News

FBI and CISA Assure Public on Election Ransomware Security

Read Time:6 Second

The FBI and CISA said ransomware on local networks may cause delays but won’t impact voting system integrity

Read More

Advisories

USN-6951-3: Linux kernel (Azure) vulnerabilities

Read Time:2 Minute, 7 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– M68K architecture;
– User-Mode Linux (UML);
– x86 architecture;
– Accessibility subsystem;
– Character device driver;
– Clock framework and drivers;
– CPU frequency scaling framework;
– Hardware crypto device drivers;
– Buffer Sharing and Synchronization framework;
– FireWire subsystem;
– GPU drivers;
– HW tracing;
– Macintosh device drivers;
– Multiple devices driver;
– Media drivers;
– Network drivers;
– Pin controllers subsystem;
– S/390 drivers;
– SCSI drivers;
– SoundWire subsystem;
– Greybus lights staging drivers;
– TTY drivers;
– Framebuffer layer;
– Virtio drivers;
– 9P distributed file system;
– eCrypt file system;
– EROFS file system;
– Ext4 file system;
– F2FS file system;
– JFFS2 file system;
– Network file system client;
– NILFS2 file system;
– SMB network file system;
– Kernel debugger infrastructure;
– IRQ subsystem;
– Tracing infrastructure;
– Dynamic debug library;
– 9P file system network protocol;
– Bluetooth subsystem;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Netfilter;
– NET/ROM layer;
– NFC subsystem;
– NSH protocol;
– Open vSwitch;
– Phonet protocol;
– TIPC protocol;
– Unix domain sockets;
– Wireless networking;
– eXpress Data Path;
– XFRM subsystem;
– ALSA framework;
(CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399,
CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919,
CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558,
CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633,
CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886,
CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971,
CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353,
CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661,
CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381,
CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017,
CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612,
CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567,
CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019,
CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882,
CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940,
CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582,
CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954,
CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902,
CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941,
CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270,
CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)

Read More

News

The State of Ransomware

Read Time:58 Second

Palo Alto Networks published its semi-annual report on ransomware. From the Executive Summary:

Unit 42 monitors ransomware and extortion leak sites closely to keep tabs on threat activity. We reviewed compromise announcements from 53 dedicated leak sites in the first half of 2024 and found 1,762 new posts. This averages to approximately 294 posts a month and almost 68 posts a week. Of the 53 ransomware groups whose leak sites we monitored, six of the groups accounted for more than half of the compromises observed.

In February, we reported a 49% increase year-over-year in alleged victims posted on ransomware leak sites. So far, in 2024, comparing the first half of 2023 to the first half of 2024, we see an even further increase of 4.3%. The higher level of activity observed in 2023 was no fluke.

Activity from groups like Ambitious Scorpius (distributors of BlackCat) and Flighty Scorpius (distributors of LockBit) has largely fallen off due to law enforcement operations. However, other threat groups we track such as Spoiled Scorpius (distributors of RansomHub) and Slippery Scorpius (distributors of DragonForce) have joined the fray to fill the void.

Read More

News

How to Use Mailvelope for Encrypted Email on Gmail

Read Time:2 Minute, 55 Second

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

In the previous blog we covered how to use PGP keys for encrypting and decrypting emails on desktop clients like Thunderbird and Outlook. Now, let’s take a look on securing your emails without too much hassle using OpenPGP on webmail services like Gmail using the Mailvelope extension for Google Chrome.

Setting Up Mailvelope on Google Chrome

To smoothen the process login to your webmail before proceeding to further steps, in this scenario login to your gmail account and follow further steps:

Install Mailvelope Extension:

Go to the Browser Web Store. Since we are using Google Chrome we will head to Chrome Web Store

Search for Mailvelope: In the search bar, type “Mailvelope” and press Enter, alternatively you can directly access mailvelope browser extension here

Add to Chrome: Click on the Mailvelope extension from the search results, and then click the “Add to Chrome” button. Confirm the installation by clicking “Add extension” in the pop-up window.

Access Mailvelope:

Go to the Extensions Toolbar: Once Mailvelope is installed, go to the extensions icon (a puzzle piece) in the Chrome toolbar.

Select Mailvelope: Click on the Mailvelope icon and select “Let’s start.”

You will be taken to the Mailvelope Key Management page. Since this is your first time using Mailvelope, you will need to generate a new pair of keys. On the Key Management page, click the “Generate Key” button.

You will be prompted to fill out a form. Enter your name and email address. Under the advanced tab, you can set the algorithm (usually RSA), key size (at least 2048 bits for good security), and key expiration date. Additionally, set a strong password to validate your key.

Generate the Key:

After entering your details, click “Generate.”

The key generation process will take a moment as Mailvelope works its magic in the background. Once the keys are generated, you will see a message saying that the new key has been generated and imported into your key ring. You will also receive an email for account verification.

Voila! an encrypted email. Click on show message and enter the password you setup during the key generation process to decrypt the email.

After that follow the verification link in email to verify your account. Congratulations, your PGP keys are now set up! (If you already generated a PGP key pair using the steps from the previous article, you can import them into Mailvelope instead of generating new ones using import key option on the key management page.)

Now that your keys are set up, you can start sending and receiving encrypted emails.

Click on the mailvelope icon adjacent to compose in gmail, now the extension will ask required permissions to read and send email. After that you will be prompted with a compose secure email form.

Choose the recipient’s public key from your key ring and complete the encryption process. After that you will be required to sign the message by providing the Key password

Mailvelope makes it easy to send and receive encrypted emails directly from your web browser. By following these steps, you can ensure that your email communications remain private and secure. Remember, while Mailvelope is a convenient tool, there are other solutions available, and you should choose the one that best fits your needs. Stay safe and keep your digital communications protected!

Read More

News, Advisories and much more

Exit mobile version