Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Mar 12, 2023

Proprietary Software Leftovers

Open Hardware: Charger, Arduino, and SparkFun

CYBER: LastPass Isn’t Safe and Your Hiking App May be Tracking You

↺ CYBER: LastPass Isn’t Safe and Your Hiking App May be Tracking You

> This week on Cyber we look at the insecure hiking app tracking a former Biden official across D.C., LastPass’s latest breach, Twitter ditching Tor, and ‘Escape from Tarkov’s wiggle problem.

CISA Adds Two Known Exploited Vulnerabilities to Catalog

↺ CISA Adds Two Known Exploited Vulnerabilities to Catalog

> CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

Fortinet Releases March 2023 Vulnerability Advisories

↺ Fortinet Releases March 2023 Vulnerability Advisories

> ortinet has released its March 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Fortinet March 2023 Vulnerability Advisories page for more information and apply the necessary updates.

CISA Releases Five Industrial Control Systems Advisories

↺ CISA Releases Five Industrial Control Systems Advisories

> CISA released five Industrial Control Systems (ICS) advisories on March 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

Cisco Releases Security Advisory for IOS XR Software

↺ Cisco Releases Security Advisory for IOS XR Software

> Cisco has released a security advisory for a vulnerability affecting IOS XR Software for ASR 9000 Series Routers. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

Windows-based ransomware now infects Linux devices as well [Ed: Microsofters have been conflating IBM's proprietary software with "Linux"]

↺ Windows-based ransomware now infects Linux devices as well

> A ransomware variant commonly known to target Windows PCs has recently been found infecting Linux computers as well. The variant does this by exploiting a flaw in IBM's Aspera Faspex software.

Windows ransomware now targeting Linux networks - Global Village Space | Technology [Ed: Misleading attribution]

↺ Windows ransomware now targeting Linux networks - Global Village Space | Technology

> IceFire spotted targeting Linux devices as researchers warn of a growing trend.

gemini.tuxmachines.org