Agencies of the US Government have issued a joint warning that hackers have revealed their capability to gain full system access to industrial control systems that might help enemy states sabotage critical infrastructure.
Read more in my article on the Tripwire State of Security blog.
The breach involved patient names, care provider names and appointment details
gzip-1.10-6.fc35
zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.
reproducer:
$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz
(the unfixed version of zgrep creates the file called pwned)
gzip-1.11-3.fc36
zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.
reproducer:
$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz
(the unfixed version of zgrep creates the file called pwned)
gzip-1.10-5.fc34
zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.
reproducer:
$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz
(the unfixed version of zgrep creates the file called pwned)
This is a current list of where and when I am scheduled to speak:
I’m speaking at Future Summits in Antwerp, Belgium on May 18, 2022.
I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022.
I’m speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn, Estonia on June 3, 2022.
I’m speaking at the RSA Conference 2022 in San Francisco, June 6-9, 2022.
I’m speaking at the Dublin Tech Summit in Dublin, Ireland, June 15-16, 2022.
The list is maintained on this page.
The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream that’s designed to attack a wide range of industrial control systems. This is clearly from a government, but no attribution is given. There’s also no indication of how the malware was discovered. It seems not to have been used yet.
More information. News article.
dhcp-4.4.2-12.b1.fc34
Security fix for CVE-2021-25220
Pulchritudinous women with glossy long hair are targeting Israeli officials via Facebook – but why? Scammers have found a new way to gain access to your most sensitive information – but how? And armchair detectives are helping investigating cold cases involving DNA – but should they?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
A wave of digital initiatives by organizations worldwide has created an explosion of human and machine identities that are increasing the exposure of those organizations to ransomware and supply chain threats, according to CyberArk’s 2022 Identity Security Threat Landscape report released Tuesday.
The report found that nearly four out of five of the 1,750 IT security decision makers surveyed for the report (79%) agreed that security was taking a back seat to other IT and digital initiatives. Those initiatives—especially those prioritizing remote or hybrid working, new digital services for customers and citizens, and increased outsourcing of remote vendors and suppliers—have created hundreds of thousands of new digital identities in each organization, which can increase their exposure to cybersecurity risk.
