bettercap-2.28-9.fc35 chisel-1.7.7-2.fc35 commit-stream-0.1.2-6.fc35 containerd-1.6.2-2.fc35 doctl-1.73.0-2.fc35 gh-2.7.0-2.fc35 gobuster-3.1.0-2.fc35 golang-contrib-opencensus-resource-0.1.2-6.fc35 golang-gioui-0-7.20201225git18d4dbf.fc35 golang-github-appc-docker2aci-0.17.2-8.fc35 golang-github-appc-goaci-0.1.1-10.fc35 golang-github-appc-spec-0.8.11-13.fc35 golang-github-containerd-continuity-0.2.2-2.fc35 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc35 golang-github-coredns-corefile-migration-1.0.11-5.fc35 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc35 golang-github-francoispqt-gojay-1.2.13-6.fc35 golang-github-gogo-googleapis-1.4.1-3.fc35 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc35 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc35 golang-github-googleapis-gnostic-0.5.3-5.fc35 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc35 golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc35 golang-github-haproxytech-client-native-2.5.3-2.fc35 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc35 golang-github-instrumenta-kubeval-0.15.0-7.fc35 golang-github-intel-goresctrl-0.2.0-4.fc35 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc35 golang-github-pact-foundation-1.5.1-5.fc35 golang-github-prometheus-2.32.1-4.fc35 golang-github-prometheus-alertmanager-0.23.0-8.fc35 golang-github-prometheus-node-exporter-1.3.1-7.fc35 golang-github-redteampentesting-monsoon-0.6.0-5.fc35 golang-github-spf13-cobra-1.4.0-2.fc35 golang-github-theupdateframework-notary-0.7.0-4.fc35 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc35 golang-gopkg-src-d-git-4-4.13.1-7.fc35 golang-k8s-apiextensions-apiserver-1.22.0-5.fc35 golang-k8s-code-generator-1.22.0-3.fc35 golang-k8s-kube-aggregator-1.22.0-3.fc35 golang-k8s-sample-apiserver-1.22.0-4.fc35 golang-k8s-sample-controller-1.22.0-3.fc35 golang-mongodb-mongo-driver-1.4.5-5.fc35 golang-storj-drpc-0.0.16-5.fc35 golang-x-perf-0-0.14.20210123gitbdcc622.fc35 gopass-1.13.1-2.fc35 grpcurl-1.8.6-2.fc35 onionscan-0.2-6.fc35 shellz-1.5.0-6.fc35 shhgit-0.2-6.fc35 snowcrash-0-0.6.20201119git49b99ad.fc35 xq-0.0.7-3.fc35

Read Time:2 Minute, 13 Second

FEDORA-2022-3a63897745

Packages in this update:

bettercap-2.28-9.fc35
chisel-1.7.7-2.fc35
commit-stream-0.1.2-6.fc35
containerd-1.6.2-2.fc35
doctl-1.73.0-2.fc35
gh-2.7.0-2.fc35
gobuster-3.1.0-2.fc35
golang-contrib-opencensus-resource-0.1.2-6.fc35
golang-gioui-0-7.20201225git18d4dbf.fc35
golang-github-appc-docker2aci-0.17.2-8.fc35
golang-github-appc-goaci-0.1.1-10.fc35
golang-github-appc-spec-0.8.11-13.fc35
golang-github-containerd-continuity-0.2.2-2.fc35
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc35
golang-github-coredns-corefile-migration-1.0.11-5.fc35
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc35
golang-github-francoispqt-gojay-1.2.13-6.fc35
golang-github-gogo-googleapis-1.4.1-3.fc35
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc35
golang-github-googleapis-gnostic-0.5.3-5.fc35
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc35
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc35
golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc35
golang-github-haproxytech-client-native-2.5.3-2.fc35
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc35
golang-github-instrumenta-kubeval-0.15.0-7.fc35
golang-github-intel-goresctrl-0.2.0-4.fc35
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc35
golang-github-pact-foundation-1.5.1-5.fc35
golang-github-prometheus-2.32.1-4.fc35
golang-github-prometheus-alertmanager-0.23.0-8.fc35
golang-github-prometheus-node-exporter-1.3.1-7.fc35
golang-github-redteampentesting-monsoon-0.6.0-5.fc35
golang-github-spf13-cobra-1.4.0-2.fc35
golang-github-theupdateframework-notary-0.7.0-4.fc35
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc35
golang-gopkg-src-d-git-4-4.13.1-7.fc35
golang-k8s-apiextensions-apiserver-1.22.0-5.fc35
golang-k8s-code-generator-1.22.0-3.fc35
golang-k8s-kube-aggregator-1.22.0-3.fc35
golang-k8s-sample-apiserver-1.22.0-4.fc35
golang-k8s-sample-controller-1.22.0-3.fc35
golang-mongodb-mongo-driver-1.4.5-5.fc35
golang-storj-drpc-0.0.16-5.fc35
golang-x-perf-0-0.14.20210123gitbdcc622.fc35
gopass-1.13.1-2.fc35
grpcurl-1.8.6-2.fc35
onionscan-0.2-6.fc35
shellz-1.5.0-6.fc35
shhgit-0.2-6.fc35
snowcrash-0-0.6.20201119git49b99ad.fc35
xq-0.0.7-3.fc35

