Tux Machines

Security Leftovers (UPDATED)

Posted by Roy Schestowitz on Oct 28, 2022,

updated Oct 28, 2022

=> Red Hat and Fedora | today's howtos

Security updates for Friday

=> ↺ Security updates for Friday

Security updates have been issued by Debian (expat, ruby-sinatra, and thunderbird), Fedora (glances), Mageia (cups, firefox, git, heimdal, http-parser, krb5-appl, minidlna, nginx, and thunderbird), Oracle (389-ds:1.4, device-mapper-multipath, firefox, mysql:8.0, postgresql:12, and thunderbird), SUSE (dbus-1, libconfuse0, libtasn1, openjpeg2, qemu, and thunderbird), and Ubuntu (dbus, linux-azure-fde, and tiff).

Critical Vulnerability in Open SSL - Schneier on Security

=> ↺ Critical Vulnerability in Open SSL - Schneier on Security

There are no details yet, but it’s really important that you patch Open SSL 3.x when the new version comes out on Tuesday.

Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints [Ed: Microsoft Windows TCO]

=> ↺ Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints | ↺ Microsoft Windows TCO

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

=> ↺ Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser.

The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine.

Security researchers Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022.

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

=> ↺ Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

This includes a web shell called reGeorg, which has been put to use by other actors like APT28, DeftTorero, and Worok, and a never-before-seen malware dubbed Danfuan, which is engineered to execute received C# code.

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

=> ↺ These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud.

UPDATE

3 more:

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

=> ↺ High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

The issues have been addressed in Junos OS versions 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, and later.

Joint CISA FBI MS-ISAC Guide on Responding to DDoS Attacks and DDoS Guidance for Federal Agencies

=> ↺ Joint CISA FBI MS-ISAC Guide on Responding to DDoS Attacks and DDoS Guidance for Federal Agencies

CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released Understanding and Responding to Distributed Denial-of-Service Attacks provide organizations proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks. The guidance is for both network defenders and leaders to help them understand and respond to DDoS attacks, which can cost an organization time, money, and reputational damage.

VMware Releases Security Updates

=> ↺ VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware Cloud Foundation. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

=> gemini.tuxmachines.org