Tux Machines
Posted by Roy Schestowitz on Feb 15, 2023,
updated Feb 15, 2023
=> ESP32, Arduino, and FPGAs | How to Fix: Could not find OpenSSL Error in Ubuntu and Other Linux
=> ↺ Thai activists to sue government over Pegasus spyware use
=> ↺ Russian cybersecurity expert convicted of charges in $90M hack-to-trade case
Vladislav Klyushin had sensitive connections to the Russian government and Russian military hackers, prosecutors said.
=> ↺ Why the US needs the Bureau of Cyber Statistics right now
The agency could serve as a vital data repository for cyber incidents that would inform public and private sector decision-making.
=> ↺ Ransomware attacks surge against US manufacturing plants
Cyberattacks against critical infrastructure continues to increase and some sectors, such as manufacturing, take the brunt of abuse.
=> ↺ Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.
=> ↺ APSB23-02 | ↺ APSB23-05 | ↺ APSB23-06 | ↺ APSB23-09 | ↺ APSB23-11 | ↺ APSB23-12 | ↺ APSB23-14 | ↺ APSB23-15 | ↺ APSB23-16
=> ↺ Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops
Citrix has released security updates to address high-severity vulnerabilities (CVE-2023-24486, CVE-2023-24484, CVE-2023-24485, and CVE-2023-24483) in Citrix Workspace Apps, Virtual Apps and Desktops. A local user could exploit these vulnerabilities to take control of an affected system.
=> ↺ CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.
=> ↺ Known Exploited Vulnerabilities Catalog
=> ↺ Known Exploited Vulnerabilities Catalog
=> ↺ Microsoft Releases February 2023 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.
=> ↺ Apple Releases Security Updates for Multiple Products
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device.
=> ↺ CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems (ICS) advisory on February 14, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
=> ↺ Mozilla Releases Security Updates for Firefox 110 and Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox 110 and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system.
=> ↺ Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
The security flaw, now tracked as CVE-2023-0669, enables attackers to gain remote code execution on unpatched GoAnywhere MFT instances with their administrative console exposed to Internet access.
=> ↺ Hackers take down Bahrain airport website | Al Arabiya English
Hackers said they had taken down the website of Bahrain’s international airport on Tuesday which was unavailable until at least 1:45 p.m. GST. It briefly
=> ↺ Arizona Priority Care and AZPC Clinics notify 10,978 patients of malware attack
According to APC’s substitute notice, on December 2, employees noted difficulty accessing some servers. The breach was discovered on December 5, and malware was detected on some servers. An investigation revealed that the malware was used to access and exfiltrate data.
Student email addresses may not be as easy/convenient to get as staff information, but they are not that difficult. In some districts, if you know the format system used to generate email addresses and the students’ names, you can figure out their email addresses. DataBreaches is not sure that is true for SPPS, however.
Minuteman Senior Services (“MSS”) in Massachusetts notified the U.S. Department of Health and Human Services on January 27 that they experienced a breach affecting 500 patients. The “500” is simply a marker that indicates that the reporting entity knows they have to report a breach to HHS within 60 days of discovery but they do not yet really know how many patients were affected. They only know or estimate that it is more than the 500 trigger to report to HHS.
=> gemini.tuxmachines.org This content has been proxied by September (3851b).Proxy Information
text/gemini;lang=en-GB