news
Security and Windows TCO Leftovers
-
LWN ☛ Security updates for Monday
Security updates have been issued by AlmaLinux (java-1.8.0-openjdk), Debian (angular.js and batik), Fedora (chromium, pypy, screen, unbound, wine, and wine-mono), Mageia (djvulibre, quictls, and redis), Red Hat (avahi, gnome-remote-desktop, java-1.8.0-openjdk, java-11-openjdk with Extended Lifecycle Support, java-21-openjdk, kernel, kernel-rt, python-setuptools, redis, and valkey), SUSE (chromedriver, coreutils, cosign, docker, FastCGI, ffmpeg-4, fractal, gimp, glib2, ImageMagick, iputils, java-17-openjdk, java-24-openjdk, jq, kubelogin, kubernetes1.23, kubernetes1.24, kubernetes1.26, python-requests, python3, rmt-server, rustup, and thunderbird), and Ubuntu (apache2).
-
Trail of Bits ☛ Detecting code copying at scale with Vendetect
Vendetect is our new open-source tool for detecting copied and vendored code between repositories. It uses semantic fingerprinting to identify similar code even when variable names change or comments disappear. More importantly, unlike academic plagiarism detectors, it understands version control history, helping you trace vendored code back to its exact source commit.
-
Security Week ☛ Exploited CrushFTP Zero-Day Provides Admin Access to Servers
Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS.
-
Security Week ☛ Marketing, Law Firms Say Data Breaches Impact Over 200,000 People
Cierant Corporation and Zumpano Patricios independently disclosed data breaches, each impacting more than 200,000 individuals.
-
Security Week ☛ 750,000 Impacted by Data Breach at The Alcohol & Drug Testing Service
The Alcohol & Drug Testing Service (TADTS) says personal information was stolen in a July 2024 ransomware attack.
-
Cyber threats surge with rise in infostealers & Linux attacks [Ed: More like attacks that target things which happen to run Linux, and not because it's the fault of Linux at all]
Barracuda Networks researchers have reported a notable rise in cyber threats over the past month, with substantial increases in infostealer attacks, threats targeting Linux servers, and suspicious login attempts to AWS consoles.
-
Silicon Angle ☛ Iranian hackers expand Android spyware campaign amid Middle East tensions
A new report out today from mobile security firm Lookout Inc. warns that the Iranian state-aligned cyberespionage group MuddyWater has further developed its Android surveillanceware known as DCHSpy, deploying it in targeted campaigns amid the recent Israel-Iran conflict.
-
Security Week ☛ Iranian APT Targets Android Users With New Variants of DCHSpy Spyware
Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel.
-
Citizen Lab ☛ Canada’s Outdated Laws Leave Spyware Oversight Dangerously Weak
In a new piece for Policy Options, senior research associate Kate Robertson and legal extern Song-Ly Tran discuss how outdated protections in Canada’s decades old wiretap laws fail to protect people in Canada from abuse of spyware technologies.
-
Windows TCO / Windows Bot Nets
-
Krebs On Security ☛ Microsoft Fix Targets Attacks on SharePoint Zero-Day
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the SharePoint flaw to breach U.S. federal and state agencies, universities, and energy companies.
-
Federal News Network ☛ Agencies face tight deadline to mitigate SharePoint vulnerability
CISA gave agencies until the end of the day on Monday to mitigate a severe zero-day vulnerability in Microsoft's widely used SharePoint software.
-
Federal News Network ☛ What to know about a vulnerability being exploited on Abusive Monopolist Microsoft SharePoint servers
Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies. The company said in its blog post that it discovered at least dozens of systems were compromised around the world.
-
Bruce Schneier ☛ Another Supply Chain Vulnerability
ProPublica is reporting:
Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found.
-
SANS ☛ How quickly do we patch? A quick look from the global viewpoint, (Mon, Jul 21st)
-