Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jun 02, 2023

Red Hat Buying Many Puff Pieces About Itself

LWN Coverage of 2023 Linux Storage, Filesystem, Memory-Management and BPF Summit

Security updates for Thursday [LWN.net]

↺ Security updates for Thursday [LWN.net]

> Security updates have been issued by Debian (libwebp, openssl, sssd, and texlive-bin), Fedora (bitcoin-core, editorconfig, edk2, mod_auth_openidc, pypy, pypy3.9, python3.10, and python3.8), Red Hat (kernel, openssl, pcs, pki-core:10.6, and qatzip), SUSE (chromium, ImageMagick, openssl-1_1, and tiff), and Ubuntu (cups, libvirt, and linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-hwe-5.15, linux-hwe-5.19, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi).

Your Business Data and Machine Learning at Risk: Attacks Against Apache NiFi, (Tue, May 30th)

↺ Your Business Data and Machine Learning at Risk: Attacks Against Apache NiFi, (Tue, May 30th)

> A dataset used for machine learning may arrive in one format [...] but to conveniently use it for training, it must be converted to JSON or inserted into a database. The features are not just attractive to machine learning, but many business processes require similar functionality.

Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign

↺ Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign

> A group called "Dark Pink" is likely based in Southeast Asia and shows signs of development and ongoing activity, researchers say.

New Rezilion Smart Fix offers guidance to patching vulnerable components [Ed: Yet another company that sells "patches as a disservice"]

↺ New Rezilion Smart Fix offers guidance to patching vulnerable components

> DevSecOps automation tools startup Rezilion Inc. today announced a new feature called Smart Fix that offers critical guidance for users to understand the most strategic upgrade to fix vulnerable components.

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more! [Ed: Cladded with Microsoft spam/ads and pushing this as a Microsoft proprietary thing, with back doors (Hyper-V)]

↺ Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!

> Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform.

Another hospital hit by ransomware: Mission Community Hospital

↺ Another hospital hit by ransomware: Mission Community Hospital

> On Wednesday, RansomHouse threat actors claimed responsibility for the attack and provided a number of files as proof. They claim to have downloaded 2.5 TB of data.

> [...]

> There is no statement or notice about any incident or breach on the hospital’s website. DataBreaches has sent an inquiry asking them about the claimed attack and their response to date. This post will be updated if a reply is received or more information becomes available.

Barracuda zero-day abused since 2022 to drop new malware, steal data

↺ Barracuda zero-day abused since 2022 to drop new malware, steal data

> Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers’ Email Security Gateway (ESG) appliances with custom malware and steal data.

> The company says an ongoing investigation found that the bug (tracked as CVE-2023-2868) was first exploited in October 2022 to gain access to “a subset of ESG appliances” and deploy backdoors designed to provide the attackers with persistent access to the compromised systems.

Yet Another Toyota Cloud Data Breach Jeopardizes Thousands of Customers [Ed: When the car collects far too much data about you (for no good reason of benefit to you)]

↺ Yet Another Toyota Cloud Data Breach Jeopardizes Thousands of Customers

> Toyota Motor Corp. today announced its discovery of yet another data breach — this time, two misconfigured cloud services were found leaking 260,000 car owners’ personal information over a seven-year period.

> This discovery comes after the car manufacturer conducted an investigation of its cloud features in the wake of announcing earlier in the month that the data of 2.15 million customers was available for over 10 years to anyone on the Internet, also due to a misconfigured cloud bucket.

Radiology practice suffers ‘significant’ cyberattack

↺ Radiology practice suffers ‘significant’ cyberattack

> An Oregon radiology practice suffered a “significant” cyberattack over the Memorial Day weekend, according to published reports.

> Medford Radiology Group has retained a team of computer forensics experts to help aid in its response. The 75-year-old practice also has alerted partner organizations such as the Asante and Providence hospital systems after learning of the incident on May 26.

> “We are utilizing all available resources to offer radiology services and patient care to the extent possible while our experts and the Medford team work as quickly as possible to fully restore operations,” the practice said in a statement shared with local media outlets.

BlackByte attacks City of Augusta, GA and demands a ransom of $2 million [Ed: Windows TCO, see screenshot]

↺ BlackByte attacks City of Augusta, GA and demands a ransom of $2 million

> In this article we will not only address the part relating to the attack carried out by BlackByte on the IT systems of the City of Augusta, the theft of tens of GB of data or the real amount of the ransom requested by the ransomware group. Above all, we will tell about the negligence and errors committed by a high-level employee of the IT department and his poor management and security of the data of the employees and citizens of the American city, but above all of his lack of supervision

gemini.tuxmachines.org