Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Apr 26, 2023

=> /n/2023/04/26/Unix_Vs_Linux_What_s_the_Difference.gmi Unix Vs Linux: What’s the Difference

=> /n/2023/04/26/today_s_howtos.1.gmi today's howtos

Release of a Technical Report into Intel Trust Domain Extensions

=> https://googleprojectzero.blogspot.com/2023/04/technical-report-into-intel-tdx.html ↺ Release of a Technical Report into Intel Trust Domain Extensions

Today, members of Google Project Zero and Google Cloud are releasing a report on a security review of Intel's Trust Domain Extensions (TDX). TDX is a feature introduced to support Confidential Computing by providing hardware isolation of virtual machine guests at runtime. This isolation is achieved by securing sensitive resources, such as guest physical memory. This restricts what information is exposed to the hosting environment.

=> https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html ↺ Trust Domain Extensions

=> https://cloud.google.com/confidential-computing ↺ Confidential Computing

=> https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html ↺ Trust Domain Extensions

=> https://cloud.google.com/confidential-computing ↺ Confidential Computing

Attackers Abuse Kubernetes RBAC to Deploy Persistent Backdoor

=> https://www.securityweek.com/attackers-abuse-kubernetes-rbac-to-deploy-persistent-backdoor/ ↺ Attackers Abuse Kubernetes RBAC to Deploy Persistent Backdoor

Threat actors have been observed abusing Kubernetes RBAC to create backdoors and hijack cluster resources for cryptocurrency mining.

External Signs of Narcissism – Raising Awareness to Avoid Collateral Damage

=> https://www.securityweek.com/external-signs-of-narcissism-raising-awareness-to-avoid-collateral-damage/ ↺ External Signs of Narcissism – Raising Awareness to Avoid Collateral Damage

Learning how to spot the signs of narcissism and identify narcissists will help us ensure that we do not bring these people into our security and fraud teams, or our enterprises.

To combat cybercrime, US law enforcement increasingly prioritizes disruption

=> https://cyberscoop.com/doj-cybercrime-disruption-ransomware/ ↺ To combat cybercrime, US law enforcement increasingly prioritizes disruption

Rather than focusing on arrests, U.S. law enforcement is trying to prevent additional victims of online crime.

Collaboration between CISA, Cyber Command thwarted dangerous cyberattacks, officials said

=> https://cyberscoop.com/information-sharing-cisa-cyber-commands-rsa-conference/ ↺ Collaboration between CISA, Cyber Command thwarted dangerous cyberattacks, officials said

During the 2023 RSA Conference, top officials provided rare insight into sharing information to protect U.S. networks from malicious hackers.

Industrial security vendors partner to share intelligence about critical infrastructure threats

=> https://cyberscoop.com/emerging-threat-open-sharing-industrial-cybersecurity/ ↺ Industrial security vendors partner to share intelligence about critical infrastructure threats

The biggest companies working in industrial cybersecurity are building an early-warning platform called ETHOS to share threat intelligence.

38 Countries Take Part in NATO’s 2023 Locked Shields Cyber Exercise

=> https://www.securityweek.com/38-countries-take-part-in-natos-2023-locked-shields-cyber-exercise/ ↺ 38 Countries Take Part in NATO’s 2023 Locked Shields Cyber Exercise

More than 3,000 participants from 38 countries took place in NATO’s 2023 Locked Shields cyber defense exercise.

Critical Flaw in Inea ICS Product Exposes Industrial Organizations to Remote Attacks

=> https://www.securityweek.com/critical-flaw-in-inea-ics-product-exposes-industrial-organizations-to-remote-attacks/ ↺ Critical Flaw in Inea ICS Product Exposes Industrial Organizations to Remote Attacks

Critical vulnerability found in Inea RTU can be exploited to remotely hack devices and cause disruption in industrial organizations.

North Korean Hackers Target Mac Users With New ‘RustBucket’ Malware

=> https://www.securityweek.com/north-korean-hackers-target-mac-users-with-new-rustbucket-malware/ ↺ North Korean Hackers Target Mac Users With New ‘RustBucket’ Malware

North Korea-linked hacking group BlueNoroff/Lazarus was seen using the RustBucket macOS malware in recent attacks.

SolarWinds Platform Update Patches High-Severity Vulnerabilities

=> https://www.securityweek.com/solarwinds-platform-update-patches-high-severity-vulnerabilities/ ↺ SolarWinds Platform Update Patches High-Severity Vulnerabilities

SolarWinds has patched two high-severity vulnerabilities that could lead to command execution and privilege escalation.

New Data Sharing Platform Serves as Early Warning System for OT Security Threats

=> https://www.securityweek.com/new-data-sharing-platform-serves-as-early-warning-system-for-ot-security-threats/ ↺ New Data Sharing Platform Serves as Early Warning System for OT Security Threats

Several OT cybersecurity firms have teamed up to create an information sharing platform designed to serve as an early warning system for critical infrastructure.

Huntress: Most PaperCut Installations Not Patched Against Already-Exploited Security Flaw

=> https://www.securityweek.com/huntress-most-papercut-installations-not-patched-against-already-exploited-security-flaw/ ↺ Huntress: Most PaperCut Installations Not Patched Against Already-Exploited Security Flaw

Researchers warn that majority of Windows and macOS PaperCut installations still vulnerable to critical vulnerability already exploited in malware attacks.

How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

=> https://www.linuxsecurity.com/features/features/secure-against-wordpress-vulnerabilities-with-zerolock ↺ How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

WordPress is one of the most popular content management systems in the world due to the ability it gives non-technical, inexperienced users to create professional, effective websites. According to data from W3Techs, WordPress was used by 43% of all websites on the Internet in 2022.
This widespread usage, combined with persistent security vulnerabilities, has put a target on WordPress’s back. Malicious hackers have come to view attacks exploiting WordPress vulnerabilities as an easy and effective way to gain access to valuable credentials and infect systems with harmful software.
Securing WordPress sites against damaging attacks is a challenge, as new vulnerabilities are constantly being discovered, and even sites that are considered secure are frequently breached with emerging attacks. In this article, we introduce a minimum impact solution that leverages predictive analysis detection and automated remediation, and demonstrate its effectiveness in securing WordPress sites against attacks exploiting both new and known flaws.

gemini.tuxmachines.org