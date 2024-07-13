Security Leftovers
SANS ☛ Attacks against the "Nette" PHP framework CVE-2020-15227, (Fri, Jul 12th)
Today, I noticed some exploit attempts against an older vulnerability in the "Nette Framework", CVE-2020-15227 [...]
Hackaday ☛ This Week In Security: Blast-RADIUS, Gitlab, And Plormbing
The RADIUS authentication scheme, short for “Remote Authentication Dial-In User Service”, has been widely deployed for user authentication in all sorts of scenarios. It’s a bit odd, in that individual users authenticate to a “RADIUS Client”, sometimes called a Network Access Server (NAS). In response to an authentication request, a NAS packages up the authentication details, and sends it to a central RADIUS server for verification. The server then sends back a judgement on the authentication request, and if successful the user is authenticated to the NAS/client.
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (apache2), Fedora (mingw-python3 and python-urllib3), Oracle (dotnet6.0, dotnet8.0, fence-agents, openssh, pki-core, and virt:ol and virt-devel:rhel), SUSE (apache2, firefox, libvpx, oniguruma, python-zipp, python310, thunderbird, and tomcat10), and Ubuntu (apache2, apport, linux, linux-azure, linux-gcp, linux-ibm, linux-intel, linux-lowlatency, linux-oem-6.8, linux-raspi, linux, linux-gcp, linux-nvidia-6.5, linux-raspi, linux-gke, and python-django).
Security Week ☛ In Other News: Apple’s Spyware Warning, CDK Global Ransom Payment, Sibanye Cyberattack
Noteworthy stories that might have slipped under the radar: Abusive Monopolist Microsoft details Rockwell HMI vulnerabilities, smart grills hacked, Predator spyware activity drops.
Federal News Network ☛ DHS official details efforts to harmonize cyber incident reporting rules
DHS cyber lead Iranga Kahangama also says the proposed cyber incident reporting rule is not "simply a land grab," as some criticize it for being overly broad.
Security Week ☛ Critical Exim Flaw Allows Attackers to Deliver Malicious Executables to Mailboxes
Successful exploitation could allow attackers to deliver executable attachments to inboxes.
Security Week ☛ CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency
CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.
Security Week ☛ Millions Impacted by Breach at Advance Auto Parts Linked to Snowflake Incident
Advance Auto Parts says the personal information of 2.3 million was compromised after hackers accessed its Snowflake account.
New York Times ☛ AT&T Says Phone Data of ‘Nearly All’ Customers Was Breached in 2022
More than 100 million customers’ phone records were exposed, but the breach did not include contents of calls, texts or data such as Social Security numbers and passwords.