Security Leftovers
Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug
Google's Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could be leveraged by a bad actor to execute arbitrary code.
Details of the unpatched flaw were revealed publicly after Microsoft failed to patch it within 90 days of responsible disclosure on September 24.
Originally tracked as CVE-2020-0986, the flaw concerns an elevation of privilege exploit in the GDI Print / Print Spooler API ("splwow64.exe") that was reported to Microsoft by an anonymous user working with Trend Micro's Zero Day Initiative (ZDI) back in late December 2019.
But with no patch in sight for about six months, ZDI ended up posting a public advisory as a zero-day on May 19 earlier this year, after which it was exploited in the wild in a campaign dubbed "Operation PowerFall" against an unnamed South Korean company.
[Attackers] accessed Microsoft cloud customers' information through third party: report
The newspaper’s sources said the [attackers] seemed to have accessed the materials through an unidentified corporate partner of the tech giant.
Suspected Russian [attackers] used Microsoft vendors to breach customers
The suspected Russian [crackers] behind the worst U.S. cyber attack in years leveraged reseller access to Microsoft Corp services to penetrate targets that had no compromised network software from SolarWinds Corp, investigators said.
SolarWinds: [Cracked] firm issues urgent security fix
It was later revealed that the product had also been compromised by malware from a suspected second perpetrator, adding a separate backdoor.
SolarWinds [Crackers] 'Impacting' State, Local Governments, US Cyber Agency Says
The [cracking] campaign, which used U.S. tech company SolarWinds as a springboard to penetrate federal government networks, was “impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations,” the Cybersecurity and Infrastructure Security Agency (CISA) said in a statement posted to its website.
The CISA said last week that U.S. government agencies, critical infrastructure entities, and private groups were among those affected but did not specifically mention state or local bodies. So far only a handful of federal government agencies have officially confirmed having been affected, including the U.S. Treasury Department, the Commerce Department, and the Department of Energy.
Open Source Security Podcast/Josh Bressers: Episode 250 – Door 25: Why do we do the things we do? Question everything
Josh and Kurt talk about why we do the things we do. Sometimes we have to question everything
4 ways open source transformed education in 2020
The COVID-19 pandemic required a paradigm change in education in 2020, as face-to-face interaction between teachers and students was largely replaced by remote learning beginning in the spring. Opensource.com writers helped teachers, students, and families around the world rise to the challenge with examples of open software tools fueling innovation in teaching and learning. To document the transition to online instructions and help people adapt to it, our writers offer information about content-creation tools and lesson ideas that will keep teachers and students learning well into 2021 and beyond.
Software: Release Roundup and Older Lists of Applications
The 5 Most Beautiful Linux Distros Out Of The Box
Do you like a beautiful desktop? Yes? Me, too! You know what’s great about Linux? You can change its look and feel the way you want it. But in order to do that, you need the skills to do that, and it’s time-consuming. So you might think, yeah! Let’s use macOS instead! It’s beautiful out of the box. And that’s totally true! But you know what? There’s another way, a way to use Linux that looks totally awesome right out of the box. I’ll show you the 5 most beautiful Linux distros out of the box. Here we go!