Update description:

Rebuild for CVE-2022-27191

Read More

bettercap-2.28-9.fc36 chisel-1.7.7-2.fc36 commit-stream-0.1.2-6.fc36 containerd-1.6.2-2.fc36 doctl-1.73.0-2.fc36 git-time-metric-1.3.5-14.fc36 gobuster-3.1.0-2.fc36 golang-contrib-opencensus-resource-0.1.2-6.fc36 golang-gioui-0-7.20201225git18d4dbf.fc36 golang-github-acme-lego-4.4.0-4.fc36 golang-github-appc-docker2aci-0.17.2-8.fc36 golang-github-appc-goaci-0.1.1-10.fc36 golang-github-appc-spec-0.8.11-13.fc36 golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc36 golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc36 golang-github-containerd-continuity-0.2.2-2.fc36 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc36 golang-github-coredns-corefile-migration-1.0.11-5.fc36 golang-github-cucumber-godog-0.12.1-3.fc36 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc36 golang-github-francoispqt-gojay-1.2.13-6.fc36 golang-github-gogo-googleapis-1.4.1-3.fc36 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc36 golang-github-google-containerregistry-0.5.1-4.fc36 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc36 golang-github-googleapis-gnostic-0.5.3-5.fc36 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc36 golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc36 golang-github-haproxytech-client-native-2.5.3-2.fc36 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc36 golang-github-instrumenta-kubeval-0.15.0-7.fc36 golang-github-intel-goresctrl-0.2.0-4.fc36 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc36 golang-github-pact-foundation-1.5.1-5.fc36 golang-github-prometheus-2.32.1-4.fc36 golang-github-prometheus-alertmanager-0.23.0-8.fc36 golang-github-prometheus-node-exporter-1.3.1-7.fc36 golang-github-prometheus-tsdb-0.10.0-6.fc36 golang-github-redteampentesting-monsoon-0.6.0-5.fc36 golang-github-spf13-cobra-1.4.0-2.fc36 golang-github-theupdateframework-notary-0.7.0-4.fc36 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc36 golang-gopkg-src-d-git-4-4.13.1-7.fc36 golang-k8s-apiextensions-apiserver-1.22.0-5.fc36 golang-k8s-code-generator-1.22.0-3.fc36 golang-k8s-kube-aggregator-1.22.0-3.fc36 golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc36 golang-k8s-sample-apiserver-1.22.0-4.fc36 golang-k8s-sample-controller-1.22.0-3.fc36 golang-mongodb-mongo-driver-1.4.5-5.fc36 golang-storj-drpc-0.0.16-5.fc36 golang-x-debug-0-0.13.20210123gitc934e1b.fc36 golang-x-exp-0-0.42.20220330git053ad81.fc36 golang-x-perf-0-0.14.20210123gitbdcc622.fc36 gopass-1.13.1-2.fc36 grpcurl-1.8.6-2.fc36 onionscan-0.2-6.fc36 open-policy-agent-0.31.0-4.fc36 shellz-1.5.0-6.fc36 shhgit-0.2-6.fc36 snowcrash-0-0.6.20201119git49b99ad.fc36 xq-0.0.7-3.fc36

