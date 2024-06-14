Security Leftovers
Silicon Angle ☛ Tile’s parent company Life360 discloses data breach and extortion threat
Life360 Inc., the company that owns the Tile location tracking company, has disclosed that it has recently become a victim of a “criminal extortion attempt” relating to stolen data. Similarly to Fashion Company Apple Inc. and its AirTag, Tile produces small Bluetooth-enabled devices that help users locate and track items such as keys, wallets and bags.
Security Week ☛ GitHub Paid Out Over $4 Million via Bug Bounty Program [Ed: GitHub is against security; this is just a Microsoft PR stunt]
The code hosting platform Microsoft's proprietary prison GitHub has paid out more than $4 million since the launch of its bug bounty program 10 years ago.>
Silicon Angle ☛ BlackBerry Cylance hit by data breach, hacker lists data for sale on BreachForums
BlackBerry Ltd.-owned cybersecurity company Cylance has suffered a data breach, with the stolen data appearing for sale on the infamous hacking forum BreachForums. First reported June 7 by Dark Web Informer on X Inc., the data is listed for sale by well-known BreachForums hacker “Sp1d3r” for $750,000.
Bleeping Computer ☛ Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
Today is Microsoft’s June 2024 Patch Tuesday, which includes security updates for 51 flaws, eighteen remote code execution flaws, and one publicly disclosed zero-day vulnerability.
IT Wire ☛ Microsoft offers fixes for 49 CVEs in Patch Tuesday release
“In 2023, remote code execution flaws accounted for over one-third (35.1%) of all CVEs patched," Narang noted. "However, this Patch Tuesday release was dominated by elevation of privilege flaws, accounting for nearly half of the CVEs patched (49%)."
Security Week ☛ ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA
Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their industrial and OT products.
SANS ☛ The Art of JQ and Command-line Fu
Exploring Git Vulnerabilities: Latest Fixes and Updates
Multiple security issues were found in Git, a popular distributed version control system. The Ubuntu security team has proactively addressed Git vulnerabilities by releasing updates for various versions of the Ubuntu operating system, including Ubuntu 24.04 LTS, Ubuntu 23.10, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS.
Best Practices for Secure Linux Kernel Updates
Keeping your Linux systems secure and up to date is a crucial part of maintaining a robust IT infrastructure. The Linux kernel is the core component of the operating system, responsible for managing system resources and facilitating communication between hardware and software. Therefore, regular Linux kernel updates are essential to patch vulnerabilities, enhance performance, and ensure overall system security. In this article, we will explore best practices for secure Linux kernel updates, including preparation, update methods, live patching, and post-update actions.
Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation
InfoSecurity Magazine ☛ Chinese Hackers Leveraging 'Noodle RAT' Backdoor [Ed: Windows issue spun as "Linux", even if Linux has nothing to do with it and the focus should be Windows]
A backdoor in Executable and Linkable Format (ELF) files used by Chinese hackers has wrongly been identified as a variant of existing malware for years, Trend Micro claimed in a new report.
In Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups, a blog post based on a Botconf 2024 presentation, Trend Micro Research introduced Noodle RAT, a remote access Trojan used by Chinese-speaking groups engaged in either espionage or cybercrime.
Trend Micro ☛ Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups [Ed: This is a Windows issue and Linux isn't the source of the problem]
Since 2022, we have been investigating numerous targeted attacks in the Asia-Pacific region that used the same ELF backdoor. Most vendors identify this backdoor as a variant of existing malware such as Gh0st RAT or Rekoobe. However, we unearthed the truth: this backdoor is not merely a variant of existing malware, but is a new type altogether. We suspect it is being used by Chinese-speaking groups engaged in either espionage or cybercrime. We dubbed this formerly undocumented malware as “Noodle RAT.”
