The FBI and CISA said ransomware on local networks may cause delays but won’t impact voting system integrity
USN-6951-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– M68K architecture;
– User-Mode Linux (UML);
– x86 architecture;
– Accessibility subsystem;
– Character device driver;
– Clock framework and drivers;
– CPU frequency scaling framework;
– Hardware crypto device drivers;
– Buffer Sharing and Synchronization framework;
– FireWire subsystem;
– GPU drivers;
– HW tracing;
– Macintosh device drivers;
– Multiple devices driver;
– Media drivers;
– Network drivers;
– Pin controllers subsystem;
– S/390 drivers;
– SCSI drivers;
– SoundWire subsystem;
– Greybus lights staging drivers;
– TTY drivers;
– Framebuffer layer;
– Virtio drivers;
– 9P distributed file system;
– eCrypt file system;
– EROFS file system;
– Ext4 file system;
– F2FS file system;
– JFFS2 file system;
– Network file system client;
– NILFS2 file system;
– SMB network file system;
– Kernel debugger infrastructure;
– IRQ subsystem;
– Tracing infrastructure;
– Dynamic debug library;
– 9P file system network protocol;
– Bluetooth subsystem;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Netfilter;
– NET/ROM layer;
– NFC subsystem;
– NSH protocol;
– Open vSwitch;
– Phonet protocol;
– TIPC protocol;
– Unix domain sockets;
– Wireless networking;
– eXpress Data Path;
– XFRM subsystem;
– ALSA framework;
(CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399,
CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919,
CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558,
CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633,
CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886,
CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971,
CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353,
CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661,
CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381,
CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017,
CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612,
CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567,
CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019,
CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882,
CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940,
CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582,
CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954,
CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902,
CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941,
CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270,
CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)
New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks
Xeon Sender features SMS spam via APIs, Nexmo/Twilio credentials validation and phone number generation
USN-6968-1: PostgreSQL vulnerability
Noah Misch discovered that PostgreSQL incorrectly handled certain
SQL objects. An attacker could possibly use this issue to execute
arbitrary SQL functions as the superuser.
Microsoft Apps for macOS Exposed to Library Injection Attacks
Cisco Talos researchers found a flaw in eight Microsoft apps for macOS that could enable library injection attacks, putting sensitive data at risk
python3.6-3.6.15-35.fc41
FEDORA-2024-96ed485f6d
Packages in this update:
python3.6-3.6.15-35.fc41
Update description:
Automatic update for python3.6-3.6.15-35.fc41.
Changelog
* Fri Aug 16 2024 Tomáš Hrnčiar <thrnciar@redhat.com> – 3.6.15-35
– Security fix for CVE-2024-6923 (rhbz#2303161)
python3.6-3.6.15-35.fc42
FEDORA-2024-945226bee4
Packages in this update:
python3.6-3.6.15-35.fc42
Update description:
Automatic update for python3.6-3.6.15-35.fc42.
Changelog
* Fri Aug 16 2024 Tomáš Hrnčiar <thrnciar@redhat.com> – 3.6.15-35
– Security fix for CVE-2024-6923 (rhbz#2303161)
Ransomware Resilience Drives Down Cyber Insurance Claims
Cyber insurance claims in the UK have fallen by over a third between 2022 and 2024 as businesses refuse ransom payments
The State of Ransomware
Palo Alto Networks published its semi-annual report on ransomware. From the Executive Summary:
Unit 42 monitors ransomware and extortion leak sites closely to keep tabs on threat activity. We reviewed compromise announcements from 53 dedicated leak sites in the first half of 2024 and found 1,762 new posts. This averages to approximately 294 posts a month and almost 68 posts a week. Of the 53 ransomware groups whose leak sites we monitored, six of the groups accounted for more than half of the compromises observed.
In February, we reported a 49% increase year-over-year in alleged victims posted on ransomware leak sites. So far, in 2024, comparing the first half of 2023 to the first half of 2024, we see an even further increase of 4.3%. The higher level of activity observed in 2023 was no fluke.
Activity from groups like Ambitious Scorpius (distributors of BlackCat) and Flighty Scorpius (distributors of LockBit) has largely fallen off due to law enforcement operations. However, other threat groups we track such as Spoiled Scorpius (distributors of RansomHub) and Slippery Scorpius (distributors of DragonForce) have joined the fray to fill the void.
How to Use Mailvelope for Encrypted Email on Gmail
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article.
In the previous blog we covered how to use PGP keys for encrypting and decrypting emails on desktop clients like Thunderbird and Outlook. Now, let’s take a look on securing your emails without too much hassle using OpenPGP on webmail services like Gmail using the Mailvelope extension for Google Chrome.
Setting Up Mailvelope on Google Chrome
To smoothen the process login to your webmail before proceeding to further steps, in this scenario login to your gmail account and follow further steps:
Install Mailvelope Extension:
Go to the Browser Web Store. Since we are using Google Chrome we will head to Chrome Web Store
Search for Mailvelope: In the search bar, type “Mailvelope” and press Enter, alternatively you can directly access mailvelope browser extension here
Add to Chrome: Click on the Mailvelope extension from the search results, and then click the “Add to Chrome” button. Confirm the installation by clicking “Add extension” in the pop-up window.
Access Mailvelope:
Go to the Extensions Toolbar: Once Mailvelope is installed, go to the extensions icon (a puzzle piece) in the Chrome toolbar.
Select Mailvelope: Click on the Mailvelope icon and select “Let’s start.”
You will be taken to the Mailvelope Key Management page. Since this is your first time using Mailvelope, you will need to generate a new pair of keys. On the Key Management page, click the “Generate Key” button.
You will be prompted to fill out a form. Enter your name and email address. Under the advanced tab, you can set the algorithm (usually RSA), key size (at least 2048 bits for good security), and key expiration date. Additionally, set a strong password to validate your key.
Generate the Key:
After entering your details, click “Generate.”
The key generation process will take a moment as Mailvelope works its magic in the background. Once the keys are generated, you will see a message saying that the new key has been generated and imported into your key ring. You will also receive an email for account verification.
Voila! an encrypted email. Click on show message and enter the password you setup during the key generation process to decrypt the email.
After that follow the verification link in email to verify your account. Congratulations, your PGP keys are now set up! (If you already generated a PGP key pair using the steps from the previous article, you can import them into Mailvelope instead of generating new ones using import key option on the key management page.)
Now that your keys are set up, you can start sending and receiving encrypted emails.
Click on the mailvelope icon adjacent to compose in gmail, now the extension will ask required permissions to read and send email. After that you will be prompted with a compose secure email form.
Choose the recipient’s public key from your key ring and complete the encryption process. After that you will be required to sign the message by providing the Key password
Mailvelope makes it easy to send and receive encrypted emails directly from your web browser. By following these steps, you can ensure that your email communications remain private and secure. Remember, while Mailvelope is a convenient tool, there are other solutions available, and you should choose the one that best fits your needs. Stay safe and keep your digital communications protected!