-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Aug 02, 2023
> Security updates have been issued by Debian (tiff), Fedora (curl), Red Hat (bind, ghostscript, iperf3, java-1.8.0-ibm, nodejs, nodejs:18, openssh, postgresql:15, and samba), Scientific Linux (iperf3), Slackware (mozilla and seamonkey), SUSE (compat-openssl098, gnuplot, guava, openssl-1_0_0, pipewire, python-requests, qemu, samba, and xmltooling), and Ubuntu (librsvg, openjdk-8, openjdk-lts, openjdk-17, openssh, rabbitmq-server, and webkit2gtk).
> The Hidden Virtual Network Computing (hVNC) malware infests Macs and silently executes complete takeovers, with no user permission needed. It also sports persistence through reboots.
> Fall of August 1991: Linus Torvalds, a student at the University of Helsinki, creates an operating system as a hobby. The motive? Creating a free, open-source alternative to MINIX.
> US officials have discovered what they suspect is Chinese malware that has infiltrated US military systems with the intent to 'disrupt'.
> It found the average total cost of a breach this year was about US$4.45 million, an increase from the previous year when the estimated cost was US$4.35 million.
> Looking at the increase from 2020, IBM said that the figure in that year was US$3.86 million, indicating a rise of about 15.3% over three years.
> The IBM figures were based on data supplied by the Ponemon Institute; a total of 553 organisations affected by breaches between March 2022 and March this year were studied.
> Callow added: "The US$16 billion figure is based only on breach reports that have stated the number of individuals impacted, and only 93 of the 550 known victims have filed such a report.
> "Additionally, there are undoubtedly more victims than the 550 which are known. We’ll likely not know how many more victims are out there for weeks or even months.”
> An unknown group of hackers is using a novel strain of malware to attack publicly accessible deployments of Redis '' a popular data storage tool used by major companies like Amazon, Hulu and Tinder.
> Sophisticated Rust-based malware infecting Redis data stores to self-replicate and inject payloads into servers. Researchers at Cado Security decompiled the activities to get identifiable indicators.
> Researchers at cloud forensics and incident response platform startup Cado Security Ltd. today detailed a recently discovered malware campaign aimed at Redis data store deployments. Redis is an open-source in-memory data structure store used as a database, cache and message broker that supports various data structures such as strings, hashes, lists and sets.
> CISA has shared analysis reports on three malware families obtained from an organization hacked via a recent Barracuda ESG vulnerability.
> Researchers have just published a paper showing how to automate the discovery of prompt injection attacks. They look something like this:
> That one works on the ChatGPT-3.5-Turbo model, and causes it to bypass its safety rules about not telling people how to build bombs.
> Look at the prompt. It’s the stuff at the end that causes the LLM to break out of its constraints. The paper shows how those can be automatically generated. And we have no idea how to patch those vulnerabilities in general. (The GPT people can patch against the specific one in the example, but there are infinitely more where that came from.)...
> BleepingComputer reports that VMware ESXi servers have been subjected to attacks involving a Linux version of the Abyss Locker ransomware, making the ransomware operation, which only emerged in March, to be the latest to target VMware ESXi with a Linux encryptor, following the Akira, Black Basta, LockBit, Royal, REvil, and Hive ransomware groups, among others.
> Discovery at Home provides senior home healthcare services to seniors in Florida and Texas. On July 31, they issued a website notice about a phishing incident they discovered on June 1. As they describe it, the scheme resulted in the transmittal of personal health information to an unauthorized third-party sender.
> Elements of personal information that may have been compromised included: name, address, date of birth, medical information, including dates of service, certain treatment-related information, health insurance information, insurance beneficiary number, claim number, and policy number.
> SolarWinds Corp. will pay $26 million to settle an investor suit alleging it failed to disclose security vulnerabilities before a massive cyberattack, under an agreement given final approval by a federal court.
> CloudSEK’s contextual AI digital risk platform XVigil has discovered a post on an English speaking cybercrime forum, sharing a database of PHI-IIIT Delhi for Forum credits. A total of 82 Databases were compromised and leaked data.
> A consistent pattern emerges in data breach and cyber-attack cases when companies turn to their insurers for coverage after such incidents. Whether they possess specialized cyber insurance or not, insurers often decline claims, citing various reasons such as failure to provide timely notice, failure to mitigate costs, employee misconduct or criminal activity leading to the breach, or attributing the losses to a party not covered by the policy. This holds true for both General Casualty or Liability policies (GCL) and specialized cyber liability insurance policies, covering damage to electronic assets.
> The Privacy Commissioner is “frustrated” to have learnt about a “serious” privacy breach through the media, relating to the email addresses of 147 firearms owners being spilled.
> In July, it was reported that the email addresses of licence holders were to sent to each other after a list of addresses was pasted in the carbon copy (cc) address field, rather than as in the blind carbon copy (bcc) field.
> An NHS trust has been reprimanded by the UK’s data protection regulator after it was discovered that staff had been sharing patient details on an unapproved app for two years.
> Some 26 staff at NHS Lanarkshire accessed the WhatsApp group between April 2020 and April 2022, entering sensitive patient data including names, phone numbers, addresses, images, videos, screenshots and clinical information, according to the Information Commissioner’s Office (ICO).
> The Township of Montclair’s insurer negotiated a settlement of $450,000 with the people behind a recent “cyber incident” in order to end the attack, a report says. […]
> “To guard against future incidents, the township has installed the most sophisticated dual authentication system available to its own system and it is currently up and running,” Hartnett said.
> Here’s yet one more case to note about standing and how cases may get dismissed before they even really get started. This case involved Syracuse ASC, LLC. In 2021, they experienced a cyberattack and notified 24,891 patients. A copy of their notification was posted to the Vermont Attorney General’s website at the time.
> In due course, a patient sued, seeking potential class-action status (Greco v. Syracuse ASC LLC).
> As Jeffrey Haber of Freiberger Haber LLP reminds us, in order to have Article III standing to sue, a plaintiff must allege the existence of an injury-in-fact that ensures that s/he has some concrete interest prosecuting the action.
> Thousands of health-care workers’ personal information has been compromised in a data breach that’s targeted servers at the Health Employers Association of BC.
> Hackers had access to the HEABC system from May 9 to June 10, and the breach wasn’t detected until July 13, according to the association.
> Learn about the tactics scammers use to trick victims out of their money
-- Response ended
-- Page fetched on Sat Jun 1 08:26:24 2024