💾 Archived View for gemini.tuxmachines.org › n › 2024 › 06 › 16 › Security_Leftovers.gmi captured on 2024-06-16 at 12:14:57. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Tux Machines
Posted by Roy Schestowitz on Jun 16, 2024
PineTab2: A Linux Tablet Featuring Rockchip RK3566 SoC and DanctNix Arch Linux
DietPi June 2024 News (Version 9.5)
=> https://lwn.net/Articles/978441/ ↺ Driving forward in Android drivers (Project Zero)
This
Project Zero article looks at the exploitation of a few Android driver
bugs in great detail.
=> https://www.schneier.com/blog/archives/2024/06/demo-of-aes-gcm-misuse-problems.html ↺ Demo of AES GCM Misuse Problems
This is really neat demo of the security problems arising from reusing nonces with a symmetric cipher in GCM mode.
=> https://infosec.exchange/@fre/112586389698033590 ↺ demo
=> https://infosec.exchange/@fre/112586389698033590 ↺ demo
=> https://www.theregister.com/2024/06/15/microsoft_brad_smith_congress/ ↺ It's the White House's turn to take on insecure Microsoft • The Register
=> https://lwn.net/Articles/978418/ ↺ Security updates for Friday
Security updates have been issued by CentOS (389-ds-base, bind, bind-dyndb-ldap, and dhcp, firefox, glibc, ipa, less, libreoffice, and thunderbird), Debian (cups), Fedora (chromium and cyrus-imapd), Mageia (golang and poppler), Oracle (bind, bind-dyndb-ldap, and dhcp, gvisor-tap-vsock, python-idna, and ruby), Red Hat (dnsmasq and expat), SUSE (libaom, php8, podman, python-pymongo, python-scikit-learn, and tiff), and Ubuntu (h2database and vte2.91).
=> https://www.securityweek.com/ascension-says-personal-health-information-stolen-in-ransomware-attack/ ↺ Ascension Says Personal, Health Information Stolen in Ransomware Attack
Ascension says patient information was stolen in an early-May ransomware attack that involved an employee downloading malware.
=> https://www.securityweek.com/in-other-news-fuxnet-ics-malware-google-user-tracking-cisa-employee-scams/ ↺ In Other News: Fuxnet ICS Malware, Surveillance Giant Google User Tracking, CISA Employee Scams
Noteworthy stories that might have slipped under the radar: Overview of the ICS malware Fuxnet, Surveillance Giant Google accused of tracking users, scammers impersonate CISA staff.
=> https://www.hezmatt.org/~mpalmer/blog/2024/06/14/information-security-we-can-do-it-right-we-choose-not-to.html ↺ Matthew Palmer: Information Security: "We Can Do It, We Just Choose Not To"
Whenever a large corporation disgorges the personal information of millions of people onto the Internet, there is a standard playbook that is followed.
=> https://blog.trailofbits.com/2024/06/14/announcing-the-burp-suite-professional-chapter-in-the-testing-handbook/ ↺ Announcing the Burp Suite Professional chapter in the Testing Handbook
Based on our security auditing experience, we’ve found that Burp Suite Professional’s dynamic analysis can uncover vulnerabilities hidden amidst the maze of various target components. Unpredictable security issues like race conditions are often elusive when examining source code alone.
=> https://www.securityweek.com/pakistani-threat-actors-caught-targeting-indian-gov-entities/ ↺ Pakistani Threat Actors Caught Targeting Indian Gov Entities
Security researchers at Cisco Talos and Volexity flag two Pakistani espionage campaigns targeting Indian government entities.
=> https://www.securityweek.com/openai-appoints-former-nsa-director-paul-nakasone-to-board-of-directors/ ↺ OpenAI Appoints Former NSA Director Paul Nakasone to Board of Directors
Retired U.S. Army General Paul M. Nakasone brings cybersecurity experience to OpenAI's Board of Directors and Safety and Security Committee.
=> https://www.securityweek.com/edge-devices-the-new-frontier-for-mass-exploitation-attacks/ ↺ Edge Devices: The New Frontier for Mass Exploitation Attacks
The increase in mass exploitation involving edge services and devices is likely to worsen.
=> https://www.securityweek.com/rockwell-automation-patches-high-severity-vulnerabilities-in-factorytalk-view-se/ ↺ Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE
Rockwell Automation has patched three high-severity vulnerabilities in its FactoryTalk View SE HMI software.
=> https://www.securityweek.com/cisa-warns-of-progress-telerik-vulnerability-exploitation/ ↺ CISA Warns of Progress Telerik Vulnerability Exploitation
CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.
=> https://openssf.org/blog/2024/06/14/openssf-guac-tech-talk-highlights/ ↺ OpenSSF GUAC Tech Talk Highlights
Last week, the community convened for the OpenSSF Tech Talk, spotlighting GUAC (Graph for Understanding Artifact Composition).
=> https://www.securityweek.com/microsoft-delaying-recall-feature-to-improve-security/ ↺ Microsoft Delaying Recall Feature to Improve Security
Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.
=> https://siliconangle.com/2024/06/14/microsoft-delays-release-windows-11s-recall-feature/ ↺ Microsoft delays release of backdoored Windows 11’s Recall feature
Microsoft Corp. has pushed back the release date of Recall, an upcoming backdoored Windows 11 feature that will enable users to more quickly find files and applications they accessed in the past. The company announced the decision in a late Thursday update on the official backdoored Windows blog.