Public
- Public
- Groups
- Popular
- People

Notices tagged with security

LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 14-Dec-2022 22:35:42 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

#Ubuntu #security notice: #Emacs flaw allows code execution. https://ubuntu.com/security/notices/USN-5781-1 [ubuntu com]
In conversation about 2 months ago from mustard permalink
Attachments
1. USN-5781-1: Emacs vulnerability | Ubuntu security notices | Ubuntu
  
  from /static/files/humans.txt?v=44f44f8
  
  Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Monday, 05-Dec-2022 03:15:33 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

#Mastodon issue for #activitypub-troll denial-of-service vulnerability. https://github.com/mastodon/mastodon/issues/21977 with 2 pull requests. https://github.com/mastodon/mastodon/pull/22025 and https://github.com/mastodon/mastodon/pull/22026

#security
In conversation about 2 months ago from Choqok permalink
Attachments
1. Any idea to stop activitypub-troll.cf or likewise attacks? · Issue #21977 · mastodon/mastodon
  
  Pitch From about one hour ago, my instance's federated timeline was spammed with contents from activitypub-troll.cf, and the sidekiq queue is full of pulling requests. I have to purge all the t...
2. Fix unbounded recursion in account discovery by ClearlyClaire · Pull Request #22025 · mastodon/mastodon
  
  Your self-hosted, globally interconnected microblogging community - Fix unbounded recursion in account discovery by ClearlyClaire · Pull Request #22025 · mastodon/mastodon
3. Fix unbounded recursion in account discovery (v3.5 backport) by ClearlyClaire · Pull Request #22026 · mastodon/mastodon
  
  This is a straightforward backport of #22025 to stable-3.5. Some changes were needed for ActivityPub::FetchRemoteAccountService because it's been split into ActivityPub::FetchRemoteActorService bet...
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 04-Dec-2022 22:26:16 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- admin de gnusocial.net
- aab
@administrator @aab I'm just guessing, but it could be related to an exploit someone launched against #Mastodon and #Misskey yesterday. From what I read, it brought several instances to their knees. Misskey released a #security patch yesterday.

In conversation about 2 months ago from Choqok permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 04-Dec-2022 16:22:39 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
Tagging this thread with #Fediverse #Security ... whomever made the script obviously read some protocol docs and some source code. With just a little #JavaScript, they were able to knock some #Misskey and #Mastodon instances to their knees.

This isn't the first, and it won't be the last. Remember when someone posted a humongous image and locked up any #GNUSocial instance that tried to download the image? Remember when someone's instance was replaced by some sort of cryptocurrency site and PuSH es from your site to theirs would crash your site because of their site's response? (I'll bet I still have that domain blocked at the firewall.)

We have to stop being naive about the intentions of those in the current migration. The overwhelming majority will have benign, if not good, intentions. But a select few will have bad intentions. Among those intentions is to colonize the Fediverse with #Twitter's culture, to come here and impose that culture of anger and disrespect upon the inhabitants here ... which already happened once with the first wave of people joining #Mastodon instance, except it was Twitter and #Tumblr at that time.

In conversation about 2 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 23-Oct-2022 07:00:54 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

Oh, good grief, #Microsoft. https://thehackernews.com/2022/10/microsoft-confirms-server.html [thehackernews com]

Source: https://infosec.exchange/@jerry/109213542275494102

#security #breach #Azure #cloud
In conversation about 3 months ago from Shoyu permalink
Attachments
1. Jerry Bell (@jerry@infosec.exchange)
  
  from Jerry Bell
  
  Microsoft had a leaky storage bucket, exposing a LOT of client data: https://thehackernews.com/2022/10/microsoft-confirms-server.html
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 28-Sep-2022 19:40:42 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

If you are using #Element-iOS , #Element-Android , #Schildichat, or any other #Matrix client powered by matrix-sdk, upgrade now. #Security release is out.

https://nu.federati.net/url/287969 [matrix org]
In conversation about 4 months ago from Shoyu permalink
Attachments
1. Upgrade now to address E2EE vulnerabilities in matrix-js-sdk, matrix-ios-sdk and matrix-android-sdk2 | Matrix.org
  
  from @matrixdotorg
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Saturday, 11-Jun-2022 20:57:15 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
- GeniusMusing
https://nu.federati.net/url/286651 [arstechnica com]

> Researchers have unearthed a discovery that doesn’t occur all that often in the realm of malware: a mature, never-before-seen Linux backdoor that uses novel evasion techniques to conceal its presence on infected servers, in some cases even with a forensic investigation.

> On Thursday, researchers from Intezer and The BlackBerry Threat Research & Intelligence Team said that the previously undetected backdoor combines high levels of access with the ability to scrub any sign of infection from the file system, system processes, and network traffic. Dubbed Symbiote, it targets financial institutions in Brazil and was first detected in November.

