Security Leftovers

posted by Roy Schestowitz on Jul 05, 2024

• LWN ☛ Security updates for Wednesday

  Security updates have been issued by AlmaLinux (golang and kernel), Fedora (ghostscript and openssh), Mageia (espeak-ng), Red Hat (389-ds, c-ares, container-tools, cups, fontforge, go-toolset, iperf3, less, libreoffice, libuv, linux-firmware, nghttp2, openldap, pki-core, python-idna, python-jinja2, python-pillow, python3, python3.11-PyMySQL, qemu-kvm, and xmlrpc-c), SUSE (ghostscript, git, libndp, libxml2, openssh, pgadmin4, podman, podofo, postgresql14, postgresql15, postgresql16, python39, squid, and wireshark), and Ubuntu (firefox and openvpn).

• Security Week ☛ Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys

  Censys has discovered more than 380,000 hosts, including major platforms, still referencing the malicious polyfill.io domain.

• Silicon Angle ☛ Twilio warns Authy users to update app following unauthenticated endpoint breach

  Cloud communications provider Twilio Inc. is asking Authy users to update their apps today after threat actors were able to identify data associated with Authy accounts through an unauthenticated endpoint.

• Digital Music News ☛ Former Ticketmaster Exec Pleads Guilty to Hacking Into a Major Competitor’s Platform — Rest Assured the DOJ Is Watching

  A former Ticketmaster executive has pleaded guilty to hacking a former employer and competitor to Ticketmaster under the charge ‘conspiracy to commit computer intrusions.’ Here’s the latest.

• Scoop News Group ☛ Cybersecurity regulations face ‘uphill battle’ after Chevron ruling

  The Biden administration has looked to regulation to strengthen cybersecurity rules, but a Supreme Court ruling threatens that effort. 

• Security Week ☛ Intel Says No New Mitigations Required for Indirector CPU Attack

  Researchers disclosed a new high-precision Branch Target Injection attack method named Indirector, but defective chip maker Intel says no new mitigations are needed.

• Cyble Inc ☛ Mitsubishi Electric Vulnerabilities In GENESIS64 And MC Works64

  Mitsubishi Electric’s GENESIS64 and MC Works64 software have been identified with multiple vulnerabilities, posing significant security risks to industrial control systems.

• Security Week ☛ 300k Affected by Year-Old Data Breach at Florida Community Health Centers

  Florida Community Health Centers says the information of 300,000 individuals was stolen in a June 2023 ransomware attack.

• Security Week ☛ Brazil Data Regulator Bans Meta From Mining Data to Train Hey Hi (AI) Models

  Brazil’s national data protection authority has determined that Meta cannot use data originating in the country to train its artificial intelligence.

• OpenSSF (Linux Foundation) ☛ Chainguard Enhances Security With OSV Advisory Feed

  In today's rapidly evolving open source ecosystem, managing vulnerabilities efficiently is crucial. To address this,Chainguard is now publishing its security advisory feed in the Open Source Vulnerabilities (OSV) format. This integration aims to simplify vulnerability management and enhance security for users of open source software.

• PC Perspective ☛ Insecurity Corner Bonanza! Intel, Linux, Cisco And Apple All Unwillingly Participate

  This week has not been good for the sanity of system admins and knowledgeable users both, as there is hardly a system nor network that remains untouched by a new insecurity issues. The Intel Raptor Lake or Alder Lake system you are running is vulnerable to an all new branch prediction attack which is called Indirector. The Indirect Branch Predictor used in those architectures turns out to be designed with a predictable structure that allows for high precision manipulation. While there is a fix available, it comes with the same performance hit associated with previous speculative execution patches and you can expect to see significant performance hits after applying it. In some cases Linux systems are seeing their performance reduced by 50%.

• Integrity/Availability/Authenticity

  • WhichUK ☛ Facebook account hacking warning – what you need to know

    Fraudsters are posting malicious links from compromised accounts

  • Frank Meeuwsen ☛ Highlighting authors on Mastodon

    Not only does this new meta tag increase the visibility of the author on the Fediverse, it also validates the correct Fediverse account. It can also help to highlight Mastodon accounts on search queries in ánd outside of the Fediverse. It makes it easier for readers to follow the correct author on the Fediverse.

  • Eric Bailey ☛ Short note: Disavowing Snake People 3.0: Slither with a Hiss

    There is another browser extension called “Snake People 3.0: Slither with a Hiss”. It is made by the highly suspicious Firefox user 13947499.