Security Leftovers

posted by Roy Schestowitz on Aug 02, 2024

• LWN ☛ Security updates for Wednesday

  Security updates have been issued by Fedora (xdg-desktop-portal-hyprland), Red Hat (freeradius, freeradius:3.0, git-lfs, httpd, kernel, openssh, and varnish:6), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont, git, gtk2, gtk3, kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t, orc, postgresql14, python-dnspython, python-urllib3, shadow, and xen), and Ubuntu (openjdk-17, openjdk-21, openjdk-8, openjdk-lts, and python3.10, python3.8).

• Security Week ☛ Massive OTP-Stealing Android Malware Campaign Discovered

  Android malware can intercept and steal OTPs and login credentials, leading to complete account takeovers.

• SANS ☛ Increased Activity Against Apache OFBiz CVE-2024-32113, (Wed, Jul 31st)

  As part of its extensive project portfolio, the Apache Foundation supports OFBiz, a Java-based framework for creating ERP (Enterprise Resource Planning) applications.

• Silicon Angle ☛ Zimperium warns new ‘SMS Stealer’ malware is actively intercepting onetime passwords

  A new report released today from mobile security platform provider Zimperium Inc. is warning of a new and potent threat that hijacks onetime password text messages, posing significant risks to account security and personal data.

• OpenSSF (Linux Foundation) ☛ Neo Malware: Malicious Open Source Packages

  Malware is at the top of the list among things that keep security and development organizations on edge.

• Security Week ☛ CrowdStrike Faces Lawsuits From Customers, Investors

  CrowdStrike is facing lawsuits from investors and customers following the incident that caused massive global outages.

• CyberRisk Alliance LLC ☛ Updated TgRat trojan sets sights on Linux servers [Ed: So do not install it]

  Hackread reports that Linux servers have been subjected to attacks with an updated version of the TgRat trojan, which bypasses detection through the utilization of Telegram for command and control.

• Hacker News ☛ North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS

  The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems.