news
Security and Windows TCO
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by AlmaLinux (kernel, kernel-rt, libtiff, squid:4, and thunderbird), Debian (strongswan and webkit2gtk), Fedora (pcre2, qt5-qtbase, squid, unbound, and xen), Mageia (icu and libtpms), Oracle (java-1.8.0-openjdk, java-17-openjdk, java-21-openjdk, kernel, squid:4, and thunderbird), Red Hat (libtiff, squid, squid:4, and webkit2gtk3), SUSE (cmake, dracut-saltboot, erlang, exim, expat, ffmpeg-4, firefox, golang-github-prometheus-alertmanager, haproxy, java-11-openjdk, kernel, libxslt, multi-linux-manager, openssl-3, podman, rabbitmq-server, spacewalk-web, strongswan, and wireshark), and Ubuntu (gst-plugins-good1.0, linux-aws-5.15, radare2, ruby2.3, ruby2.5, ruby2.7, and strongswan).
-
GamingOnLinux ☛ New security advisory released for X.Org X server and Xwayland issues | GamingOnLinux
Today, an X.Org Security Advisory was sent out that details multiple security issues X.Org X server and Xwayland. Be sure you keep an eye on system updates as distributions get the issues patched.
-
Krebs On Security ☛ Aisuru Botnet Shifts from DDoS to Residential Proxies
Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts say a glut of proxies from Aisuru and other sources is fueling large-scale data harvesting efforts tied to various artificial intelligence (AI) projects, helping content scrapers evade detection by routing their traffic through residential connections that appear to be regular Internet users.
-
Futurism ☛ Serious New Hack Discovered Against OpenAI’s New Hey Hi (AI) Browser
Atlas is a cybersecurity disaster waiting to happen.
-
Security Week ☛ Hackers Target Swedish Power Grid Operator
The hackers stole information from a file transfer solution and the country’s power supply was not affected.
-
Security Week ☛ TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks
A new class of Mirai-based DDoS botnets have been launching massive attacks, but their inability to spoof traffic enables device remediation.
-
Federal News Network ☛ EPA deepens work with water sector amid rising cyber concerns
The EPA’s work to identify vulnerabilities in the water sector will be a critical piece of its efforts as the risk management agency for water utilities.
-
NVISO Labs ☛ Vulnerability Management – Process Perspective
In this post, we dive deeper into the HOW of vulnerability management. This post is dedicated to the processes to provide a comprehensive overview.
-
Security Week ☛ Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack
Data allegedly stolen from the companies has been made available for download on the Cl0p ransomware leak website.
-
Linux Handbook ☛ Automating XSS Hunting with Dalfox [Pen Testing Hands-on]
Learn about using Dalfox for XSS injection on Kali GNU/Linux with a demo scan against a safe target. Copy, paste, profit. For lab purposes only.
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability
The critical-severity flaw allows attackers to smuggle HTTP requests and access sensitive data, modify server files, or cause DoS conditions.
-
Bleeping Computer ☛ Qilin ransomware abuses WSL to run Linux encryptors in Windows [Ed: Windows issues twisted as "Linux"]
The ransomware first launched as "Agenda" in August 2022, rebranding to Qilin by September and continuing to operate under that name to this day.
-
Qilin Ransomware Targets Windows with Linux-Based Payload [Ed: WSL is Windows]
A new Linux-based ransomware variant from the Qilin group can now infiltrate Windows systems.
-
Qilin uses Linux ransomware to evade Windows defenses
Security Affairs reports that Trend Micro researchers uncovered a sophisticated Qilin ransomware campaign that weaponized Linux binaries on Windows systems to evade endpoint detection and response tools and disable security defenses.
-
XDA ☛ WSL is great, but networking is a mess — here's how I fixed it [Ed: Windows is not great and using GNU/Linux "proper" would solve this]
But it's not all perfect, and for all the usefulness of WSL, more advanced users have noticed some big issues, with networking being a major one. With Linux running inside Windows, managing the network connection for the host and guest can be a challenge, at least out of the box.
-