chromium-125.0.6422.60-3.el7

Read Time:17 Second

FEDORA-EPEL-2024-07403ba3a8

Packages in this update:

chromium-125.0.6422.60-3.el7

Update description:

update to 125.0.6422.60

High CVE-2024-4947: Type Confusion in V8
High CVE-2024-4948: Use after free in Dawn
Medium CVE-2024-4949: Use after free in V8
Low CVE-2024-4950: Inappropriate implementation in Downloads

Read More

USN-6777-2: Linux kernel (Azure) vulnerabilities

Read Time:48 Second

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could possibly
use this to cause a denial of service (system crash). (CVE-2023-47233)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Block layer subsystem;
– Userspace I/O drivers;
– Ceph distributed file system;
– Ext4 file system;
– JFS file system;
– NILFS2 file system;
– Bluetooth subsystem;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– MAC80211 subsystem;
– Netlink;
– NFC subsystem;
– Tomoyo security module;
(CVE-2023-52524, CVE-2023-52530, CVE-2023-52601, CVE-2023-52439,
CVE-2024-26635, CVE-2023-52602, CVE-2024-26614, CVE-2024-26704,
CVE-2023-52604, CVE-2023-52566, CVE-2021-46981, CVE-2024-26622,
CVE-2024-26735, CVE-2024-26805, CVE-2024-26801, CVE-2023-52583)

Read More

USN-6766-3: Linux kernel (AWS) vulnerabilities

Read Time:2 Minute, 44 Second

It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– PowerPC architecture;
– S390 architecture;
– Core kernel;
– Block layer subsystem;
– Android drivers;
– Power management core;
– Bus devices;
– Hardware random number generator core;
– Cryptographic API;
– Device frequency;
– DMA engine subsystem;
– ARM SCMI message protocol;
– GPU drivers;
– HID subsystem;
– Hardware monitoring drivers;
– I2C subsystem;
– IIO ADC drivers;
– IIO subsystem;
– IIO Magnetometer sensors drivers;
– InfiniBand drivers;
– Media drivers;
– Network drivers;
– PCI driver for MicroSemi Switchtec;
– PHY drivers;
– SCSI drivers;
– DesignWare USB3 driver;
– BTRFS file system;
– Ceph distributed file system;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– NILFS2 file system;
– NTFS3 file system;
– Pstore file system;
– SMB network file system;
– Memory management;
– CAN network layer;
– Networking core;
– HSR network protocol;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– Multipath TCP;
– Netfilter;
– NFC subsystem;
– SMC sockets;
– Sun RPC protocol;
– TIPC protocol;
– Unix domain sockets;
– Realtek audio codecs;
(CVE-2023-52594, CVE-2023-52601, CVE-2024-26826, CVE-2023-52622,
CVE-2024-26665, CVE-2023-52493, CVE-2023-52633, CVE-2024-26684,
CVE-2024-26663, CVE-2023-52618, CVE-2023-52588, CVE-2023-52637,
CVE-2024-26825, CVE-2023-52606, CVE-2024-26594, CVE-2024-26625,
CVE-2024-26720, CVE-2024-26614, CVE-2023-52627, CVE-2023-52602,
CVE-2024-26673, CVE-2024-26685, CVE-2023-52638, CVE-2023-52498,
CVE-2023-52619, CVE-2024-26910, CVE-2024-26689, CVE-2023-52583,
CVE-2024-26676, CVE-2024-26671, CVE-2024-26704, CVE-2024-26608,
CVE-2024-26610, CVE-2024-26592, CVE-2023-52599, CVE-2023-52595,
CVE-2024-26660, CVE-2023-52617, CVE-2024-26645, CVE-2023-52486,
CVE-2023-52631, CVE-2023-52607, CVE-2023-52608, CVE-2024-26722,
CVE-2024-26615, CVE-2023-52615, CVE-2024-26636, CVE-2023-52642,
CVE-2023-52587, CVE-2024-26712, CVE-2024-26675, CVE-2023-52614,
CVE-2024-26606, CVE-2024-26916, CVE-2024-26600, CVE-2024-26679,
CVE-2024-26829, CVE-2024-26641, CVE-2023-52623, CVE-2024-26627,
CVE-2024-26696, CVE-2024-26640, CVE-2024-26635, CVE-2023-52491,
CVE-2024-26664, CVE-2024-26602, CVE-2023-52604, CVE-2024-26717,
CVE-2023-52643, CVE-2024-26593, CVE-2023-52598, CVE-2024-26668,
CVE-2023-52435, CVE-2023-52597, CVE-2024-26715, CVE-2024-26707,
CVE-2023-52635, CVE-2024-26695, CVE-2024-26698, CVE-2023-52494,
CVE-2024-26920, CVE-2024-26808, CVE-2023-52616, CVE-2023-52492,
CVE-2024-26702, CVE-2024-26644, CVE-2023-52489, CVE-2024-26697)

