Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jul 12, 2023

=> today's howtos | Linux Kernel 6.3 Reaches End of Life, Users Urged to Upgrade to Linux 6.4

Exploit Code Published for Remote Root Flaw in VMware Logging Software

=> ↺ Exploit Code Published for Remote Root Flaw in VMware Logging Software

VMware confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches.

Apple Ships Urgent iOS Patch for WebKit Zero-Day

=> ↺ Apple Ships Urgent iOS Patch for WebKit Zero-Day

Apple rolls out urgent iOS and iPadOS software updates and warned that zero-day exploitation has already been detected.

Critical Vulnerability Can Allow Takeover of Mastodon Servers

=> ↺ Critical Vulnerability Can Allow Takeover of Mastodon Servers

A critical vulnerability in the Mastodon social networking platform may allow attackers to take over target servers.

Linux VPN Myths Exposed: Separating Fact from Fiction for Enhanced Online Security

=> ↺ Linux VPN Myths Exposed: Separating Fact from Fiction for Enhanced Online Security

With online privacy and security becoming increasingly critical concerns, VPNs have gained immense popularity recently. Nevertheless, an abundance of false information about this tool for safeguarding online privacy is circulating.

Hackers stream anti-NATO broadcasts in Lithuania after cyber attacks

=> ↺ Hackers stream anti-NATO broadcasts in Lithuania after cyber attacks

Lithuania's National Cyber Security Centre (NKSC) has recorded two cyber incidents when disinformation was broadcast on a regional radio station and in a shopping centre following a hacking of a music streaming service.

A Cybersecurity Wish List Ahead of NATO Summit

=> ↺ A Cybersecurity Wish List Ahead of NATO Summit

Assuming NATO can play a greater part in the cybersecurity of its members, possibly through a more formal NATO Cyber Command, the question then becomes ‘what should we hope for?’

Apple issues emergency patches to fix 10th zero-day for 2023

=> ↺ Apple issues emergency patches to fix 10th zero-day for 2023

Apple has issued emergency updates to fix zero-days in its iOS, iPadOS and macOS Ventura operating systems, the 10th fix for zero-days being exploited in the wild issued this calendar year.

Apple Rapid Security Update Patches Three Exploited Vulnerabilities, (Mon, Jul 10th)

=> ↺ Apple Rapid Security Update Patches Three Exploited Vulnerabilities, (Mon, Jul 10th)

Australian infrastructure firm Ventia breached in online attack

=> ↺ Australian infrastructure firm Ventia breached in online attack

"Ventia’s operations are continuing. We are maintaining vigilance across our systems. We will not hesitate to take further protective action if required as operations return to normal in the days ahead."

Ventia operates in both Australia and New Zealand and is one of the bigger essential services providers in the two countries.

In 2022, it pulled in revenue of $5.1 billion, an increase of 13.4% on the previous calendar year.

=> ↺ pulled in revenue

=> ↺ pulled in revenue

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability

=> ↺ PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability

PoC exploit has been published for a recently patched Ubiquiti EdgeRouter vulnerability leading to arbitrary code execution.

Honeywell Boosting OT Cybersecurity Offering With Acquisition of SCADAfence

=> ↺ Honeywell Boosting OT Cybersecurity Offering With Acquisition of SCADAfence

Industrial giant Honeywell wants to extend its OT cybersecurity portfolio with the acquisition of Israel-based OT/IoT security firm SCADAfence.

Critical Infrastructure Services Firm Ventia Takes Systems Offline Due to Cyberattack

=> ↺ Critical Infrastructure Services Firm Ventia Takes Systems Offline Due to Cyberattack

Critical infrastructure services provider Ventia has taken some systems offline following a cyberattack.

=> gemini.tuxmachines.org