Tux Machines

Security and FUD Leftovers

Posted by Roy Schestowitz on Aug 23, 2024

=> Programming/Development Leftovers | Proton VPN Now Supports WireGuard on Linux

Silicon Angle ☛ McDonald’s Instagram hacked to promote cryptocurrency scam featuring Grimace

=> ↺ McDonald’s Instagram hacked to promote cryptocurrency scam featuring Grimace

The official Instagram account of McDonald’s Corp. was reportedly hacked today to promote a cryptocurrency scam named after the McDonald’s character Grimace.

CVE-2024-43398: DoS vulnerability in REXML

=> ↺ CVE-2024-43398: DoS vulnerability in REXML

There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-43398. We strongly recommend upgrading the REXML gem.

=> ↺ CVE-2024-43398

When parsing an XML that has many deep elements that have same local name attributes.
It’s only affected with the tree parser Hey Hi (AI) If you’re using REXML::Document.new to parse an XML, you may be affected.

=> ↺ CVE-2024-43398

NYOB ☛ noyb files two complaints against EU Parliament over massive data breach

=> ↺ noyb files two complaints against EU Parliament over massive data breach

noyb files two complaints against EU Parliament over massive data breach

Security Week ☛ CISA Warns of Exploited Vulnerabilities Impacting Dahua Products

=> ↺ CISA Warns of Exploited Vulnerabilities Impacting Dahua Products

CISA warns that attackers are exploiting two critical-severity authentication bypass vulnerabilities impacting multiple Dahua products.

Security Week ☛ Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira

=> ↺ Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira

Atlassian has released patches for nine high-severity vulnerabilities in Bamboo, Confluence, Crowd, and Jira products.

Security Week ☛ Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

=> ↺ Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

US oil giant Halliburton confirmed its computer systems were hit by a cyberattack that affected operations at its Houston offices.

Security Week ☛ Google Patches Sixth Exploited Chrome Zero-Day of 2024

=> ↺ Google Patches Sixth Exploited Chrome Zero-Day of 2024

Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild.

LWN ☛ Security updates for Thursday

=> ↺ Security updates for Thursday

Security updates have been issued by AlmaLinux (.NET 8.0, bind, bind9.16, curl, edk2, firefox, gnome-shell, grafana, jose, krb5, libreoffice, mod_auth_openidc:2.3, orc, pcs, poppler, python-setuptools, python-urllib3, python3.11-setuptools, python3.12-setuptools, thunderbird, tomcat, and wget), Fedora (webkitgtk), SUSE (apache2, glib2, and roundcubemail), and Ubuntu (kernel, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15,
linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm,
linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle,
linux-raspi, linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gcp-5.4,
linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm,
linux-oracle, linux-oracle-5.4, linux-raspi, linux-xilinx-zynqmp, linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm,
linux-lowlatency, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency,
linux-oem-6.8, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-aws, linux-aws-hwe, linux-bluefield, linux-hwe-5.15, linux-raspi-5.4, and qemu).

Security Week ☛ China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches

=> ↺ China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches

Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level.

Ruben Schade ☛ Generative Hey Hi (AI) is a security vulnerability

=> ↺ Generative Hey Hi (AI) is a security vulnerability

Thomas Claburn, writing for The Register:

=> ↺ Thomas Claburn, writing for The Register

“Slack Hey Hi (AI) uses the conversation data already in Slack to create an intuitive and secure Hey Hi (AI) experience tailored to you and your organization,” the messaging app provider explains in its documentation.
Except it’s not that secure, as PromptArmor tells it. A prompt injection vulnerability in Slack Hey Hi (AI) makes it possible to fetch data from private Slack channels.

=> ↺ Thomas Claburn, writing for The Register

Fear, Uncertainty, Doubt/Dramatisation

Security Week ☛ Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware [Ed: Old, largely irrelevant, still a source of FUD]

=> ↺ Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware

More than two years after the Log4j crisis, organizations are still being hit by crypto-currency miners and backdoor scripts.

Critical SLUBStick Exploitation Technique Threatens Linux Security [Ed: Only privileges escalation]

=> ↺ Critical SLUBStick Exploitation Technique Threatens Linux Security

A new and highly-effective cross-cache attack named SLUBStick has emerged, targeting the Linux kernel with a remarkable 99% success rate in transforming a limited heap vulnerability into an arbitrary memory read-and-write capability. This allows attackers to elevate privileges or even escape containerized environments, posing significant risks to Linux systems.
It works by tricking the kernel into reusing memory in a specific way, giving attackers complete control over the system. Researchers have tested SLUBStick on multiple Linux versions and found it highly effective, even when the kernel has the latest security protections in place.

=> gemini.tuxmachines.org

Proxy Information
Original URL
gemini://gemini.tuxmachines.org/n/2024/08/23/Security_and_FUD_Leftovers.gmi
Status Code
Success (20)
Meta
text/gemini;lang=en-GB
Capsule Response Time
141.843335 milliseconds
Gemini-to-HTML Time
1.780177 milliseconds

This content has been proxied by September (3851b).