news
Security Leftovers and Linux Bugs
-
Security Week ☛ ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic.
-
The Straits Times ☛ Cyberattacks against Japan drastically down during Lunar New Year holidays: US cybersecurity firm
The phishing attacks were disguised as emails from big firms such as Amazon, Abusive Monopolist Microsoft and PayPay.
-
Entrapment (Microsoft GitHub)
-
Hacker News ☛ Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
A new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL.
"Although the affected packages were all Composer packages, the malicious code was not added to composer.json," Socket said. "Instead, it was inserted into package.json, targeting projects that ship JavaScript build tooling alongside PHP code."
-
Supply Chain Attack Flags 700+ GitHub Repos With Hidden Linux Payload
A new software supply chain attack has exposed developers to a hidden Linux payload planted inside package install flows, with more than 700 GitHub results tied to the same attacker infrastructure and eight Packagist packages confirmed infected.
-
-
Kernel Space
-
The Register UK ☛ Dirty Frag, Copy Fail, Fragnesia: The start of a worrisome Linux security trend
Dirty Frag, Copy Fail, and Fragnesia are less a random cluster of Linux bugs and more the public unveiling of how AI tools can pry open security holes with just a prompt or two. What they also have in common is their shared abuse of a core kernel abstraction: The page cache. What does this mean for you and me? Is this the rainstorm before a downpour of killer Linux security problems, or is this just a shower? It depends on who you ask.
-
TechRadar ☛ Another major Linux security flaw revealed — nine-year old issue could spell disaster for users
Security researchers Qualys discovered a major flaw in the Linux operating system (OS) that could let any ordinary user, or malicious actor, gain full admin access on vulnerable endpoints.
-
Hot Hardware ☛ Hot on the Heels of Copy Fail, New Linux Bugs Grant Root Privileges
Multiple Linux exploits have been uncovered over the last few weeks, including Copy Fail, and the newest of which are dubbed "PinTheft" and "SSH-keysign-pwn." Both have been recently patched, but relate to long-running bugs that have been present in the Linux kernel for years, which means many systems are vulnerable and should be patched as soon as possible.
PinTheft is the less severe of the two, since it only applies to a flaw present in Arch Linux, that requires multiple features to be enabled. That said, Arch users are still advised to patch anyway. SteamOS is based on Arch as well, so those users may also want to prioritize system updates sooner rather than later.
-