mattotcha, 8 days ago to Cybersecurity

Federal agency warns critical Linux vulnerability being actively exploited
https://arstechnica.com/security/2024/05/federal-agency-warns-critical-linux-vulnerability-being-actively-exploited/ #CISA #cybersecurity #linux #vulnerability #exploit

majorlinux, 9 days ago to linux

Patch your systems if you haven't already!

Federal agency warns critical Linux vulnerability being actively exploited

https://arstechnica.com/security/2024/05/federal-agency-warns-critical-linux-vulnerability-being-actively-exploited/

#Linux #Vulnerability #CISA #Tech #Security #InfoSec

kubikpixel, 9 days ago (edited 9 days ago) to linux German

Meiner Meinung nach wird in der Open-Source Szene die IT-Sicherheit nicht versprochen, sondern meistens rasch umgesetzt und frei verteilt. Auch wenn das hier nun anders ist.

»Linux – root-Lücke wird aktiv missbraucht:
Die IT-Sicherheitsbehörde CISA warnt vor aktiven Angriffen auf eine Linux-Lücke. Angreifer verschaffen sich damit root-Rechte.«

🔥 https://www.heise.de/news/Linux-Luecke-Angreifer-verschaffen-sich-root-Rechte-9742699.html

—
#linux #itsicherheit #root #debian #fedora #redhat #ubuntu #opensource #it #cisa

governa, 28 days ago to random

Is #CISA's Secure by Design Pledge Toothless?

https://www.darkreading.com/cybersecurity-operations/rsa-2024-cisa-secure-design-pledge-necessary-toothless

br00t4c, 1 month ago to chinese

CISA boss: Secure code is the 'only way to make ransomware a shocking anomaly'

#chinese #cisa

https://go.theregister.com/feed/www.theregister.com/2024/05/08/cisa_ransomware_rsac/

br00t4c, 1 month ago to random

CISA's early-warning system helped critical orgs close 852 ransomware holes

#cisa #ransomware

https://go.theregister.com/feed/www.theregister.com/2024/05/07/cisas_ransomware_warnings/

br00t4c, 1 month ago to random

The truth about KEV: CISA's vuln deadlines good influence on private-sector patching

#cisa #truth

https://go.theregister.com/feed/www.theregister.com/2024/05/07/cisas_vulnerability_deadlines/

br00t4c, 1 month ago to random

CISA says 'no more' to decades-old directory traversal bugs

#attacks #cisa

https://go.theregister.com/feed/www.theregister.com/2024/05/06/cisa_alert_dt_bugs/

governa, 1 month ago to random

Critical #GitLab Bug Under Exploit Enables Account Takeover, #CISA Warns ⚠️ :gitlab:

https://www.darkreading.com/application-security/critical-gitlab-bug-exploit-account-takeover-cisa

tallship, 1 month ago to browsers

After several years of warning after warning after advisory after advisory and calls to repeatedly update or remove and NOT USE CHROME by the Department of Homeland Security, it should be inconceivable that anyone does - but they do.

Sometimes these are patched with automatic updates before horrific and catastrophic results occur, sometimes not. To be frank, part of the problem stems from the fact that Chrome is the largest attack surface out there where browsers are concerned, but notwithstanding it being the fav target are also serious privacy concerns that aren't shared by other chromium based browsers.

To be fair, many exploits are indeed shared by other chromium based browsers, but not most, while some are related to other browser capabilities, like WebRTC, but it's still best to just ditch Chrome and never look back.

Here's more coverage on vulnerabilities issued less than a month ago. It took 3 seconds to bring this up, and no, not using Google, which didn't reveal this when I tried that search engine in a subsequent search, lolz. Why would they return SERPs that poo poo their own product?

This one did come up in a google search

There's truly only one way to ensure safety - unplug. But there's a lot of simple things you can do to exact a reasonable level of security, so why not observe some of those best practices? It's not like it will cramp your style.

Anyway, that's my two cents. h/t to @darnell for raising awareness of this latest brokewell. Make sure you take the time to visit the link he's provided for you too.

There are plenty of #Browsers that run on #Android (to name a few, alphabetized):

• Brave Browser
• Chromium
• DuckDuckGo
• Firefox
• Kiwi
• Vivaldi

IMO, No one should be running Chrome - Desktop or otherwise. It's a privacy nightmare even when there aren't CERT warnings circulating.

#tallship #brokewell #zero_day #CISA #CERT #DHS

⛵

.

RE: https://one.darnell.one/users/darnell/statuses/112371221294882180

@darnell

br00t4c, 1 month ago to Cybersecurity

CISA ransomware warning program will launch this year

#cisa #cybersecurity

https://www.theverge.com/2024/4/25/24140425/cisa-ransomware-warning-program

RedPacketSecurity, 1 month ago to OSINT

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller - https://www.redpacketsecurity.com/cisa-cisco-releases-security-advisories-for-cisco-integrated-management-controller-19-04-2024/

#CISA #OSINT #ThreatIntel #Cyber

carol, 1 month ago to rust

I wrote a guest post on the Rust Foundation blog on my experience attending the #CISA Open Source Software Security Summit:

https://foundation.rust-lang.org/news/attending-cisas-open-source-software-security-summit/

#RustLang

johnleonard, 1 month ago to Russia

CISA issues emergency order on Microsoft breach by Russian hackers

Affected bodies must take immediate action, agency says

https://www.computing.co.uk/news/4196664/cisa-issues-emergency-order-microsoft-breach-russian-hackers

#cisa #midnightblizzard #russia #nobelium #microsoft #infosec

br00t4c, 1 month ago to random

Why CISA Is Warning CISOs About a Breach At Sisense

#anonymous #cisa

https://it.slashdot.org/story/24/04/11/2230246/why-cisa-is-warning-cisos-about-a-breach-at-sisense