Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Feb 04, 2023

=> GNOME and KDE Development Updates | CTparental: Linux Parental Control Software With Category-Based Website Filtering, Computer Usage Limits

Feds say cyberattack caused suicide helpline’s outage

=> ↺ Feds say cyberattack caused suicide helpline’s outage

A cyberattack caused a nearly daylong outage of the nation’s new 988 mental health helpline late last year, federal officials tell The Associated Press. Lawmakers are now calling for the federal agency that oversees the program to prevent future attacks.

Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty

=> ↺ Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty

Former Ubiquiti employee Nickolas Sharp has admitted in court to abusing company-provided credentials to steal data and then attempting to extort Ubiquiti.

Atlassian Warns of Critical Jira Service Management Vulnerability

=> ↺ Atlassian Warns of Critical Jira Service Management Vulnerability

A critical authentication vulnerability in Jira Service Management Server and Data Center allows attackers to impersonate users.

High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation

=> ↺ High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation

VMware patches CVE-2023-20854, a vulnerability that can be exploited by a malicious hacker to delete arbitrary files.

Nonstop Health data and source code appear to have been leaked on hacking forum

=> ↺ Nonstop Health data and source code appear to have been leaked on hacking forum

Nonstop Health offers health insurance solutions to employers who have more than 50 employees receiving benefits.

Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication

=> ↺ Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication

Critical Oracle E-Business Suite vulnerability exploited in attacks shortly after PoC is published.

GoAnywhere MFT Users Warned of Zero-Day Exploit

=> ↺ GoAnywhere MFT Users Warned of Zero-Day Exploit

GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet

VMware workstation 17.0.1 fixes arbitrary file deletion issue - https://www.vmware.com/security/advisories/VMSA-2023-0003.html, (Fri, Feb 3rd)

=> ↺ VMware workstation 17.0.1 fixes arbitrary file deletion issue - https://www.vmware.com/security/advisories/VMSA-2023-0003.html, (Fri, Feb 3rd)

Tallahassee Memorial hospital victim of suspected ransomware attack

=> ↺ Tallahassee Memorial hospital victim of suspected ransomware attack

Tallahassee Memorial HealthCare is postponing all non-emergency patient procedures as officials manage an Information Technology security issue that occurred late Thursday night, according to a memo from the hospital.

As of 1 p.m. Friday, the hospital also had canceled non-emergency procedures for Monday, Feb. 6.

The IT security breach is a suspected ransomware attack, according to sources with knowledge of the situation.

=> gemini.tuxmachines.org