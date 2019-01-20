Security: Updates, Congressional Campaigns, Malicious JavaScript and New FUD
Security updates for Thursday
What I Learned Trying To Secure Congressional Campaigns
This soul-crushing telethon is the principal activity of a Congressional campaign. Getting in its way is like getting between a mama bear and her cub. You are just going to find yourself clawed to death by a frantic finance director. Whatever you do to secure a campaign must not be an obstacle to fundraising.
Malicious JavaScript injected into WordPress sites using the latest plugin vulnerability
A stored cross-site script vulnerability was discovered last week in the popular WordPress Live Chat Support plugin. The vulnerability allows an unauthenticated attacker to update the plugin settings by calling an unprotected "admin_init hook" and injecting malicious JavaScript code everywhere on the site where Live Chat Support appears. All versions of this plugin prior to version 8.0.27 are vulnerable. The patched version for this vulnerability was released on May 16, 2019, and has been fixed for version 8.0.27 and higher.
iThreatLabZ researchers recently discovered what may be the first campaign in which attackers are exploiting the Live Chat Support plugin vulnerability and injecting a malicious script that is responsible for malicious redirection, pushing unwanted pop-ups and fake subscriptions. While it is not yet seen as a widespread attack, the number of compromised websites is growing (at the end of this blog there is a link to the names of the compromised sites).
[Attackers] actively exploit WordPress plugin flaw to send visitors to bad sites [iophk: "JavaScript, again. Ars Technica should not downplay JavaScript's role in making sites vulnerable."]
The vulnerability was fixed two weeks ago in WP Live Chat Support, a plugin for the WordPress content management system that has 50,000 active installations. The persistent cross-site scripting vulnerability allows attackers to inject malicious JavaScript into sites that use the plugin, which provides an interface for visitors to have live chats with site representatives.
Researchers from security firm Zscaler's ThreatLabZ say attackers are exploiting the vulnerability to cause sites using unpatched versions of WP Live Chat Support to redirect to malicious sites or to display unwanted popups. While the attacks aren't widespread, there have been enough of them to raise concern.
Stephen Michael Kellat: The Coming Cyber War
Facebook is a company based in the United States of America and that detail of location is key to this plot. Since the Internet has a global reach legislators from countries beyond the United States of America have wanted to question Mr. Zuckerberg himself. After ducking their calls, initially members of a committee from the UK House of Commons came across the ocean to grill Zuckerberg in Washington. Members of the Digital, Culture, Media, Sport Committee were investigating Russian interference in elections at the time. That testimony took place in February 2018. We can then fast forward to Zuckerberg facing multiple hearings before committees of the US House of Representatives and US Senate in April 2018. Again, members of those committees were asking questions concerning Russian interference. Similar questions were put to Zuckerberg in May 2018 by EU officials.
After that point, pressures begin to build in our chronology. An "international grand committee" met in London in November 2018. According to reports by Canadian television network Global, there were representatives from nine nations at this meeting. The report indicated that Canada, Ireland, Brazil, Argentina, Singapore, Belgium, France, Latvia, and the United Kingdom all had legislators represented to question the head of Facebook. He did not personally attend but was represented by Richard Allan, a company vice president. The report also shows one of the first indications of discussing an international accord to regulate Facebook. That idea was put forward at the meeting by Canadian federal legislator Charlie Angus of the NDP, Canada's socialist party.
Linux Fix Pending For Borked Hibernation After Disabling Hyper Threading
If you have begun disabling Intel Hyper Threading on your systems over security concerns in light of MDS/Zombieload and other vulnerabilities making HT look increasingly unsafe, you may have noticed your system doesn't resume properly after hibernation. Fortunately, a fix is on the way.
More operating systems have been adding options or even on the BSD front considering a default around disabling Hyper Threading out of security concerns. On the Linux front HT/SMT is enabled by default but there is now the new convenient mitigations= option (granted also other ways to disable HT/SMT previously, now just bundled under the "mitigations" umbrella) and even with the case of openSUSE has added mitigations/HT options to their installer. If you've decided to disable Hyper Threading, it turns out resuming after hibernation would run into problems and likely just reboot the system rather than successfully resume.
New HiddenWasp malware found targeting Linux systems [Ed: CBS ZDNet says "New HiddenWasp malware found targeting Linux systems," but this isn't a Linux issue, it targets already-compromised systems. It's like blaming Adobe flaws on Windows.]
HiddenWasp: New Malware Targets Linux Machines To Control Them Remotely [Ed: This is not a "Linux" problem; it exploits things that merely run on GNU/Linux, like iTunes running on Windows.]
nlike the Windows cybersecurity ecosystem, the threats concerning the Linux systems aren’t often discussed in much detail. The attacks either go undetected by the security mechanisms laid out by enterprises or they aren’t too severe to be reported widely by the security researchers.
Gnome (AKA Gnome 3 or Gnome Shell) is the third iteration of the Gnome desktop environment. Its user-interface is split into a panel at the top, and a favorites dock on the left. Gnome is currently the most popular Linux desktop environment, and most major Linux distributions ship with it as the primary user-interface. In the Linux world, many people are using Gnome as it is modern, and often the default choice. Even though it remains the most popular desktop on Linux, some Linux OSes do Gnome better than others. So, here are the 5 best Gnome-based Linux OSes to check out!