Read More

How to Safely Date Online

Read Time:4 Minute, 37 Second

According to Pew, three-in-ten U.S. adults say they have used a dating site or app. That number climbs to 53% for people under the age of 30. More and more people are turning to digital platforms to find love and companionship or simply to expand their social circles. However, as the popularity of online dating grows, so do the potential risks associated with it. From privacy concerns to identity theft, the digital dating world can be fraught with peril if you’re not careful. But fear not, by following a few simple guidelines, you can navigate the online dating scene safely and securely.

This article is for you or anyone you know who may be hopping onto an online dating app like Match, Bumble, Plenty of Fish, eHarmony, Tinder, or OkCupid. Think of it as an advice column of a different sort, where we talk about dating in light of your online privacy and safety.

Protecting your privacy while dating online

For starters, we have a couple of previous blogs that offer sound advice about online dating. The first covers ways you can protect your privacy when you’re using online dating apps, which starts with picking a dating app that has a good reputation. The second rounds out the topic with further online dating advice for adults and teens alike. Give them a look!

Go into dating feeling confident and secure.

It starts with basic hygiene. Digital hygiene, that is. Before you dive into a dating app, ensure that your device (and all your connected devices while you’re at it) has a comprehensive security solution in place. As you surf, chat, and meet up online, you’ll want to know that you’re protected against malware, viruses, phishing attacks, sketchy links, and so forth. Other features will come in handy (and be necessary as well), like ones that help you manage your passwords, protect your identity, safeguard your privacy, and more—all of which we’ll talk about in a bit.

Pick a winner

Picking the right app is like picking the right date. From a security standpoint, these apps are the keepers of highly personal information about you, so you’ll want to know how they handle data, what privacy protections are in place, what information they gather when you first sign up, and what they continue to gather as you use the app. Do your research. Read up on their privacy policies. See what other people have to say about their experiences. And get a sense of what the app is all about. What’s its approach to dating? What kind of relationships are they focusing on? Make sure all of it feels right to you.

Don’t get too personal

Only give the app the information that’s absolutely necessary to sign up. Dating apps ask questions so that they can help you find an ideal match, yet only share what you feel comfortable sharing. This is true from a personal standpoint, but it’s true from a security standpoint too. Anything you share along those lines could be at risk of a hack or a breach, the likes of which were reported by Wired and Forbes last year. If your info is compromised, it could lead to anywhere from identity theft to harassment, so when you use a dating app, keep the sharing to a minimum—and keep your eyes peeled for any suspicious activity across your social media, online accounts, and even your finances.

Passwords are your pal

Another password to remember! That’s just what you need, right? Right! It absolutely is, and a strong one is vital. You can create one and manage all of your passwords with McAfee+’s password manager. It’ll encrypt your passwords and use multi-factor authentication, which offers even further protection from hacks and attacks on your account.

Use a VPN for extra privacy

You can help keep your chats more private, and just about anything else you’re doing online, by using a VPN (virtual private network). For example, our VPN uses bank-level encryption to keep your personal data and activities private from hackers. And it’ll hide other information associated with your dating account while you’re online, like personal details, credit card numbers, and so forth. Given the security risks we’ve talked about so far, you’ll want to look into a VPN.

