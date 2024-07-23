Security Leftovers
LWN ☛ Security updates for Monday
Security updates have been issued by Fedora (botan2, chromium, ffmpeg, fluent-bit, gtk3, httpd, suricata, tcpreplay, and thunderbird), Mageia (apache, chromium-browser-stable, libfm & libfm-qt, and thunderbird), Oracle (firefox, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk, kernel, libndp, qt5-qtbase, ruby, skopeo, thunderbird, and virt:ol and virt-devel:rhel), Red Hat (containernetworking-plugins, firefox, libndp, qt5-qtbase, and thunderbird), SUSE (caddy, chromium, emacs, global, mockito, snakeyaml, testng, and opera), and Ubuntu (thunderbird).
Silicon Angle ☛ Now-patched Telegram for Android vulnerability exposed users to malicious videos
Researchers at ESET s.r.o. today shared details of a now-patched vulnerability that was being used to target Telegram for Android users via malicious videos. The exploit, dubbed “EvilVideo,” could have allowed attackers to share malicious Android payloads via Telegram channels, groups and chats, with the malicious files presenting as multimedia, particularly video files, to users.
The Strategist ☛ CrowdStrike glitch sounds a cybersecurity alarm we cannot ignore [Ed: Alarm about deploying Windows]
The recent CrowdStrike outage was not just a technical hiccup; it was a seismic tremor that exposed the brittle foundations on which Australia’s digital economy stands.
The Strategist ☛ Cyber security means sticking with trusted, not any, providers
The Crowdstrike software outage disrupted airlines, banks, supermarkets and other major services—causing significant inconvenience for millions of people worldwide.
Michigan Medicine notifies patients of health information breach
Michigan Medicine is notifying approximately 56,953 individuals about employee email accounts that were compromised, potentially exposing some patient health information.
Security Week ☛ Safety Equipment Giant Cadre Holdings Hit by Cyberattack
Safety equipment product maker Cadre Holdings was hit by a cyberattack that has impacted some of the company’s operations.
Security Week ☛ Suspected Scattered Spider Member Arrested in UK
UK authorities have arrested a 17-year-old suspected of being a member of the Scattered Spider cybercrime gang.
LRT ☛ Global [Windows] outage caused no major damage in Lithuania – official
Friday’s widespread global technology outage did not affect critical organisations in Lithuania, even if it will take some time for the affected systems to fully be restored, says Liudas Ališauskas, director of the National Cyber Security Centre (NKSC).
SANS ☛ CrowdStrike: The Monday After, (Mon, Jul 22nd)
Last Friday, after Crowdstrike released a bad sensor configuration update that caused widespread crashes of backdoored Windows systems. The most visible effects of these crashes appear to have been mitigated. I am sure many IT workers had to spend the weekend remediating the issue.
Federal News Network ☛ Though the Defense Department managed to go unscathed through the Crowdstrike outage, it remains on the alert
In today's Federal Newscast, the Defense Department generally escaped the effects of Friday’s global internet problems.
New York Times ☛ Congress Calls for Tech Outage Hearing to Grill Executive [Ed: Windows outage, not "Tech Outage"]
The House Homeland Security Committee called on the chief executive of the cybersecurity firm CrowdStrike to testify on the disruption.
Science Alert ☛ Expert Reveals How 'Largest IT Outage in History' Actually Happened [Ed: Windows being brought in by fake "IT" people]
A stark reminder of our vulnerability.
Security Week ☛ CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams
The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery.
Dark Reading ☛ Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffs
Tony Bradley, a seasoned communications professional in the cybersecurity industry, was blindsided when he was recently laid off from his role as a marketing director.
"It really was a complete shock. I was not a founder, but I was part of the C-suite inner circle for planning and strategizing," he says. "I was definitely under the impression that we were all on the same page and we were a team working together. I was wrong."
Instead, about a year into the job, Bradley received a call and was informed that a human resources representative was in attendance. Since then, Bradley has been searching for a new role, but it has been difficult. The layoff, he says, has had both financial and psychological effects.
Security Week ☛ California Officials Say Largest Trial Court in US Victim of Ransomware Attack
The Superior Court of Los Angeles County, the largest trial court in the US, has been the victim of a ransomware attack.
Hacker News ☛ New Linux Variant of Play Ransomware Targeting VMware ESXi Systems [Ed: The issue here is not Linux but proprietary garbage from a company that violates and attacks the licence of Linux]
Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that's designed to target VMware ESXi environments.
"This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations," Trend Micro researchers said in a report published Friday.