/via @geniusmusing

#security #linux #backdoor #malware
In conversation about 8 months ago from web permalink
Attachments
1. New ultra-stealthy Linux backdoor isn’t your everyday malware discovery
  
  from @dangoodin001
  
  Symbiote gives remote access to any account. Normal methods don't detect it.
Bruja (gaba@systerserver.town)'s status on Tuesday, 17-May-2022 21:07:42 UTC Bruja
Remote profile options...

Leap is also hiring for VPN development https://leap.se/post/2022_05_16_go_dev/ #security #devs #jobs #hiring
In conversation about 9 months ago from systerserver.town permalink
Attachments
1. Invalid filename.
  
  Wanted: Go Application Developer to Fight Censorship | LEAP Encryption Access Project
  
  from LEAP
  
  We need you more than ever: Go app developer for fighting censorship
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 20-Apr-2022 23:49:38 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

https://nu.federati.net/url/285943 [it slashdot org] #Lenovo issues #security patches for over 100 Lenovo products.

Source: https://shitposter.club/objects/6f578473-d458-464d-92a8-086d8ce96abb
In conversation about 10 months ago from web permalink
Attachments
1. Hackers Can Infect Over 100 Lenovo Models With Unremovable Malware - Slashdot
  
  Lenovo has released security updates for more than 100 laptop models to fix critical vulnerabilities that make it possible for advanced hackers to surreptitiously install malicious firmware that can be next to impossible to remove or, in some cases, to detect. Ars Technica reports: Three vulnerabil...
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Monday, 07-Feb-2022 23:26:06 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

Some severe flaws in #Cisco small business routers. https://www.theregister.com/2022/02/04/cisco_smb_routers_critical_vulnerabilities/. [www theregister com]
At publication time, some flaws and some models had not yet been patched.
#security
In conversation about a year ago from AndStatus permalink
Attachments
1. Cisco reveals three critical flaws in small business routers
  
  RV family of routers is in trouble, and fixed software is yet to arrive for some models
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 18-Aug-2021 15:39:54 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
- Rysiekúr Memesson
#T-mobile #security

From 2018: https://nu.federati.net/url/282487

/via @rysiek @rysiek@mastodon.technology
In conversation Wednesday, 18-Aug-2021 15:39:54 UTC from web permalink
Attachments
1. T-Mobile Austria on Twitter
  
  “@Korni22 @c_pellegrino @PWTooStrong @Telekom_hilft @Korni22 What if this doesn't happen because our security is amazingly good? ^Käthe”
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 25-Apr-2021 06:48:04 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

University of #Minnesota researchers apologize to the #Linux kernel community, ask to restore trust.

https://nu.federati.net/url/280818 [lore kernel org]

#MN #UMN #security
In conversation Sunday, 25-Apr-2021 06:48:04 UTC from Shoyu permalink
Attachments
1. An open letter to the Linux community
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 18-Apr-2021 15:41:27 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
Further info: https://news-web.php.net/php.internals/113838

And with the presumed compromise of git.php.net, all future development activities will take place on #GitHub.

#code-hosting #vcs #scm #security #git #php
In conversation Sunday, 18-Apr-2021 15:41:27 UTC from mustard permalink
Attachments
1. php.internals: Changes to Git commit workflow
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Thursday, 25-Mar-2021 00:10:19 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

Detecting #curl-pipe-bash from the server-side: https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/ [www idontplaydarts com]

#security #curl #wget #pipe #bash
In conversation Thursday, 25-Mar-2021 00:10:19 UTC from web permalink
Attachments
1. Detecting the use of "curl | bash" server side | Application Security
  
  Another reason not to pipe from curl to bash. Detecting curl | bash serverside.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Thursday, 17-Dec-2020 03:32:37 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

https://nu.federati.net/url/278948 [thejournal com]

Schools are now the most targeted segment for ransomware ... make up the majority of all ransomware attacks.

#security #ransomware #k-12 #schools
In conversation Thursday, 17-Dec-2020 03:32:37 UTC from web permalink
Attachments
1. K–12 Has Become the Most Targeted Segment for Ransomware -- THE Journal
  
  Malicious actors have disrupted remote learning by targeting school systems in their ransomware, malware and DDoS attacks.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Monday, 14-Dec-2020 22:42:47 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

#Mattermost devs discover unfixable (?) flaws in #Go-Lang library https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ #security
In conversation Monday, 14-Dec-2020 22:42:47 UTC from mustard permalink
Attachments
1. Coordinated disclosure of XML round-trip vulnerabilities in Go XML
  
  from Juho Nurminen
  
  If you maintain a Go-based project that relies on XML integrity, we urge you to read this post carefully.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 13-Dec-2020 23:54:44 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- GeniusMusing
The Guardian's text is pretty similar to the Jerusalem Post's: https://nu.federati.net/url/278891

