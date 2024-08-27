Security Leftovers
Security Week ☛ Chinese APT Volt Typhoon Caught Exploiting Versa Networks SD-WAN Zero-Day
Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs.
Silicon Angle ☛ Flashpoint report reveals surge in vulnerabilities and infostealing malware in first half of 2024
A new report out today from business risk intelligence startup Flashpoint has found that new vulnerabilities that were discovered rose, though not by a lot, in the first half of this year and that cybercriminals are increasingly using info-stealing malware to steal personal information.
Security Week ☛ Georgia Tech Sued Over Alleged False Cybersecurity Reports to Win DoD Contracts
Complaint alleges that defendants submitted a false and fraudulent cybersecurity assessment score.
Security Week ☛ SonicWall Patches Critical SonicOS Vulnerability
SonicWall has patched CVE-2024-40766, a critical SonicOS vulnerability that can lead to unauthorized access or a firewall crash.
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (chromium, python-html-sanitizer, and trafficserver), Fedora (nginx, nginx-mod-fancyindex, nginx-mod-modsecurity, nginx-mod-naxsi, nginx-mod-vts, python-webob, python3-docs, python3.11, python3.12, python3.9, and zabbix), Red Hat (bind, bind and bind-dyndb-ldap, bind9.16, httpd, kernel, kernel-rt, and nodejs:20), SUSE (caddy, chromium, chromium, gn, rust-bindgen, cockpit, fetchmail, gdcm, gh, keybase-client, libhtp, libofx, nano, plasma5-workspace, python-nltk, python-notebook, xen, and znc), and Ubuntu (linux-azure, linux-azure-4.15, linux-azure-5.4, and linux-oracle-5.15).
Enhancing Kubernetes Security in Your Software Supply Chains With TLS certificates
Utilizing TLS certificates properly in your software supply chains can help decrease the chances of a cybersecurity incident, such as a supply chain attack or a man-in-the-middle attack.
LWN ☛ A malicious Pidgin plugin
The developers of the Pidgin chat program
have announced that
a malicious plugin had been listed on its third-party plugins list for over
one month. This plugin included a key logger and could capture
screenshots.
Windows TCO
SANS ☛ From Highly Obfuscated Batch File to XWorm and Redline, (Mon, Aug 26th)
Last week, I spotted a file called "crypted.bat" (SHA256: 453c017e02e6ce747d605081ad78bf210b3d0004a056d1f65dd1f21c9bf13a9a) which is detected by no antivirus...
Security Week ☛ 500k Impacted by Texas Dow Employees Credit Union Data Breach
The personal information of 500,000 Texas Dow Employees Credit Union members was compromised in the MOVEit hack last year.
Security Week ☛ Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data
Patelco Credit Union has confirmed a data breach impacting many individuals after the RansomHub ransomware group stole some databases.
Silicon Angle ☛ Seattle-Tacoma Airport suffers through third day of disruptions following possible ransomware attack
Seattle-Tacoma International Airport in Seattle, Washington, suffered through its third day of service disruptions today after a reported cyberattack disrupted services at the airport starting on Saturday. According to the Port of Seattle, which owns and operates the airport, the attack resulted in “internet web system outages,” which impacted some of the systems at the airport.
