Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Aug 06, 2023

=> Today in Techrights | today's howtos

Alarm Raised Over Mozilla VPN: Wonky Authorization Check Lets Users Cause Havoc

=> ↺ Alarm Raised Over Mozilla VPN: Wonky Authorization Check Lets Users Cause Havoc

A security engineer at Linux distro maker SUSE has published an advisory for a flaw in the Mozilla VPN client for Linux that has yet to be addressed in a publicly released fix because the disclosure process went off the rails.

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems [Ed: This fails to explain how it gets installed in the first place; no flaws being exploited in Linux as far as this article goes]

=> ↺ Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea.

Login and Security Manager overhauled

=> ↺ Login and Security Manager overhauled

This has been a long time coming. Finally got around to doing it. The "Login and Security Manager" is in the "System" category of the menu. In your EasyOS you can see what it looks like; compare with now: [...]

the hardcore security challenge any app store faces

=> ↺ the hardcore security challenge any app store faces

Parathon by JDA eHealth Systems hit by Akira? They haven’t responded to inquiries.

=> ↺ Parathon by JDA eHealth Systems hit by Akira? They haven’t responded to inquiries.

On August 1, Parathon by JDA eHealth Systems was added to Akira’s site with a note from Akira: “We’re almost ready to share the 560GB of data we’ve taken from their network. Contracts, employee personal information, and confidential documents will be posted shortly.”

=> gemini.tuxmachines.org