-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Mar 18, 2023,
updated Mar 18, 2023
> Security updates have been issued by Debian (sox and thunderbird), Fedora (containerd, libtpms, mingw-binutils, mingw-LibRaw, mingw-python-werkzeug, stargz-snapshotter, and tkimg), Slackware (mozilla and openssh), SUSE (apache2, firefox, hdf5, jakarta-commons-fileupload, kernel, perl-Net-Server, python-PyJWT, qemu, and vim), and Ubuntu (abcm2ps, krb5, and linux-intel-iotg).
> Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs the victim’s phone number.
> Ring offers security products. Shame they’re not all that secure. Sure, things have improved in recent years, but there was nowhere to go but up.
> Firefox 111 patches 13 CVEs, including several vulnerabilities classified as high severity.
> Microsoft says Russia targeted at least 17 European nations in 2023 — mostly governments — and 74 countries since the start of the Ukraine war.
> A decryption tool for a modified version of the Conti ransomware could help hundreds of victims recover their files for free.
> The utility works with data encrypted with a strain of the ransomware that emerged after the source code for Conti was leaked last year in March [1, 2].
> Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.
> Google has warned that some of its smartphones running the company's own Android operating system, as well as other devices from manufacturers such as Samsung and Vivo, could be accessed by third-party actors without owners ever becoming aware of such a breach.
> TopClassActions reports that a class action lawsuit against Orlando Family Physicians (OFP) has settled for an undisclosed sum. The settlement, which doesn’t include any admission of guilt by OFP, resolves claims surrounding an April 2021 data breach.
> Russia-backed threat group Winter Vivern has targeted government entities in Poland, Ukraine, Italy, and India in recent campaigns
> Health services company Independent Living Systems has disclosed a data breach that impacts more than 4 million individuals.
> On February 22, DataBreaches received a tip about a listing offering patient data allegedly from El Camino Health in California. The listing was not on any of the usual leak sites, markets, or forums, and the poster was unknown to DataBreaches.
> Ukraine’s cyberpolice has arrested the developer of a remote access trojan (RAT) malware that infected over 10,000 computers while posing as game applications.
> “The 25-year-old offender was exposed by employees of the Khmelnychchyna Cybercrime Department together with the regional police investigative department and the SBU regional department,” reads the cyberpolice’s announcement.
> Federal agents have arrested a Peekskill, New York, man they say ran the notorious dark web data-breach site “BreachForums” under the name “Pompompurin.”
> Conor Brian Fitzpatrick was arrested by a team of investigators at his home around 4:30 p.m. Wednesday, an FBI agent said in a sworn statement filed in court the next day. Fitzpatrick is charged with a single count of conspiracy to commit access device fraud.
> The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forum’s administrator “Pompompurin” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums, a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022.
-- Response ended
-- Page fetched on Sat Jun 1 09:12:03 2024