Use caution with public Wi-Fi

If you’re not using a VPN on your device, don’t use your dating app on public Wi-Fi. The issue is this: plenty of public Wi-Fi hotspots aren’t secure. Someone else on the network could easily intercept the information you send over it, including your passwords, any photos you share, and any chats you have. In other words, using public Wi-Fi without protection is like opening a door that leads right to you and your most personal data. This applies to everything on public Wi-Fi, not just dating apps. If you use public Wi-Fi at all, you really should use a VPN.

In the ever-evolving landscape of online dating, safeguarding your privacy and security is paramount. By implementing strategies such as using strong passwords, employing a reliable VPN, and exercising caution on public Wi-Fi, you can navigate the digital dating sphere with confidence. Remember, your safety and privacy are non-negotiable priorities in the pursuit of love and companionship online.

The post How to Safely Date Online appeared first on McAfee Blog.

Read More

IBM Sells Cybersecurity Group

Read Time:35 Second

IBM is selling its QRadar product suite to Palo Alto Networks, for an undisclosed—but probably surprisingly small—sum.

I have a personal connection to this. In 2016, IBM bought Resilient Systems, the startup I was a part of. It became part if IBM’s cybersecurity offerings, mostly and weirdly subservient to QRadar.

That was what seemed to be the problem at IBM. QRadar was IBM’s first acquisition in the cybersecurity space, and it saw everything through the lens of that SIEM system. I left the company two years after the acquisition, and near as I could tell, it never managed to figure the space out.

So now it’s Palo Alto’s turn.

Read More

Dissecting a Multi-stage Phishing Attack.

Read Time:6 Minute, 25 Second

Phishing is one of the most common forms of cyber attack that organizations face nowadays. A 2024 risk report states that 94% of organizations fall victim to phishing attacks, and 96% are negatively impacted by them. However, phishing attacks are not only growing in number but are also more sophisticated and successful. This is owing to the modern multi-stage phishing attack, which is common nowadays.

The multi-stage phishing attack is a sophisticated and multifaceted technique that increases the likelihood of success of an attack. While these attacks are becoming increasingly common, there needs to be more awareness of them. Therefore, to find relevant measures for mitigating these attacks, organizations must gain crucial insights regarding these multifaceted threats covered in this blog.

What is a Multi-stage Phishing Attack?

As its name suggests, a multi-stage phishing attack is a complex form of traditional phishing. In a multi-stage setup, a phishing attack relies on more deceptive strategies and phases rather than solely relying on one deceptive email, unlike in a traditional phishing attack.

All the phases within the multi-stage phishing attack are designed to build trust and gather relative information about the target over time. Since this approach works discreetly on a multi-phased setup, it allows threat actors to bypass advanced security measures such as residential proxies and phishing detection tools.

Multi-stage phishing attacks are a common occurrence in the modern cyber threat landscape. Attackers use this sophisticated layered tactic to deploy targeted ransomware or while conducting successful business email compromise (BEC) attacks.

Dissecting a multi-stage phishing attack

A multi-stage phishing attack is a sophisticated strategy that relies on a sequence of carefully designed steps. These steps help increase the probability of a successful phishing attack by evading advanced security and detection techniques. A typical multi-stage approach to the attack consists of the following phases:

Initial Contact

Like any traditional attack, the multi-stage attack starts with the threat actor initiating contact with the target through seemingly innocuous means. These include social media messages, phishing emails, or even physical methods such as USB drops.

Establishing Trust

After establishing contact with the target, the threat actor builds trust. This often involves impersonating legitimate entities or using communication channels familiar to the target, making it easy for them to fall victim and trust the threat actor.

Introducing Complexities

As the attack progresses, the threat actor introduces complexities such as using CAPTCHAs, QR Codes, and steganography to create further layers of deception, guaranteeing the attack’s success.

Exploitation

The final stage of the attack involves exploiting the target. At this stage, the threat actor could either deploy malware, extract sensitive information, or perform any other malicious activity that might have been the goal of the whole attack. This multi-layered nature of a phishing attack makes it hard to detect through traditional security tools like residential proxies and phishing detection tools. Therefore, it ultimately makes the attack successful.