Read Time:2 Minute, 42 Second

FEDORA-2022-08ae2dd481

Packages in this update:

bettercap-2.28-9.fc36
chisel-1.7.7-2.fc36
commit-stream-0.1.2-6.fc36
containerd-1.6.2-2.fc36
doctl-1.73.0-2.fc36
git-time-metric-1.3.5-14.fc36
gobuster-3.1.0-2.fc36
golang-contrib-opencensus-resource-0.1.2-6.fc36
golang-gioui-0-7.20201225git18d4dbf.fc36
golang-github-acme-lego-4.4.0-4.fc36
golang-github-appc-docker2aci-0.17.2-8.fc36
golang-github-appc-goaci-0.1.1-10.fc36
golang-github-appc-spec-0.8.11-13.fc36
golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc36
golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc36
golang-github-containerd-continuity-0.2.2-2.fc36
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc36
golang-github-coredns-corefile-migration-1.0.11-5.fc36
golang-github-cucumber-godog-0.12.1-3.fc36
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc36
golang-github-francoispqt-gojay-1.2.13-6.fc36
golang-github-gogo-googleapis-1.4.1-3.fc36
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc36
golang-github-googleapis-gnostic-0.5.3-5.fc36
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc36
golang-github-google-containerregistry-0.5.1-4.fc36
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc36
golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc36
golang-github-haproxytech-client-native-2.5.3-2.fc36
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc36
golang-github-instrumenta-kubeval-0.15.0-7.fc36
golang-github-intel-goresctrl-0.2.0-4.fc36
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc36
golang-github-pact-foundation-1.5.1-5.fc36
golang-github-prometheus-2.32.1-4.fc36
golang-github-prometheus-alertmanager-0.23.0-8.fc36
golang-github-prometheus-node-exporter-1.3.1-7.fc36
golang-github-prometheus-tsdb-0.10.0-6.fc36
golang-github-redteampentesting-monsoon-0.6.0-5.fc36
golang-github-spf13-cobra-1.4.0-2.fc36
golang-github-theupdateframework-notary-0.7.0-4.fc36
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc36
golang-gopkg-src-d-git-4-4.13.1-7.fc36
golang-k8s-apiextensions-apiserver-1.22.0-5.fc36
golang-k8s-code-generator-1.22.0-3.fc36
golang-k8s-kube-aggregator-1.22.0-3.fc36
golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc36
golang-k8s-sample-apiserver-1.22.0-4.fc36
golang-k8s-sample-controller-1.22.0-3.fc36
golang-mongodb-mongo-driver-1.4.5-5.fc36
golang-storj-drpc-0.0.16-5.fc36
golang-x-debug-0-0.13.20210123gitc934e1b.fc36
golang-x-exp-0-0.42.20220330git053ad81.fc36
golang-x-perf-0-0.14.20210123gitbdcc622.fc36
gopass-1.13.1-2.fc36
grpcurl-1.8.6-2.fc36
onionscan-0.2-6.fc36
open-policy-agent-0.31.0-4.fc36
shellz-1.5.0-6.fc36
shhgit-0.2-6.fc36
snowcrash-0-0.6.20201119git49b99ad.fc36
xq-0.0.7-3.fc36

Update description:

Rebuild for CVE-2022-27191

Fix FTBFS Close: rhbz#2045471

Read More

git-2.35.3-1.fc35

Read Time:50 Second

FEDORA-2022-3759ebabd2

Packages in this update:

git-2.35.3-1.fc35

Update description:

Update to 2.35.3 (release notes)

This release addresses CVE-2022-24765. Per the release announcement:

On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in C:.git, in a mounted network drive or in a scratch space. Merely having a Git-aware prompt that runs git status (or git diff) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user.

A broad “escape hatch” is available in cases where all the repositories you may enter are considered safe, regardless of their ownership. Quoting another release announcement:

* can be used as the value for the safe.directory variable to signal that the user considers that any directory is safe.

