Tux Machines

Security Leftovers

Posted by Roy Schestowitz on May 19, 2024

Programming Leftovers
Audiocasts/Shows: GNU World Order, This Week in Linux, and The Linux Link Tech Show

Tom's Hardware ☛ Jailbroken coin-operated washing machines unlock unlimited free cycles and millions in funds — unpatched security vulnerability could also pose a fire hazard

↺ Jailbroken coin-operated washing machines unlock unlimited free cycles and millions in funds — unpatched security vulnerability could also pose a fire hazard
Sherbrooke and Taranenko of UC Santa Cruz found a flaw in the CSC Serviceworks app called CSC Go, where it has a flawed API allowing a custom script to authorize free laundry cycles, add credits to the account, and bypass its safety checks, potentially making its internet-connected washing machines a fire hazard.

SANS ☛ Wireshark 4.2.5 Released, (Sat, May 18th)

↺ Wireshark 4.2.5 Released, (Sat, May 18th)
Wireshark release 4.2.5 fixes 3 vulnerabilities...
↺ 4.2.5
↺ 4.2.5

IT Wire ☛ Kernels shipped by Linux vendors 'less secure than upstream stable offering'

↺ Kernels shipped by Linux vendors 'less secure than upstream stable offering'
Three software engineers from CIQ, a GNU/Linux company, have found that the kernels shipped by commercial firms have more unpatched flaws than the upstream stable kernel which is maintained by Linux developer Greg Kroah-Hartman.

LinuxSecurity ☛ Research Indicates All Linux Vendor Kernels Are Insecure - But There's a Fix!

↺ Research Indicates All Linux Vendor Kernels Are Insecure - But There's a Fix!
Recent research sheds light on the security vulnerabilities prevalent in Linux vendor kernels due to flawed engineering processes that backport fixes. It emphasizes the importance of using the most up-to-date kernel releases for enhanced security, challenging the traditional vendor-bound kernel model.

LinuxSecurity ☛ How to Keep Your GNU/Linux System Safe from Kernel Bugs

↺ How to Keep Your GNU/Linux System Safe from Kernel Bugs
Linux admins and security practitioners face significant challenges in keeping their GNU/Linux systems secure amidst the constant threat of kernel bugs. Understanding and mitigating the vulnerabilities in the Linux kernel is essential in safeguarding your systems against exploits leading to compromise. Let's examine why kernel vulnerabilities are such a severe threat and mitigation strategies for protecting against them.

Tom's Hardware ☛ Idle backdoored Windows XP and 2000 machines get infected with viruses within minutes of being exposed online — legacy OSes compromised by just connecting to the Internet

↺ Idle backdoored Windows XP and 2000 machines get infected with viruses within minutes of being exposed online — legacy OSes compromised by just connecting to the Internet
A YouTuber installs a backdoored Windows XP VM without using any basic security measures to see how many viruses the OS will get. Within minutes, the OS has several viruses infecting the VM.
gemini.tuxmachines.org