💾 Archived View for gemini.tuxmachines.org › n › 2024 › 08 › 24 › Security_Leftovers.gmi captured on 2024-08-25 at 01:56:01. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Tux Machines
Posted by Roy Schestowitz on Aug 24, 2024
Show, Openwashing, BSD, and More
=> https://www.pentestpartners.com/security-blog/how-to-root-an-android-device-for-analysis-and-vulnerability-assessment/ ↺ How to root an Android device for analysis and vulnerability assessment
TL;DR Rooting is useful for Android assessments The process is relatively simple It will wipe all user data from the device and void any warranty
=> https://lwn.net/Articles/986997/ ↺ Security updates for Friday
Security updates have been issued by Fedora (community-mysql, iaito, and radare2), Oracle (python3.12-setuptools and tomcat), Red Hat (krb5 and podman), Slackware (ffmpeg), SUSE (apache2, expat, firefox, webkit2gtk3, and xen), and Ubuntu (imagemagick and libxstream-java).
=> https://www.securityweek.com/in-other-news-faa-improving-cyber-rules-android-malware-enables-atm-withdrawals-data-theft-via-slack-ai/ ↺ In Other News: FAA Improving Cyber Rules, Android Malware Enables ATM Withdrawals, Data Theft via Slack AI
Noteworthy stories that might have slipped under the radar: FAA improving cyber rules for airplanes, NGate Android malware used to steal cash from ATMs, abusing Slack Hey Hi (AI) to steal data.
=> https://www.securityweek.com/degraded-performance-issue-sparks-concern-among-crowdstrike-customers/ ↺ Degraded Performance Issue Sparks Concern Among CrowdStrike Customers
CrowdStrike has addressed a cloud service issue causing degraded performance and boot times for some of its customers.
=> https://www.tomshardware.com/pc-components/motherboards/gigabyte-details-bios-roll-out-plan-to-neutralize-sinkclose-vulnerability-eligible-amd-cpus-should-be-patched-by-end-of-the-month ↺ Gigabyte details BIOS roll-out plan to neutralize Sinkclose vulnerability — eligible AMD CPUs should be patched by end of the month
Gigabyte has confirmed that it will release the latest BIOS for AMD CPUs containing new AGESA microcode to mitigate the Sinkclose vulnerability, and the process will be completed by the end of August.
=> https://siliconangle.com/2024/08/22/disaster-recovery-cubeconversations/ ↺ Disaster recovery in action: Kaseya responds to CrowdStrike crisis
The CrowdStrike Holdings Inc. outage caused huge ripples worldwide, with 96% of customers reporting that they saw an impact, leaving many companies scrambling for disaster recovery solutions.
=> https://hackaday.com/2024/08/23/this-week-in-security-crash-your-iphone-hack-your-site-and-bluetooth-woes/ ↺ This Week In Security: Crash Your IPhone, Hack Your Site, And Bluetooth Woes
There have been some hilarious issues on mobile devices over the years. The HTC Dream had a hidden shell that was discovered when a phone rebooted after sending a text containing just the word “reboot”. iOS has gotten in on the fun from time to time, and this time it’s ""::. Type the double quotes, a colon, and any other character, and Apple’s Springboard service crashes.
=> https://federalnewsnetwork.com/cybersecurity/2024/08/ig-fbi-at-risk-of-having-sensitive-devices-lost-stolen/ ↺ IG: FBI at risk of having sensitive devices lost, stolen
The IG says lackluster practices at an unnamed FBI disposal facility include unsecure spaces coupled with a non-functioning security camera.
=> https://www.securityweek.com/hacker-tried-to-dodge-child-support-by-breaking-into-registry-to-fake-his-death-prosecutors-say/ ↺ Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say
Kentucky man attempted to fake his death to avoid paying child support obligations by hacking into state registries and falsifying official records.
=> https://www.securityweek.com/us-allies-release-guidance-on-event-logging-and-threat-detection/ ↺ US, Allies Release Guidance on Event Logging and Threat Detection
Government agencies in the US and allied countries have released guidance on how organizations can define a baseline for event logging best practices.
=> https://www.securityweek.com/fbi-exposing-sensitive-data-via-improper-handling-of-storage-devices-audit/ ↺ FBI Fails to Secure Sensitive Storage Media Destined for Destruction, Audit Reveals
Audit finds weaknesses in FBI’s inventory management and disposition procedures for drives containing sensitive information.
=> https://www.securityweek.com/solarwinds-leaks-credentials-in-hotfix-for-exploited-web-help-desk-flaw/ ↺ SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw
SolarWinds has issued a Web Help Desk hotfix to remove hardcoded credentials from last week’s hotfix for a critical-severity vulnerability.
=> https://cyberscoop.com/georgia-tech-lawsuit-dod-contracts-cybersecurity/ ↺ DOJ sues Georgia Tech over allegedly failing to meet cyber requirements for DOD contracts
The suit relies on a Civil War-era law that DOJ has increasingly turned to for cyber cases.
=> https://www.securityweek.com/from-cybercrime-to-terrorism-fbi-director-says-america-faces-many-elevated-threats-all-at-once/ ↺ From Cybercrime to Terrorism, FBI Director Says America Faces Many Elevated Threats ‘All at Once’
Wray declined to talk about any specific investigation or threat but said investigations into cyberattacks, including against election infrastructure, candidates or campaigns, require help from the private sector.
=> https://www.techzim.co.zw/2024/08/zim-is-3rd-most-attacked-country-in-world-cause-cybersecurity-is-joke-to-us/ ↺ Zimbabwe is third most attacked country in the world because cybersecurity is a joke us
Zimbabweans are the type of people who would laugh at you if they saw a top-end safe in your home housing just $7.53.
=> https://siliconangle.com/2024/08/22/services-oil-giant-halliburton-disrupted-suspected-ransomware-attack/ ↺ Services at oil giant Halliburton disrupted by suspected ransomware attack
Oil giant Halliburton Co. was hit by a cyberattack on Wednesday that disrupted business operations at the company’s Houston, Texas campus, as well as some of its global networks. The exact form of the attack has not been disclosed.
=> https://www.bleepingcomputer.com/news/microsoft/microsoft-august-updates-cause-windows-server-boot-issues-freezes/ ↺ Microsoft: August updates cause backdoored Windows Server boot issues, freezes
Microsoft has confirmed and fixed a known issue causing performance issues, boot problems, and freezes on Windows Server 2019 systems after installing the August 2024 security updates.