Security Leftovers
-
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (bluez, chromium, gst-plugins-bad1.0, openssh, and thunderbird), Fedora (chromium, firefox, kernel, libssh, nss, opensc, and thunderbird), Gentoo (Arduino, Exiv2, LibRaw, libssh, NASM, and QtWebEngine), Mageia (gstreamer), and SUSE (gnutls, gstreamer-plugins-bad, libcryptopp, libqt5-qtbase, ppp, tinyxml, xorg-x11-server, and zbar).
-
Pen Test Partners ☛ Socks! Our cyber prediction for 2024
I get pretty bored of reading pointless prediction puff pieces from vendors about what is going to happen next year in cyber.
-
Security Week ☛ Google Rushes to Patch Eighth Chrome Zero-Day This Year
Google warns of in-the-wild exploitation of CVE-2023-7024, a new Chrome vulnerability, the eighth documented this year.
-
OpenSSF (Linux Foundation) ☛ Recap of OpenSSF Day Japan
As 2023 drew to a close, OpenSSF convened the open source community in Tokyo, Japan, to delve into discussions surrounding the challenges, overarching solutions, ongoing initiatives, and triumphs in fortifying the open source software (OSS) supply chain. Alongside dedicated OpenSSF contributors and thought leaders, we embarked on an in-depth exploration of topics such as security best practices, vulnerability discovery, securing critical projects, and the evolving landscape of OSS security.
-
Silicon Angle ☛ Commerce Department to launch review of U.S. chip supply chain
The Department of Commerce is launching a review into the supply chain through which U.S. companies source chips for their hardware products. The review, which was announced today, will be carried out by the department’s Bureau of Industry and Security. Work on the project is set to begin next month.
-
Security Week ☛ Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product
Ivanti has patched 20 vulnerabilities in its Avalanche MDM product, including a dozen remote code execution flaws rated critical.
-
Security Week ☛ ESO Solutions Data Breach Impacts 2.7 Million Individuals
ESO Solutions is informing 2.7 million individuals of a data breach impacting their personal and health information.
-
Security Week ☛ ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature
ESET has patched CVE-2023-5594, a high-severity vulnerability that can cause a browser to trust websites that should not be trusted.
-
Security Week ☛ Celebrities Found in Unprotected Real Estate Database Exposing 1.5 Billion Records
Real Estate Wealth Network database containing real estate ownership data, including for celebrities and politicians, was found unprotected.
-
SANS ☛ Shall We Play a Game, (Fri, Dec 22nd)
I used this subject because I found yesterday a small game in Python that offers not only some fun but also malicious code that will exfiltrate your browser data
-
Understanding QEMU’s Role in Linux System Emulation Security
QEMU (Quick EMUlator) is an open-source emulator that enables users to run several operating systems on host systems. It is widely used for system-level virtualization and emulation, allowing users to run guest operating systems on different architectures. QEMU supports various architectures, including x86, ARM, MIPS, PowerPC, and more.
-
Fast Company ☛ U.S. water utilities were hacked after leaving their default passwords set to ‘1111,’ cybersecurity officials say
Providers of critical infrastructure in the United States are doing a sloppy job of defending against cyber intrusions, the National Security Council tells Fast Company, pointing to recent Iran-linked attacks on U.S. water utilities that exploited basic security lapses.
The security council tells Fast Company it’s also aware of recent intrusions by hackers linked to China’s military at American infrastructure entities that include water and energy utilities in multiple states. Neither the Iran-linked or China-linked attacks affected critical systems or caused disruptions, according to reports.
-
BSNL experiences data breach, hacker shares some information on the dark web
India’s state-owned telecom operator, Bharat Sanchar Nigam Ltd (BSNL), experienced a substantial data breach, placing the personal information of thousands of users at risk. Reports indicated that a threat actor on the dark web had claimed possession of critical information related to BSNL’s fiber and landline users.
According to a report by ET, the threat actor, operating under the pseudonym “Perell,” has purportedly shared a “sample dataset” on the dark web, containing sensitive information of BSNL’s fiber and landline users. The hacker is alleged to have obtained crucial details, including email addresses, billing information, contact numbers, and other sensitive data.
-
Stat ☛ Health data breaches hit an all-time high in 2023
Odds are, you’ve gotten at least one of the unnerving letters in your mailbox this year: “We’re writing to inform you of a cybersecurity incident,” it might start. It’s the standard notice many health care organizations are required to provide when your protected health information gets exposed — and in 2023, data leaks, hacks, and mishandling led more of them to be delivered than ever before.
-
WTOP Radio ☛ Fairfax Co. concludes investigation into student data breach
An investigation into how Fairfax County Public Schools accidentally shared other students’ private information with a parent during a fall meeting has concluded, Superintendent Michelle Reid said in a letter to families Thursday.
The external review, conducted by the law firm Woods Rogers, found that the data breach occurred because the parent had access to old thumb drives with unredacted files, the school division said.
The county gathered the files in response to the parent’s previous Family Educational Rights and Privacy Act information request, and they were “unintentionally and unknowingly left within boxes accessible to the parent during her in‑person review, who copied the files and removed them from FCPS property,” according to the findings.
-
Sydney Morning Herald ☛ St Vincent’s Health falls victim to cyberattack [Ed: Actual breach euphemised as merely a "cyberattack"]
St Vincent’s Health says it has sustained a cyberattack and hackers have stolen data from its network, with the hospital and aged care provider urgently investigating the incident.
St Vincent’s, which is the nation’s largest not-for-profit health and aged care provider, said it discovered the attack on Tuesday and an investigation into what data has been stolen remained ongoing. It is unclear if the hack involved patients’ data.
-
Data Breaches ☛ Lapsus$: GTA 6 hacker Arion Kurtaj sentenced to secure hospital for indefinite period
So might Artaj wind up spending the rest of his life in a hospital setting? It’s possible, but unlikely. It depends on whether he gets any real treatment and/or learns how to manage his symptoms and urges — or at least fake it so that he convinces doctors he is no longer a threat.