Security Leftovers
Reproducible Builds: Reproducible Builds in February 2024
Welcome to the February 2024 report from the Reproducible Builds project! In our reports, we try to outline what we have been up to over the past month as well as mentioning some of the important things happening in software supply-chain security.
Reproducible Builds at FOSDEM 2024
LinuxSecurity ☛ Multiple Chromium DoS, Info Disclosure Vulns Fixed
Multiple severe security issues were discovered in Chromium before version 122.0.6261.111, which could result in arbitrary code execution, denial of service, or information disclosure. Let's examine these vulnerabilities, their impact, and how to protect against them.
CISA ☛ 2024-03-06 [Older] VMware Releases Security Advisory for Multiple Products
CISA ☛ 2024-03-01 [Older] Cisco Releases Security Advisories for Cisco NX-OS Software
CISA ☛ 2024-03-06 [Older] CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA ☛ 2024-03-05 [Older] CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA ☛ 2024-03-05 [Older] CISA Releases Three Industrial Control Systems Advisories
CISA ☛ 2024-03-05 [Older] Nice Linear eMerge E3-Series
CISA ☛ 2024-03-04 [Older] CISA Adds One Known Exploited Vulnerability to Catalog
CISA ☛ 2024-02-29 [Older] CISA Adds One Known Exploited Vulnerability to Catalog
CISA ☛ 2024-02-29 [Older] CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities
CISA ☛ 2024-02-29 [Older] CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware
CISA ☛ 2024-02-29 [Older] CISA Releases Two Industrial Control Systems Advisories
CISA ☛ 2024-02-29 [Older] Delta Electronics CNCSoft-B
Bleeping Computer ☛ Magnet Goblin hackers use 1-day flaws to drop custom Linux malware [Ed: This Microsoft-connected site makes it sound like "Linux" is at fault here, rather than flaws that were patches several years ago ]
Some of the devices or services targeted by the hackers are Ivanti Connect Secure (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893., Apache ActiveMQ, ConnectWise ScreenConnect, Qlik Sense (CVE-2023-41265, CVE-2023-41266, CVE-2023-48365), and Magento (CVE-2022-24086).
Computing UK ☛ Russian hackers exploit Ubiquiti routers in covert cyberattacks, FBI warns
Despite recent efforts by the US Department of Justice to disrupt a botnet constituting primarily of these compromised routers, the threat persists
TechTarget ☛ The Change Healthcare attack: Explaining how it happened
Change Healthcare was hit with a ransomware attack from BlackCat/ALPHV after its systems were disrupted. Keep reading to learn more about this attack and how others are affected.