#US_Treasury #security #breach
In conversation Sunday, 13-Dec-2020 23:54:44 UTC from web permalink
Attachments
1. Suspected Russian hackers spied on US Treasury emails - sources
  
  The hack is so serious it led to a National Security Council meeting at the White House on Saturday.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 09-Dec-2020 02:15:44 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

US #cybersecurity firm #FireEye discloses breach, theft of tools https://finance.yahoo.com/news/u-cybersecurity-firm-fireeye-discloses-210424354.html [finance yahoo com]

#SEC #security #breach #filing
In conversation Wednesday, 09-Dec-2020 02:15:44 UTC from web permalink
Attachments
1. U.S. cybersecurity firm FireEye discloses breach, theft of hacking tools
  
  (Reuters) -FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that it had been hacked, likely by a government, and that an arsenal of hacking tools used to test the defenses of its clients had been stolen. The hack of FireEye, a company with an array of contracts across the national security space both in the United States and its allies, is among the most significant breaches in recent memory. The FireEye breach was disclosed in a public filing with the Securities and Exchange Commission citing CEO Kevin Mandia.
GeniusMusing (geniusmusing@nu.federati.net)'s status on Wednesday, 09-Dec-2020 01:06:10 UTC GeniusMusing

OpenSSL Releases Security Update CISA
https://us-cert.cisa.gov/ncas/current-activity/2020/12/08/openssl-releases-security-update

>OpenSSL has released a security update to address a vulnerability affecting all versions of 1.0.2 and 1.1.1 released before version 1.1.1i. An attacker could exploit this vulnerability to cause a denial-of-service condition.

openssl.org/news/secadv/20201208.txt
https://www.openssl.org/news/secadv/20201208.txt

>EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
>======================================================
>
>Severity: High
>
>The X.509 GeneralName type is a generic type for representing different types
>of names. One of those name types is known as EDIPartyName. OpenSSL provides a
>function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME
>to see if they are equal or not. This function behaves incorrectly when both
>GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash
>may occur leading to a possible denial of service attack.
>
>OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes:
>1) Comparing CRL distribution point names between an available CRL and a CRL
> distribution point embedded in an X509 certificate
>2) When verifying that a timestamp response token signer matches the timestamp
> authority name (exposed via the API functions TS_RESP_verify_response and
> TS_RESP_verify_token)
>
>If an attacker can control both items being compared then that attacker could
>trigger a crash.
>...

#OpenSSL #Security #Update
In conversation Wednesday, 09-Dec-2020 01:06:10 UTC from web permalink
Attachments
1. OpenSSL Releases Security Update | CISA
  
  OpenSSL has released a security update to address a vulnerability affecting all versions of 1.0.2 and 1.1.1 released before version 1.1.1i. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary update.
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 08-Dec-2020 17:32:50 UTC GeniusMusing

Multiple Embedded TCP/IP Stacks CISA
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01

>1. EXECUTIVE SUMMARY
>
> CVSS v3 9.8
> ATTENTION: Exploitable remotely/low skill level to exploit
> Vendor: Multiple (open source)
> Equipment: uIP-Contiki-OS, uIP-Contiki-NG, uIP, open-iscsi, picoTCP-NG, picoTCP, FNET, Nut/Net
> Vulnerabilities: Infinite Loop, Integer Wraparound, Out-of-bounds Read, Integer Overflow, Out-of-bounds Write, Improper Input Validation, Improper Null Termination
>
>CISA is aware of a public report, known as “AMNESIA:33” that details vulnerabilities found in multiple open-source TCP/IP stacks. CISA is issuing this advisory to provide early notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
>
>The various open-source stacks may be implemented in forked repositories.
>2. RISK EVALUATION
>
>Successful exploitation of these vulnerabilities could allow attackers to corrupt memory, put devices into infinite loops, access unauthorized data, and/or poison DNS cache.
>3. TECHNICAL DETAILS
>3.1 AFFECTED PRODUCTS
>
>The following are affected:
>
> uIP-Contiki-OS (end-of-life [EOL]), Version 3.0 and prior
> uIP-Contiki-NG, Version 4.5 and prior
> uIP (EOL), Version 1.0 and prior
> open-iscsi, Version 2.1.12 and prior
> picoTCP-NG, Version 1.7.0 and prior
> picoTCP (EOL), Version 1.7.0 and prior
> FNET, Version 4.6.3
> Nut/Net, Version 5.1 and prior
>...
#Security
In conversation Tuesday, 08-Dec-2020 17:32:50 UTC from web permalink
Attachments
1. Multiple Embedded TCP/IP Stacks | CISA
  
  1.

Before

Feeds

Federati Nu: Federated N-series GNU Social is a social network, courtesy of Federati Networks. It runs on GNU social, version 2.0.0-dev, available under the GNU Affero General Public License.

All Federati Nu: Federated N-series GNU Social content and data are available under the Creative Commons Attribution 3.0 license.

Switch to mobile site layout.