Linux-Centric "Security" (and FUD) Leftovers
LWN ☛ Security updates for Wednesday
Security updates have been issued by AlmaLinux (libsndfile, php:7.4, python3.11, python3.12, and python36:3.6), Debian (dpdk), Mageia (curl and socat), Oracle (firefox and tuned), Red Hat (bluez, containernetworking-plugins, edk2, edk2:20220126gitbb1bba3d77, edk2:20240524, expat, gstreamer1-plugins-base, gstreamer1-plugins-base and gstreamer1-plugins-good, gstreamer1-plugins-good, kernel, libsndfile, libsndfile:1.0.31, mpg123, mpg123:1.32.9, pam, python3.11-urllib3, skopeo, tuned, unbound, and unbound:1.16.2), SUSE (cloudflared, curl, docker, firefox, gstreamer-plugins-good, kernel, libmozjs-115-0, libmozjs-128-0, libmozjs-78-0, libsoup, ovmf, python-urllib3_1, subversion, thunderbird, and traefik), and Ubuntu (editorconfig-core, libspring-java, linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke,
linux-gkeop, linux-ibm, linux-nvidia, linux-nvidia-6.8,
linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8,
linux-raspi, linux, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-ibm,
linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15,
linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-raspi, linux, linux-lowlatency, linux-oracle, linux-aws, linux-aws-5.15, linux-aws, linux-aws-5.4, linux-bluefield, linux-oracle, linux-oracle-5.4, and linux-oem-6.11).
AmiViz Partners with Sandfly Security to Deliver Advanced Agentless Linux Security Solutions in the Middle East [Ed: Selling security as a "product" typically means doing it wrong]
Hackers Exploiting Linux eBPF to Spread Malware in Ongoing Campaign [Ed: This needs to actually explain how the malware gets there in the first place]
Cybersecurity researchers identified an active Linux malware campaign leveraging eBPF technology and targeting businesses and users globally.
Cyber Security News ☛ Multiple GStreamer Vulnerabilities Impact Linux Distributions Using GNOME
A recent security investigation has uncovered a series of vulnerabilities in GStreamer, the open-source multimedia framework integral to GNOME-based Linux distributions.
According to reports, vulnerabilities, spanning critical issues such as out-of-bounds writes, stack-buffer overflows, and null pointer dereferences, pose significant risks to widely used Linux distributions like Ubuntu, Fedora, and openSUSE.
Cyber Security News ☛ New DDoS Malware “cShell” Exploit Linux Tools to Attack SSH Servers
The AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware, named cShell, targeting poorly managed Linux SSH servers (screen and hping3).
Wiz Inc ☛ Unpacking Diicot - Evolving Campaign Targeting Linux Environments [Ed: Company created by a Microsofter talks about Linux, and never in a good way (just innuendo)]
This campaign targets Linux systems and showcases significant advancements compared to previous iterations. We have seen evidence of this new malware, as well as earlier versions of it, in several cloud environments, indicating a widespread campaign targeting various sectors.