Security Leftovers
-
QSB-094: x86/AMD: Divide speculative information leak
We have published Qubes Security Bulletin 094: x86/AMD: Divide speculative information leak. The text of this QSB and its accompanying cryptographic signatures are reproduced below. For an explanation of this announcement and instructions for authenticating this QSB, please see the end of this announcement.
-
XSAs released on 2023-09-25
The Xen Project has released one or more Xen security advisories (XSAs).
-
TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data
TransUnion denies suffering a breach after a hacker publishes 3GB of data allegedly stolen from the credit reporting firm.
-
Atlassian Security Updates Patch High-Severity Vulnerabilities
Atlassian has released patches for multiple high-severity vulnerabilities in Jira, Confluence, Bitbucket, and Bamboo products.
-
Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks [Ed: Those agencies don't value real security either]
The FBI and CISA are warning critical infrastructure organizations of ongoing Snatch ransomware attacks, which also involve data exfiltration.
-
Joint FBI and CISA advisory warns of Snatch ransomware operation [Ed: They themselves undermine security]
The U.S. Federal Bureau of Investigation and the Cybersecurity and Infrastructure Agency today released a joint cybersecurity advisory warning of the Snatch ransomware operation. Snatch first appeared in 2018 and operates on a ransomware-as-a-service model.
-
‘Cybersecurity Incident’ Hits ICC
The International Criminal Court was hit by what it called "anomalous activity" regarding its IT systems and that it was currently responding to this "cybersecurity incident."
-
Thousands of Juniper Appliances Vulnerable to New Exploit
VulnCheck details a new fileless exploit targeting a recent Junos OS vulnerability that thousands of devices have not been patched against.
-
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.
-
Critical Vulnerability in libwebp Library
Both Apple and Google have recently reported critical vulnerabilities in their systems—iOS and Chrome, respectively—that are ultimately the result of the same vulnerability in the libwebp library:
On Thursday, researchers from security firm Rezillion published evidence that they said made it “highly likely” both indeed stemmed from the same bug, specifically in libwebp, the code library that apps, operating systems, and other code libraries incorporate to process WebP images.
-
macOS 14 Sonoma Patches 60 Vulnerabilities
macOS 14 Sonoma has been officially released by Apple and the latest version of the operating system patches over 60 vulnerabilities.
-
GPUs from Nvidia, AMD, Intel, and Others Vulnerable to Pixel-Stealing GPU-zip Attack
A side-channel vulnerability allows for individual pixels to be recovered after being processed through a GPU's memory compression algorithms. The issues hit all GPU vendors, and are exploitable through at least Edge and Chrome.
-
Chinese Gov Hackers Caught Hiding in Cisco Router Firmware
The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently hop around the corporate networks of U.S. and Japanese companies.
-
CISA Unveils New HBOM Framework to Track Hardware Components
CISA unveils a new Hardware Bill of Materials (HBOM) framework for buyers and sellers to communicate about components in physical products.
-
Stolen GitHub Credentials Used to Push Fake Dependabot Commits
Threat actors have been using stolen GitHub personal access tokens to push malicious code posing as Dependabot contributions.
-
Which security framework? All of them, in the SCF
TL;DR: All roads lead to Rome. There are plenty of ways to meet your security requirements ISO 27001 is not everything.