Security Leftovers
-
LWN ☛ Security updates for Wednesday
Security updates have been issued by Debian (firefox-esr), Fedora (fastd, ovn, and yq), Mageia (libreoffice), Slackware (mozilla), SUSE (google-osconfig-agent, grafana, helm, and rime-schema-all), and Ubuntu (linux-azure, linux-azure-5.4, linux-lowlatency, openjdk-17, openjdk-21, openjdk-23, openjdk-8, and openjdk-lts).
-
Pen Test Partners ☛ A tale of enumeration, and why pen testing can’t be automated
TL;DR In an engagement we found an open directory on the internet belonging to our client
-
Security Week ☛ Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities
Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities.
-
CSO ☛ New trojan hijacks Linux and IoT devices
The trojan has been used in attacks since mid-November 2024 to infect and remotely control systems and exfiltrate data such as user credentials or MAC addresses.
-
SystemBC Strikes Linux: Why Proactive Defense Is Now Critical
Threat analysts are raising alarm: a Linux version of SystemBC, a well-known RAT, is targeting Linux-based enterprise servers and cloud infrastructure. SystemBC, a malware often used as a backdoor in cyberattacks, was first spotted in 2018. It gives malefactors a remote control over the infected host and delivers malicious payload including trojans and ransomware. Emerging as Windows-only, it recently obtained a Linux variant thus becoming cross-platform and much more harmful since Linux-based servers are commonly used in enterprise environments. Security teams must take this threat most seriously.
-
SANS ☛ Phishing via "com-" prefix domains, (Wed, Feb 5th)
Phishing is always a "whack the mole" like game. Attackers come up with new ways to fool victims. Security tools are often a step behind. Messages claiming to collect unpaid tolls are one current common theme among phishing (smishing) messages. I just received another one today:
-
Security Week ☛ Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms
150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies.
-
Scoop News Group ☛ Infosec pros: We need CVSS, warts and all
The Common Vulnerability Scoring System has a lot of critics, but experts say it’s still the best unified way to share the severity of cybersecurity flaws.