news
Security Leftovers
-
LWN ☛ Security updates for Wednesday
Security updates have been issued by AlmaLinux (cloud-init, fence-agents, git, kernel, and kernel-rt), Debian (openjdk-11), Fedora (firefox, golang, libinput, transfig, and yasm), Mageia (qtbase5, qtbase6), Red Hat (fence-agents, go-toolset:rhel8, golang, kernel, and python-setuptools), Slackware (mozilla), SUSE (cyradm, gstreamer-plugins-base, and xen), and Ubuntu (gdk-pixbuf, jq, linux-gcp, linux-gcp-6.8, linux-oracle, ruby-sinatra, thunderbird, and unbound).
-
Silicon Angle ☛ How DarkForums filled the gap left by defunct hacking forum BreachForums
A new report out today from threat intelligence firm KELA Research and Strategy Ltd. details the rapid ascent and leadership behind DarkForums, a cybercrime platform that’s filling the void left by the takedown of BreachForums earlier this year.
-
Scoop News Group ☛ Cisco network access security platform vulnerabilities under active exploitation
The software defects, which have a maximum-severity rating, do not require authentication and allow remote attackers to execute code arbitrarily on the underlying system.
-
Security Week ☛ Hackers Start Exploiting Critical Cisco ISE Vulnerabilities
Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.
-
Federal News Network ☛ Agreement for critical CISA cyber threat analysis work expires
CISA says it's reviewing an agreement with Lawrence Livermore National Laboratory that involves the lab analyzing "CyberSentry" threat data.
-
Security Week ☛ Lumma Stealer Malware Returns After Takedown Attempt
The Lumma Stealer is back after Abusive Monopolist Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure.
-
Security Week ☛ Coyote Banking Trojan First to Abuse Abusive Monopolist Microsoft UIA
Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data.
-
Different Types of Honeypots and Where to Get Them
Explore different types of honeypots available for security defence. Complete directory with download links, installation guides, and resources for every honeypot category from SSH to industrial systems.
-
The Strategist ☛ Not just government: cloud system security is everybody’s responsibility
Australia’s move to cloud-based technologies can’t afford to repeat the mistakes of the early adoption of the internet and social control media.
-
Security Week ☛ Critical Vulnerabilities Patched in Sophos Firewall
Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.
-
Trail of Bits ☛ Inside EthCC[8]: Becoming a smart contract auditor
At EthCC[8], Trail of Bits blockchain security engineer Nicolas Donboly laid out a clear, actionable path for aspiring smart contract auditors, drawing from his own experience transitioning from a non-technical background into a leading security role.
-
Security Week ☛ High-Severity Flaws Patched in Chrome, Firefox
Fresh security updates for Chrome and Firefox resolve multiple high-severity memory safety vulnerabilities.
-
It's FOSS ☛ Someone Slipped a RAT into Arch Linux!
A RAT, or remote access trojan, is a type of malware that lets attackers control a device from far away. Usually, RATs target Windows or macOS computers. But even Linux, which is known for being secure, is not completely safe from these kinds of threats.
A concerning case has popped up where malicious AUR packages on Arch Linux were found dropping CHAOS RAT onto user systems without their knowledge.
-
LinuxInsider ☛ From Kernel to Cloud: Open Source Takes On Security Trade-Offs [Ed: Marketing spam with slop images]
Recent developments — including hardened Linux distributions, live patching for government-grade systems, container image hardening, and hypervisor-level isolation — reflect a broader industry push to meet rising compliance demands without sacrificing uptime.
Specialized live patching services for government-grade Linux distributions, combined with hardened containers and hypervisor-based isolation, demonstrate how open-source security is evolving rapidly in response to the increasing scrutiny of software supply chains, particularly from the U.S. Department of Defense.
On June 5, TuxCare made headlines by extending its KernelCare service for enterprise AlmaLinux editions 9.2 through 9.6, uniquely positioning this distribution as the sole FIPS 140-3 validated distribution capable of years of rebootless patching. This critical enhancement enables organizations, particularly those providing cloud services to U.S. government agencies under FedRAMP, to achieve continuous uptime and meet stringent security requirements without the operational burden of frequent reboots.
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ UK’s Ransomware Payment Ban: Bold Strategy or Dangerous Gamble?
Critics warn that a ban on ransomware payments may lead to dangerous unintended consequences, including forcing victims into secrecy or incentivizing attackers to shift tactics.
-