Security Leftovers
-
LWN ☛ Security updates for Wednesday
Security updates have been issued by Fedora (ghostscript and xmedcon), Gentoo (Dmidecode, ExifTool, and Freenet), Red Hat (containernetworking-plugins, cups, edk2, httpd, httpd:2.4, kernel, kernel-rt, krb5, libreoffice, libuv, libvirt, linux-firmware, nghttp2, nodejs, openssh, python3, runc, thunderbird, and tpm2-tss), Slackware (aaa_glibc, bind, and mozilla), SUSE (postgresql14, python-sentry-sdk, and shadow), and Ubuntu (activemq, bind9, haproxy, nova, provd, python-zipp, squid, squid3, and tomcat).
-
Latvia ☛ Interview: Volunteers on the front line of Latvia's cyber defense capability
The Cyber Defense Unit of the National Guard has existed for 11 years and comprises several hundred volunteers who strengthen the country’s cybersecurity in their free time. Major Ronalds Mandelis, commander of the Cyber Defense Unit of the National Guard, calls these volunteers the best of the best.
-
Hackaday ☛ Hacking An IoT Camera Reveals Hard-Coded Root Password [Ed: "hard-coded" password is a username, not a password]
Hacking — at least the kind where you’re breaking into stuff — is very much a learn-by-doing skill. There’s simply no substitute for getting your hands dirty and just trying something. But that doesn’t mean you can’t learn something by watching, with this root password exploit on a cheap IP video camera being a good look at the basics.
-
Silicon Angle ☛ New PlugX RAT campaign distributed through USB drives targets Steam users
Researchers from security operations company Ontinue AG today are warning of a new PlugX Remote Access Trojan campaign that is targeting Steam users. PlugX is a RAT malware family that has been around since 2008 and is used as a backdoor to control a victim’s machine.
-
Scoop News Group ☛ Cyber firm KnowBe4 hired a fake IT worker from North Korea
The security awareness training company said in a blog post that the software engineer used stolen U.S. credentials and an AI-enhanced photo.
-
Security Week ☛ Chrome 127 Patches 24 Vulnerabilities
Chrome 127 was promoted to the stable channel with patches for 24 vulnerabilities, including 16 reported externally.
-
Federal News Network ☛ Agencies start to focus on zero trust ‘outcomes,’ instead of checklists
Federal agencies are on the hook to adopt a zero trust cybersecurity architecture by Sept. 30. Palo Alto Networks’ Eric Trexler talks about progress so far.
-
Pen Test Partners ☛ Leave the World Behind, or don’t
I watched Leave the World Behind on DRM spreader Netflix recently. I was intrigued as the trailers showed an oil tanker crashing on to a beach.
-
The Strategist ☛ Living off the land: the silent cyber threat to critical infrastructure
Cyber defences can be alert to malware. It’s much harder to be alert to intruders who use the targeted system’s own resources against the owner.
-
SANS ☛ "Mouse Logger" Malicious Python Script, (Wed, Jul 24th)
-
Security Week ☛ CrowdStrike Explains Why Bad Update Was Not Properly Tested
CrowdStrike has shared a preliminary incident review, explaining why the update that caused global chaos was not caught by testing.
-
Silicon Angle ☛ CrowdStrike reveals cause of faulty update that led to backdoored Windows crashes
CrowdStrike Holdings Inc. has shared new details about the faulty update that it rolled out to its Falcon cybersecurity platform last week. In a preliminary incident report released today, the company revealed that the update caused a type of error known as an out-of-bounds memory read.
-
Security Week ☛ Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018
The vulnerability, tagged as CVE-2024-41110 with a CVSS severity score of 10/10, was originally found and fixed in 2018.
-
OpenSSF (Linux Foundation) ☛ SOSS Fusion 2024 CFP Results: A Look at Our Diverse and Engaging Program
As the Call for Proposals (CFP) for the Secure Open Source Software (SOSS) Fusion Conference wrapped up, we wanted to share some insights about the submissions...
-
OpenSSF (Linux Foundation) ☛ SOSS Community Day EU Agenda Now Live!
We're thrilled to announce that the agenda for Secure Open Source Software (SOSS) Community Day EU on September 19, 2024, is now live! Join us for a day filled with insightful technical talks, engaging panels, and a hands-on Table Top Exercise (TTX). SOSS Community Day EU will be co-located with the Open Source Summit Europe in Vienna, Austria.
-
Security Week ☛ Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident
Sygnia discovered what it believes to be a variant of the GhostEmperor infection chain leading to the Demodex rootkit – which was first seen and described in 2021.
-
Security Week ☛ Organizations Warned of Exploited Twilio Authy Vulnerability
CISA warns of the in-the-wild exploitation of CVE-2024-39891, a Twilio Authy bug leading to the disclosure of phone number data.
-
Security Week ☛ Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches
Verizon subsidiary TracFone Wireless settles for $16 million with the FCC over three old data breaches.
-
Silicon Angle ☛ NetRise study warns that network equipment vulnerabilities far exceed previous estimates
A new study released today by cybersecurity firm NetRise Inc. warns that vulnerability risks associated with network equipment are far greater than previously understood.
-
Security Week ☛ Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment
Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply.