Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jul 30, 2023

=> Programming Leftovers | Releases of GNU Emacs and GnuCOBOL (UPDATED)

Linux Version of Abyss Locker Ransomware Targets VMware ESXi Servers [Ed: The problem is not Linux. The problem is malware and it impacts proprietary software, not GNU/Linux. Microsoft boosters and spinners here.]

=> ↺ Linux Version of Abyss Locker Ransomware Targets VMware ESXi Servers

The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise.

USPS Phishing Scam Targeting iOS Users, (Sun, Jul 30th)

=> ↺ USPS Phishing Scam Targeting iOS Users, (Sun, Jul 30th)

Phishing scams have frequently arrived as an SMS message (sometimes called "Smishing"). SMS messages are easy and cheap to send, and we have documented how attackers like to scan for exposed credentials for services like Twilio to make it even cheaper.

Indirect Instruction Injection in Multi-Modal LLMs

=> ↺ Indirect Instruction Injection in Multi-Modal LLMs

Interesting research: “(Ab)using Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs“:

=> ↺ (Ab)using Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs

=> ↺ (Ab)using Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs

Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks

=> ↺ Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks

[Ed: The problem is a proprietary front end and it's not a back door, albeit it can be used by malicious actor to install one on a compromised system. This is awful reporting by Microsoft boosters and spinners.] > The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a "novel persistent backdoor" called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances.

Zimbra Patches Exploited Zero-Day Vulnerability

=> ↺ Zimbra Patches Exploited Zero-Day Vulnerability

Zimbra has released patches for a cross-site scripting (XSS) vulnerability that has been exploited in malicious attacks.

CoinsPaid Blames North Korean Hackers for $37 Million Cryptocurrency Heist

=> ↺ CoinsPaid Blames North Korean Hackers for $37 Million Cryptocurrency Heist

CoinsPaid says North Korean hacking group Lazarus is likely responsible for the recent theft of $37 million in cryptocurrency.

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications

=> ↺ US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications

US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications.

Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins

=> ↺ Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins

The first attempts to exploit CVE-2023-24489, a recent critical Citrix ShareFile remote code execution vulnerability, have been observed.

Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices

=> ↺ Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices

Several vulnerabilities found in Weintek Weincloud could have allowed hackers to manipulate and damage ICS, including PLCs and field devices.

=> gemini.tuxmachines.org