition of the OpenSSF Newsletter, with our latest information on what’s been happening lately and what’s on our radar. DOWNLOAD: What’s in the SOSS? An...
-
Security Week ☛ Blackbaud Settles With California for $6.75 Million Over 2020 Data Breach
Blackbaud was ordered to pay $6.75 million to the California Attorney General’s Office over the 2020 data breach.
-
Security Week ☛ Chinese Hackers Leveraged Legacy F5 BIG-IP Appliance for Persistence
China-linked threat actor Velvet Ant leveraged a legacy F5 BIG-IP appliance for three-year access to a victim’s network.
-
Security Week ☛ New TikTag Attack Targets Arm CPU Security Feature
Researchers have targeted the MTE security feature in Arm CPUs and showed how attackers could bypass protections.
-
OpenSSF (Linux Foundation) ☛ Know Your Regular Expressions: Securing Input Validation Across Languages
The Open Source Security Foundation (OpenSSF) Best Practices Working Group (WG) has just released a short guide, Correctly Using Regular Expressions for Secure Input Validation! Here’s why it’s important.
-
Qt ☛ Improving the Safety and Security of Digital Products Made Available in the European Union - Understanding the European Cyber Resilience Act (CRA)
"Cyber threats evolve fast, they are increasingly complex and adaptable. To make sure our citizens and infrastructures are protected, we need to think several steps ahead, Europe's resilient and autonomous Cybersecurity Shield will mean we can utilise our expertise and knowledge to detect and react faster, limit potential damages and increase our resilience. Investing in cybersecurity means investing in the healthy future of our online environments and in our strategic autonomy."