Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jul 22, 2023

Linux Kernel 6.3 Reaches End of Life, Users Urged to Upgrade to Linux 6.4

IBM and Red Hat Leftovers

Zyxel Vulnerability Exploited by DDoS Botnets on Linux Systems [Ed: This problem here is not Linux but some proprietary software.]

↺ Zyxel Vulnerability Exploited by DDoS Botnets on Linux Systems

> Distributed Denial of Service (DDoS) botnets have been used to actively exploit a critical vulnerability found in Zyxel firewall models.

> The flaw, identified by Fortinet security researchers as CVE-2023-28771, explicitly affects Linux platforms.

> Exploiting the vulnerability, remote attackers gain unauthorized control over the vulnerable systems, enabling them to conduct DDoS attacks.

> [...]

> "The severity of this flaw, rated 9.8 on the CVSS scoring system, was reported by researchers from TRAPA Security," Lin wrote.

Three key unanswered questions about the Chinese breach of Microsoft cloud services

↺ Three key unanswered questions about the Chinese breach of Microsoft cloud services

> Repeated breaches of cloud computing services makes understanding a recent incident affecting Microsoft essential.

Financial cybercrime syndicate deploys reworked backdoor malware

↺ Financial cybercrime syndicate deploys reworked backdoor malware

> Active since 2016, the group known as Syssphinx continues to refine its attack methods to deploy ransomware.

Security updates for Friday [LWN.net]

↺ Security updates for Friday [LWN.net]

> Security updates have been issued by Fedora (golang, nodejs16, nodejs18, and R-jsonlite), Red Hat (java-1.8.0-openjdk and java-17-openjdk), SUSE (container-suseconnect, redis, and redis7), and Ubuntu (wkhtmltopdf).

CISA Advisory: Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

↺ CISA Advisory: Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

Clop gang to earn over $75 million from MOVEit extortion attacks

↺ Clop gang to earn over $75 million from MOVEit extortion attacks

> Lawrence Abrams takes us through a recent Coveware report on Clop’s shifting strategies and how recent trends in exfiltration-only have impacted the amount of ransom victims are paying.

How we tried to book a train ticket and ended up with a databreach with 245,000 records

↺ How we tried to book a train ticket and ended up with a databreach with 245,000 records

> To celebrate Franco-German friendship, German Transport Minister Wissing and his French counterpart Beaune came up with something special: 30,000 free Interrail tickets per country for travel in Germany and France for young adults between 18 and 27. Codename: “Passe France Allemagne”

> However, many things went wrong when the Interrail passes were distributed. In the following, we want to take you on a journey through the stages of the not-so-well-implemented ticket and show you how you could still get a pass after registration ended.

SEC to Consider Cyber Rules Next Week

↺ SEC to Consider Cyber Rules Next Week

> According to a recently-released meeting agenda, the Securities and Exchange Commission’s (“SEC”) upcoming July 26, 2023 meeting will include consideration of adopting rules to enhance disclosures regarding cybersecurity risk management, governance, and incidents by publicly traded companies.

Data breach exposes personal information of 4,000 Roblox developers

↺ Data breach exposes personal information of 4,000 Roblox developers

> The leaked data contains sensitive information like home address, phone number, date of birth, and even T-shirt size.

FTC and HHS Warn Hospital Systems and Telehealth Providers about Privacy and Security Risks from Online Tracking Technologies

↺ FTC and HHS Warn Hospital Systems and Telehealth Providers about Privacy and Security Risks from Online Tracking Technologies

> Letters highlight concerns stemming from use of technologies that may share a user’s sensitive health information

gemini.tuxmachines.org