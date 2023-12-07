Security Leftovers and Windows TCO
The Register UK ☛ Apple and some Linux distros are open to Bluetooth attack
The bug, tracked as CVE-2023-45866, doesn't require any special hardware to exploit, and the attack can be pulled off from a Linux machine using a regular Bluetooth adapter, says Marc Newlin, who found the flaw and reported it to Apple, Google, Canonical, and Bluetooth SIG.
Windows TCO
The Register UK ☛ BlackCat ransomware crims threaten to directly extort victim's customers
BlackCat claims it has had access to Tipalti's systems since September 8 and alleges that since then it has managed to exfiltrate more than 265GB of "confidential" data belonging to the company, its employees, and its clients. Tipalti said it is "thoroughly" investigating the gang's claims.
The Register UK ☛ Fancy Bear goes phishing in US, European high-value networks
The US and UK governments have linked this state-sponsored gang to Russia's military intelligence agency, the GRU. Its latest phishing expeditions look to exploit CVE-2023-23397, a Microsoft Outlook elevation of privilege flaw, and CVE-2023-38831, a WinRAR remote code execution flaw that allows arbitrary code execution.