Read More

bettercap-2.28-9.fc37 chisel-1.7.7-2.fc37 commit-stream-0.1.2-6.fc37 containerd-1.6.2-2.fc37 doctl-1.73.0-2.fc37 gh-2.7.0-2.fc37 git-time-metric-1.3.5-14.fc37 gobuster-3.1.0-2.fc37 golang-contrib-opencensus-resource-0.1.2-6.fc37 golang-gioui-0-7.20201225git18d4dbf.fc37 golang-github-acme-lego-4.4.0-4.fc37 golang-github-appc-docker2aci-0.17.2-8.fc37 golang-github-appc-goaci-0.1.1-10.fc37 golang-github-appc-spec-0.8.11-13.fc37 golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc37 golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc37 golang-github-containerd-continuity-0.2.2-2.fc37 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc37 golang-github-coredns-corefile-migration-1.0.11-5.fc37 golang-github-cucumber-godog-0.12.1-3.fc37 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc37 golang-github-francoispqt-gojay-1.2.13-6.fc37 golang-github-gogo-googleapis-1.4.1-3.fc37 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc37 golang-github-google-containerregistry-0.5.1-4.fc37 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc37 golang-github-googleapis-gnostic-0.5.3-5.fc37 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc37 golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc37 golang-github-haproxytech-client-native-2.5.3-2.fc37 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc37 golang-github-instrumenta-kubeval-0.15.0-7.fc37 golang-github-intel-goresctrl-0.2.0-4.fc37 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc37 golang-github-pact-foundation-1.5.1-5.fc37 golang-github-prometheus-2.32.1-4.fc37 golang-github-prometheus-alertmanager-0.23.0-8.fc37 golang-github-prometheus-node-exporter-1.3.1-7.fc37 golang-github-prometheus-tsdb-0.10.0-6.fc37 golang-github-redteampentesting-monsoon-0.6.0-5.fc37 golang-github-spf13-cobra-1.4.0-2.fc37 golang-github-theupdateframework-notary-0.7.0-4.fc37 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc37 golang-gopkg-src-d-git-4-4.13.1-7.fc37 golang-k8s-apiextensions-apiserver-1.22.0-5.fc37 golang-k8s-code-generator-1.22.0-3.fc37 golang-k8s-kube-aggregator-1.22.0-3.fc37 golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc37 golang-k8s-sample-apiserver-1.22.0-4.fc37 golang-k8s-sample-controller-1.22.0-3.fc37 golang-mongodb-mongo-driver-1.4.5-5.fc37 golang-storj-drpc-0.0.16-5.fc37 golang-x-debug-0-0.13.20210123gitc934e1b.fc37 golang-x-exp-0-0.42.20220330git053ad81.fc37 golang-x-perf-0-0.14.20210123gitbdcc622.fc37 gopass-1.13.1-2.fc37 grpcurl-1.8.6-2.fc37 onionscan-0.2-6.fc37 open-policy-agent-0.31.0-4.fc37 shellz-1.5.0-6.fc37 shhgit-0.2-6.fc37 snowcrash-0-0.6.20201119git49b99ad.fc37 xq-0.0.7-3.fc37

Read Time:2 Minute, 42 Second

FEDORA-2022-aa33c22e7a

Packages in this update:

