Security Leftovers and Windows TCO
LWN ☛ Security updates for Friday
Security updates have been issued by AlmaLinux (kernel and libssh), Debian (firefox-esr and pgpool2), Mageia (varnish & lighttpd), Red Hat (python3, python3.11, python3.12, python3.9, and python39:3.9), SUSE (expat, gstreamer-plugins-rs, kernel, openssl1, pgadmin4, python311-ldap, and squid), and Ubuntu (dotnet8, dotnet9, dotnet10 and mupdf).
Krebs On Security ☛ Email Bombs Exploit Lax Authentication in [Proprietary] Zendesk
Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing messages that come from hundreds of Zendesk corporate customers simultaneously.
Windows TCO / Windows Bot Nets
SANS ☛ TikTok Videos Promoting Malware Installation
Note that the video has already been liked more than 500 times!
The technique is similar to the ClickFix[1] attack scenario. The victim is asked to start a PowerShell as administrator and execute a one-liner: [...]
Help Net Security ☛ Microsoft revokes 200 certs used to sign malicious Teams installers - Help Net Security
Microsoft has hampered Vanilla Tempest, a ransomware-wielding threat actor that's been targeting orgs with malware posing as Microsoft Teams.
