Security Leftovers
-
Wind River Security Scanning Service for Linux CVEs Offers Path to Remediation and Long-Term Maintenance Through the Full Lifecycle
-
The Machine Keyring [Ed: Oracle attacking the freedom of Linux]
UEFI Secure Boot provides a security feature that ensures only trusted digitially signed binaries are executed in the boot chain. Secure Boot validates each digital signature before allowing anything to load during boot. Linux kernel modules are one of the final components of the boot chain. To maintain the signing validation requirement, all kernel modules must be signed and validated. Linux distributions enforce integrity lockdown mode when booting with Secure Boot enabled. Within lockdown mode, kernel module signature validation is enforced. With the mainline kernel, users who wanted the extra flexibility to load their own kernel modules had to go through a complex process to enroll their own keys. This is a thing of the past, as there is now a much simpler process which this blog will explain.
-
Security updates for Wednesday
Security updates have been issued by Debian (c-ares), Fedora (curl and firefox), Oracle (cups-filters, kernel, and webkit2gtk3), Red Hat (emacs and kpatch-patch), Slackware (mozilla), SUSE (kernel and openssl-1_0_0), and Ubuntu (firefox and libreoffice).
-
Barracuda says hacked ESG appliances must be replaced immediately
Email and network security company Barracuda warns customers they must replace Email Security Gateway (ESG) appliances hacked in attacks targeting a now-patched zero-day vulnerability.
“Impacted ESG appliances must be immediately replaced regardless of patch version level,” the company warned in an update to the initial advisory issued on Tuesday.
“Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG.”
-
Perhaps victims shouldn’t be so quick to claim “no evidence so far…”
In November 2022, Pearland ISD in Texas informed parents and employees about a breach and told them that ongoing investigation so far had shown no evidence that any sensitive information had been accessed by anyone outside of the district.
In June 2023, Pearland sent letters to 55,486 people whose personal information had been accessed or acquired by the unidentified threat actor(s). The information affected may have included name, date of birth, address, and Social Security number.
-
Senate committee approves Phillips-Hill’s measure to protect student data, privacy
The Senate Education Committee approved the Student Data Privacy and Protection Act, according to the measure’s sponsor Sen. Kristin Phillips-Hill (R-York).
Senate Bill 565 modernizes Pennsylvania law to accommodate student information being stored online, as well as students learning and attending school online. As is currently stands, student-related data is being generated, collected, and stored within our school systems, with no current protocols.
-
Data on as many as 100,000 Nova Scotia healthcare staff stolen in MOVEit breach
Data on at least 100,000 employees in Nova Scotia’s healthcare sector were stolen as the result of the vulnerability in Progress Software’s MOVEit file transfer application, the province said Tuesday.
Data stolen includes Social Insurance numbers, addresses and banking information of employees of Nova Scotia Health, the public service and the IWK Health Centre, which is a major pediatric hospital and trauma centre.
The provinces uses MOVEit for transferring payroll information. It has begun notifying victims.
-
Ascension Seton reports data breach of websites
The Austin hospital system Ascension Seton experienced a data breach of two websites earlier this year, potentially exposing the personal information of certain users.
Ascension Seton issued a statement Tuesday saying its legacy websites — Seton.net and DellChildrens.net — were breached on March 1 and 2. The hospital system said it has been working alongside Vertex, the third-party vendor that managed the sites, to understand the scope of the security violation. Vertex also alerted law enforcement and hired a forensic investigator to study the event.
-
The 2023 Verizon DBIR is out — get your copy now
74% of all breaches include the human element through Error, Privilege Misuse, Use of stolen credentials or Social Engineering
-
Mayberry clients urged to increase vigilance after cyberattack
With no indication of the extent of a data breach and cyberattack at investment firm Mayberry, the company yesterday urged clients to take immediate steps to protect themselves “against any possible adverse consequences”.
In its second notice to its clients since Friday night, Mayberry yesterday asked them to actively monitor all accounts and contact their financial institution if they notice any suspicious and/or unusual activity. They were also asked to change passwords to all accounts that they operate. […]
Mayberry says the data breach resulted in unauthorised access and the stealing of data to include personal data. The company also confirmed that some clients data has been put on the dark web, an area of the Internet where fraudsters lurk as they trade in stolen data to the highest bidder.
-
Houston ISD investigating how students' personal documents ended up on the street
Several students' records were found scattered on the road and sidewalks outside an elementary school in southwest Houston on Tuesday. Houston ISD is now working to learn how paperwork with personal information like student addresses ended up there.
Documents like report cards, folders of completed field trip forms, parent phone numbers, and students' personal information ended up outside Red Elementary School in the Willow Meadows area.