Security Leftovers
-
Mitigating DDoS Attacks in Cloud-Native Applications
As DDoS attacks grow in sophistication and frequency, adopting robust mitigation strategies becomes paramount for organizations.
-
TechRepublic ☛ Three Quarters of Dependency Vulnerability Patches Lead to Breakages, Report Finds
Minor updates break clients 94% of the time, while version upgrades cause issues 95% of the time, according to Endor Labs researchers.
-
LWN ☛ Security updates for Thursday
Security updates have been issued by Debian (chromium and redis), Fedora (nextcloud, python3.10, python3.13, python3.6, vim, and wolfssl), Mageia (expat, libpcap, and microcode), Oracle (dovecot, kernel, and kernel-container), Red Hat (kernel and krb5), SUSE (389-ds, colord, containerd, curl, expat, glib2, go1.22, go1.23, kernel, libpcap, postgresql16, and runc), and Ubuntu (expat, libxmltok, linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gkeop, linux-ibm, linux-kvm, linux-oracle, linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-oem-6.8, linux-oracle, linux-aws-5.4, linux-azure-5.4, linux-gcp-5.4, linux-hwe-5.4, linux-ibm-5.4, linux-oracle-5.4, linux-raspi-5.4, linux-azure, linux-iot, linux-nvidia, linux-nvidia-lowlatency, python-setuptools, setuptools, tiff, and unbound).
-
Federal News Network ☛ Marines banking on identity services as zero trust foundation
Shery Thomas, an executive in the Marine Corps Forces Cyberspace, said their zero trust effort is on track thanks to the Navy’s enterprisewide service.
-
Federal News Network ☛ A contractor cybersecurity regime is coming faster than you think
"What the CMMC program is doing is adding new verification mechanisms," procurement attorney Dan Ramish said.
-
Security Week ☛ Iranian Hackers Targeting Iraqi Government: Security Firm
Hackers believed to be operating on behalf of the Iranian government have deployed malware to Iraqi government networks.
-
Security Week ☛ New Chrome Features Protect Users Against Threats, Provide More Control Over Personal Data
Google is rolling out new features in Chrome to better protect users online and to improve their control over personal data.
-
Security Week ☛ Evasion Tactics Used By Cybercriminals To Fly Under The Radar
Relentless in their methods, attackers will continue employing evasion tactics to circumvent traditional security measures.
-
Security Week ☛ Palo Alto Networks Patches Dozens of Vulnerabilities
Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser.
-
Security Week ☛ Cisco Patches High-Severity Vulnerabilities in Network Operating System
Cisco has announced security updates that patch eight vulnerabilities in IOS XR software, including six high-severity bugs.
-
Security Week ☛ Healthcare Provider to Pay $65M Settlement Following Ransomware Attack
Lehigh Valley Health Network has agreed to pay a $65 million settlement in a class-action suit filed over a 2023 data breach.
-
Pen Test Partners ☛ Living off the land, GPO style
TL;DR The ability to edit Group Policy Object (GPOs) from non-domain joined computers using the native Group Policy editor has been on my list for a long time.
-
NVISO Labs ☛ Introduction to Third-Party Risk Management
In today’s world, organizations are increasingly depending on their third-party vendors, suppliers, and partners to support their operations. This way of working, in addition to the digitalization era we’re in, can have great advantages such as being able to offer new services quickly while relying on other’s expertise or cutting costs on already existing processes.
-
Emulating the Persistent and Stealthy Ebury Linux Malware
Ebury is a sophisticated Linux malware, first discovered in 2011, that targets SSH servers to establish backdoor access and enable unauthorized remote control of infected systems. This malware is primarily designed to harvest credentials, such as SSH login information from compromised servers, allowing attackers to infiltrate other machines in the network. Ebury is particularly notorious for its use in large-scale botnets, where compromised systems are used for a range of malicious activities. These include sending spam, conducting Distributed Denial of Service (DDoS) attacks, deploying additional malware, and stealing sensitive information such as cryptocurrency wallets, login credentials, and credit card details.
-
HowTo Geek ☛ How Often Do You Update Your Linux Computer?
One of the most common reasons people cite as a reason to move from Windows to Linux is escaping Windows' annoying, unavoidable updates. Meanwhile, on Linux it's generally up to you to decide when and how often you update. Even so, not applying updates when they're available puts you at risk of security issues and potential system or software breakage. So how often are you updating your Linux system?
-
Dark Reading ☛ For $20, Researchers Seize Part of Net Infrastructure
Their findings highlight the frailty of some of the mechanisms for establishing trust on the Internet.
-
Dark Reading ☛ Socially Savvy Scattered Spider Traps Cloud Admins in Web
The dangerous ransomware group is targeting financial and insurance sectors using smishing and vishing against IT service desk administrators, cybersecurity teams, and other employees with top-level privileges.
-
Windows TCO
-
TechRadar ☛ Microsoft confesses its recent security updates…broke backdoored Windows 10 security patches
In its latest Patch Tuesday cumulative update, Microsoft has confirmed an embarassing bug which broke older security patches installed on Windows 10 devices. The bug is tracked as CVE-2024- 43491, and affects Windows 10 version 1507 – an older version still supported for Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015. It carries an almost maximum severity score – 9.8.
-
Bleeping Computer ☛ Microsoft fixes backdoored Windows Smart App Control zero-day exploited since 2018
Microsoft has fixed a backdoored Windows Smart App Control and SmartScreen flaw that has been exploited in attacks as a zero-day since at least 2018.
-