bettercap-2.28-9.fc37
chisel-1.7.7-2.fc37
commit-stream-0.1.2-6.fc37
containerd-1.6.2-2.fc37
doctl-1.73.0-2.fc37
gh-2.7.0-2.fc37
git-time-metric-1.3.5-14.fc37
gobuster-3.1.0-2.fc37
golang-contrib-opencensus-resource-0.1.2-6.fc37
golang-gioui-0-7.20201225git18d4dbf.fc37
golang-github-acme-lego-4.4.0-4.fc37
golang-github-appc-docker2aci-0.17.2-8.fc37
golang-github-appc-goaci-0.1.1-10.fc37
golang-github-appc-spec-0.8.11-13.fc37
golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc37
golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc37
golang-github-containerd-continuity-0.2.2-2.fc37
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc37
golang-github-coredns-corefile-migration-1.0.11-5.fc37
golang-github-cucumber-godog-0.12.1-3.fc37
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc37
golang-github-francoispqt-gojay-1.2.13-6.fc37
golang-github-gogo-googleapis-1.4.1-3.fc37
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc37
golang-github-googleapis-gnostic-0.5.3-5.fc37
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc37
golang-github-google-containerregistry-0.5.1-4.fc37
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc37
golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc37
golang-github-haproxytech-client-native-2.5.3-2.fc37
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc37
golang-github-instrumenta-kubeval-0.15.0-7.fc37
golang-github-intel-goresctrl-0.2.0-4.fc37
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc37
golang-github-pact-foundation-1.5.1-5.fc37
golang-github-prometheus-2.32.1-4.fc37
golang-github-prometheus-alertmanager-0.23.0-8.fc37
golang-github-prometheus-node-exporter-1.3.1-7.fc37
golang-github-prometheus-tsdb-0.10.0-6.fc37
golang-github-redteampentesting-monsoon-0.6.0-5.fc37
golang-github-spf13-cobra-1.4.0-2.fc37
golang-github-theupdateframework-notary-0.7.0-4.fc37
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc37
golang-gopkg-src-d-git-4-4.13.1-7.fc37
golang-k8s-apiextensions-apiserver-1.22.0-5.fc37
golang-k8s-code-generator-1.22.0-3.fc37
golang-k8s-kube-aggregator-1.22.0-3.fc37
golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc37
golang-k8s-sample-apiserver-1.22.0-4.fc37
golang-k8s-sample-controller-1.22.0-3.fc37
golang-mongodb-mongo-driver-1.4.5-5.fc37
golang-storj-drpc-0.0.16-5.fc37
golang-x-debug-0-0.13.20210123gitc934e1b.fc37
golang-x-exp-0-0.42.20220330git053ad81.fc37
golang-x-perf-0-0.14.20210123gitbdcc622.fc37
gopass-1.13.1-2.fc37
grpcurl-1.8.6-2.fc37
onionscan-0.2-6.fc37
open-policy-agent-0.31.0-4.fc37
shellz-1.5.0-6.fc37
shhgit-0.2-6.fc37
snowcrash-0-0.6.20201119git49b99ad.fc37
xq-0.0.7-3.fc37

Update description:

Rebuild for CVE-2022-27191

Read More

git-2.36.0-1.fc36

Read Time:51 Second

FEDORA-2022-e99ae504f5

Packages in this update:

git-2.36.0-1.fc36

Update description:

Update to 2.36.0 (release notes)

Among the changes, this release includes changes to address CVE-2022-24765. Per the release announcement:

On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in C:.git, in a mounted network drive or in a scratch space. Merely having a Git-aware prompt that runs git status (or git diff) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user.

A broad “escape hatch” is available in cases where all the repositories you may enter are considered safe, regardless of their ownership. Quoting another release announcement:

* can be used as the value for the safe.directory variable to signal that the user considers that any directory is safe.

Read More

Conti’s Ransomware Toll on the Healthcare Industry

Read Time:4 Minute, 55 Second

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “Ryuk.”

On April 13, Microsoft said it executed a legal sneak attack against Zloader, a remote access trojan and malware platform that multiple ransomware groups have used to deploy their malware inside victim networks. More specifically, Microsoft obtained a court order that allowed it to seize 65 domain names that were used to maintain the Zloader botnet.

Microsoft’s civil lawsuit against Zloader names seven “John Does,” essentially seeking information to identify cybercriminals who used Zloader to conduct ransomware attacks. As the company’s complaint notes, some of these John Does were associated with lesser ransomware collectives such as Egregor and Netfilim.

But according to Microsoft and an advisory from the U.S. Cybersecurity & Infrastructure Security Agency (CISA), Zloader had a special relationship with Ryuk/Conti, acting as a preferred distribution platform for deploying Ryuk/Conti ransomware.

Several parties backed Microsoft in its legal efforts against Zloader by filing supporting declarations, including Errol Weiss, a former penetration tester for the U.S. National Security Agency (NSA). Weiss now serves as the chief security officer of the Health Information Sharing & Analysis Center (H-ISAC), an industry group that shares information about cyberattacks against healthcare providers.

Weiss said ransomware attacks from Ryuk/Conti have impacted hundreds of healthcare facilities across the United States, including facilities located in 192 cities and 41 states and the District of Columbia.

“The attacks resulted in the temporary or permanent loss of IT systems that support many of the provider delivery functions in modern hospitals resulting in cancelled surgeries and delayed medical care,” Weiss said in a declaration (PDF) with the U.S. District Court for the Northern District of Georgia.