How QR Codes, Captchas, and Steganography Are Used in Layered Phishing Attacks.

In a multi-stage phishing attack, QR Codes, steganography, and CAPTCHAs are used to overcome security barriers and increase the attack’s efficiency. Here is how each of these elements is used to ensure the attack is successful:

QR Codes

Quick Response or QR codes have become ubiquitous in various applications since they allow efficient data storage. They have several widespread uses, such as helping with contactless payments, linking physical objects to online content, etc. However, attackers have started exploiting the technology in various phishing campaigns, giving rise to “Quishing.”

Attackers use QR codes in credential harvesting and social engineering attacks and spread malware by embedding innocuous-looking QR codes with fake URLs. By using QR codes, attackers can bypass traditional phishing detection tools since they are designed to identify text-based phishing attempts and are, therefore, unable to decipher the content within QR codes.

CAPTCHAs

Thoroughly Automated Public Turing tests to tell computers and Humans apart is a longstanding defence method created to identify automated bots and defence scripts. CAPTCHAs play an essential role in web security and help enable account security by bypassing brute force attacks and unauthorised access. They also help bypass automated bot services that abuse online services and help distinguish between a genuine user and a probably malicious automated bot.

However, attackers exploit CAPTCHAs in phishing campaigns to instil a false sense of security or redirect users towards malicious content. Often, attackers include CAPTCHAs in phishing emails or fake websites to trick users into believing they are interacting with a legitimate platform. CAPTCHAs are also now commonly used in crowdsourcing attacks and social engineering attacks.

Steganography

Steganography is the science of concealing information within seemingly harmless files. The method aims to hide the very existence of a message and is commonly used in data protection and anonymous communication. Threat actors have also started exploiting steganography to embed malicious content. To achieve their goal, an attacker may covertly embed malicious content using image, audio or text-based steganography using imperceptible alternations within each.

In a phishing attack, attackers use steganography to evade detection. They may embed malware within harmless-looking documents and share them via phishing emails, allowing them to bypass detection. Additionally, attackers may use steganography in phishing sites to embed malicious URLs within files or images. Within advanced multi-layered phishing campaigns, a threat actor may use steganography across multiple media types to complicate the detection efforts.

How can organisations stay safe from these layered threats?

The main problem with multi-stage phishing attacks is that they are stealthy and sneaky. Since security tools and phishing detection software are often useless against them, the best way to stay safe from these threats is to practise vigilance and caution. Here is how organisations can ensure security:

It is crucial for organisations to regularly monitor and audit their network traffic to detect suspicious and malicious activities.
Organisations must have a robust incident response plan to ensure they react quickly and efficiently to attacks.
It is necessary for organisations to spread relevant information and employee training against phishing attacks and to provide relevant information regarding these multi-layered threats.
Organizations can use gaming learning modules to provide employees with hands-on, reality-based training and build experience in dealing with such attacks.
Employees must be given caution to verify any URL by hovering the cursor over it to avoid clicking on suspicious websites.
Organisations must ensure that they constantly learn and are aware of the latest phishing trends and techniques to recognize and avoid them.
There must be a trust-based system that will allow employees to report any suspicious activities immediately.
Employees must be aware of the need to exercise extreme caution while scanning QR codes, especially from unknown sources, locations, or messages.
CAPTCHAs must be handled with extreme caution. If a CAPTCHA appears embedded, it is best not to add personal information.
Every employee within the organisation must be made aware of steganography.
Employees must be forewarned to be wary of unsolicited files from unknown senders, especially when they arrive with suspicious messages.

While these methods are not entirely foolproof, they can provide reasonable security against multi-layered phishing attacks and could protect an organisation from significant damage.

Final Words

As the cyber threat landscape continues to evolve, traditional cyber attacks are becoming more sophisticated. While traditional phishing was already dangerous, stealthy, and harmful to organisations, its multifaceted version poses an even bigger threat that organisations must remain prepared against. Moreover, as traditional cyber attacks are evolving, there is also a dire need for organisations and cyber security professionals to introduce more sophisticated methods that will guarantee ultimate privacy and security from these modern threats.

Read More