Security Leftovers

posted by Roy Schestowitz on Aug 05, 2022

• New Linux malware brute-forces SSH servers to breach networks [Ed: Now the Microsofters are trying to blame "Linux" for weak passwords, which are brute-forced. This is getting utterly ridiculous given that Windows has actual back doors.]

  A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device.

• Maritime regulation. All Hands-on Deck! | Pen Test Partners

  Since January 1st 2021 the International Maritime Organization (IMO) has been enforcing Resolution MSC. 428(98) of the International Safety Management (ISM) Code.

  This resolution encourages Vessel Owners to ensure that cyber risks are appropriately addressed in existing safety management systems (SMS) by no later than the first annual verification of the company’s Document of Compliance (DOC) after January 1, 2021.

• Cobalt Strike Inspires Next-generation Crimeware | eSecurityPlanet

  Cobalt Strike is a legitimate vulnerability scanning and pentesting tool that has long been a favorite tool of hackers, and it’s even been adapted by hackers for Linux environments.

• Security updates for Friday [LWN.net]

  Security updates have been issued by CentOS (firefox, thunderbird, and xorg-x11-server), Debian (xorg-server), Gentoo (Babel, go, icingaweb2, lib3mf, and libmcpp), Oracle (389-ds:1.4, go-toolset:ol8, httpd, mariadb:10.5, microcode_ctl, and ruby:2.5), Red Hat (xorg-x11-server), Scientific Linux (xorg-x11-server), SUSE (buildah, go1.17, go1.18, harfbuzz, python-ujson, qpdf, u-boot, and wavpack), and Ubuntu (gnutls28, libxml2, mod-wsgi, openjdk-8, openjdk-8, openjdk-lts, openjdk-17, openjdk-18, and python-django).