“Hospitals reported revenue losses due to Ryuk infections of nearly $100 million from data I obtained through interviews with hospital staff, public statements, and media articles,” Weiss wrote. “The Ryuk attacks also caused an estimated $500 million in costs to respond to the attacks – costs that include ransomware payments, digital forensic services, security improvements and upgrading impacted systems plus other expenses.”

The figures cited by Weiss appear highly conservative. A single attack by Ryuk/Conti in May 2021 against Ireland’s Health Service Executive, which operates the country’s public health system, resulted in massive disruptions to healthcare in Ireland. In June 2021, the HSE’s director general said the recovery costs for that attack were likely to exceed USD $600 million.

Conti ravaged the healthcare sector throughout 2020, and leaked internal chats from the Conti ransomware group show the gang had access to more than 400 healthcare facilities in the U.S. alone by October 2020.

On Oct. 28, 2020, KrebsOnSecurity broke the news that FBI and DHS officials had seen reliable intelligence indicating the group planned to ransom many of these care facilities simultaneously. Hours after that October 2020 piece ran, I heard from a respected H-ISAC security professional who questioned whether it was worth getting the public so riled up. The story had been updated multiple times throughout the day, and there were at least five healthcare organizations hit with ransomware within the span of 24 hours.

“I guess it would help if I understood what the baseline is, like how many healthcare organizations get hit with ransomware on average in one week?” I asked the source.

“It’s more like one a day,” the source confided.

A report in February 2022 from Sophos found Conti orchestrated a cyberattack against a Canadian healthcare provider in late 2021. Security software firm Emsisoft found that at least 68 healthcare providers suffered ransomware attacks last year.

While Conti is just one of many ransomware groups threatening the healthcare industry, it seems likely that ransomware attacks on the healthcare sector are underreported. Perhaps this is because a large percentage of victims are paying a ransom demand to keep their data (and news of their breach) confidential. A survey published in February by email security provider Proofpoint found almost 60 percent of victims hit by ransomware paid their extortionists.

Or perhaps it’s because many crime groups have shifted focus away from deploying ransomware and toward stealing data and demanding payment not to publish the information. Conti shames victims who refuse to pay a ransom by posting their internal data on their darkweb blog.

Since the beginning of 2022, Conti has claimed responsibility for hacking a cancer testing lab, a medical prescription service online, a biomedical testing facility, a pharmaceutical company, and a spinal surgery center.

The Healthcare Information and Management Systems Society recently released its 2021 HIMSS Healthcare Cybersecurity Survey (PDF), which interviewed 167 healthcare cybersecurity professionals and found 67 percent had experienced a “significant security incident” in the past year.

The survey also found that just six percent or less of respondent’s information technology budgets were devoted to cybersecurity, although roughly 60 percent of respondents said their cybersecurity budgets would increase in 2022. Last year, just 79 percent of respondents said they’d fully implemented antivirus or other anti-malware systems; only 43 percent reported they’d fully implemented intrusion detection and prevention technologies.

The FBI says Conti typically gains access to victim networks through weaponized malicious email links, attachments, or stolen Remote Desktop Protocol (RDP) credentials, and that it weaponizes Microsoft Office documents with embedded Powershell scripts — initially staging Cobalt Strike via the Office documents and then dropping Emotet onto the network — giving them the ability to deploy ransomware. The FBI said Conti has been observed inside victim networks between four days and three weeks on average before deploying Conti ransomware.

Read More

GitHub repositories compromised by stolen OAuth tokens

Read Time:30 Second

Salesforce-owned PaaS vendor Heroku and GitHub have both warned that compromised OAuth user tokens were likely used to download private data from organizations using Heroku and continuous integration and testing service Travis CI, according to statements issued late last week.

It’s unlikely that GitHub itself was compromised, according to the ubiquitous source code repository’s blog post, since the OAuth tokens in question aren’t stored by GitHub in usable formats, and more likely that they were taken from Heroku and Travis CI’s applications that use the OAuth framework for authentication.

To read this article in full, please click here

Read More

CVE-2020-28604

Read Time:23 Second

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_next().

Read More

CVE-2020-28603

Read Time:23 Second

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_prev().

Read More

CVE-2020-28602

Read Time:22 Second

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_vertex() Halfedge_of[].

Read More