Security Leftovers and Windows TCO
WordPress ☛ WordPress 6.5.3 Maintenance Release
WordPress 6.5.3 is now available! This minor release features 12 bug fixes in Core and 9 bug fixes for the block editor. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement.
SANS ☛ Detecting XFinity/Comcast DNS Spoofing, (Mon, May 6th)
ISPs have a history of intercepting DNS. Often, DNS interception is done as part of a "value add" feature to block access to known malicious websites.
LinuxSecurity ☛ Fortifying Email Security with Infosec Through the SDLC
Imagine releasing a software solution into the market only to realize the user cannot use the app properly. They have been reporting numerous bugs, which has lowered your reputation and reliability.
LinuxSecurity ☛ PostgreSQL Security Vulns Allow for XSS, MFA Bypass
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned CVE-2024-4216 and CVE-2024-4215 affect the tool's cross-site scripting and multi-factor authentication features. As GNU/Linux admins, InfoSec professionals, and security enthusiasts, it is crucial to understand the implications of these vulnerabilities and discuss their long-term consequences for our security practices.
LinuxSecurity ☛ AlmaLinux 9.4 Reinforces Robust GNU/Linux Security
The recent release of AlmaLinux 9.4 , closely aligned with Red Bait Enterprise GNU/Linux (RHEL) 9.4 , presents GNU/Linux admins and infosec professionals with an enhanced open-source enterprise GNU/Linux solution. AlmaLinux 9.4 is built directly from RHEL's open-source source code, demonstrating the community's ability to deliver prompt updates. Let's explore this release's implications, long-term consequences, and impact on security practitioners.
Windows TCO
[Repeat] Security Week ☛ LockBit Ransomware Mastermind Unmasked, Charged
The LockBit RaaS started operations in September 2019 and was disrupted by law enforcement in February 2024. Despite that, however, the RaaS administrators managed to restore some of the infrastructure, launched a new leak site, and resumed operations shortly after.
Cyble Inc ☛ LockBit Ransomware Group Claims Cyberattack On Wichita
Despite the major collaborative effort by law enforcement agencies resulting in the exposure and sanctioning of Dmitry Yuryevich Khoroshev, the Russian national thought to be at the helm of LockBit’s widespread hacking operations, the hacker group shows no signs of ceasing its activities.
LockBit has reportedly launched a cyberattack on Wichita, Kansas, targeting state government and various local entities. The news of the Wichita cyberattack emerged on LockBit’s previously inactive platforms, which were reactivated after the shutdown of their official website.
The Record ☛ LockBit claims attack on Wichita as city struggles with payment issues, airport disruption
One the same day that the LockBit ransomware gang’s leader was publicly named by U.S. law enforcement agencies, the group took credit for a devastating attack on the city of Wichita.
The Kansas city first announced the incident on Sunday, and since then it has caused a cascade of problems — from shutting off the WiFi and departure screens at the local airport to forcing all city-run organizations to revert to cash payments.
LockBit added the city to its leak site on Tuesday, giving officials until May 15 to pay an undisclosed ransom. The group has continued to post new victims following a law enforcement operation in February where agencies in the U.K. and U.S. took down infrastructure used for ransomware attacks.
