Language Selection

English French German Italian Portuguese Spanish

Proprietary Software Glory

Filed under

  • Bogus Kaseya VSA patches circulate, booby-trapped with remote-access tool

    This month's Kaseya VSA ransomware attack took a turn for the worse on Wednesday with word that miscreants have launched a phishing campaign to ensnare victims with a remote-control tool disguised as a VSA update.

    Since late last week, instances of VSA – Kaseya's monitoring and management software for fleets of PCs and other IT gear – have been exploited to distribute REvil ransomware, prompting the biz to shut down its Kaseya Cloud service and to tell customers to turn off their on-prem Kaseya VSA servers while it worked on a patch for whatever vulnerability is being abused.

    The malware outbreak, which has yet to be resolved, is said to have affected as many as 1,500 businesses through compromised VSA systems, and has been compounded by Kaseya's decision to delay patch deployment on Wednesday. The company is currently hoping to restore its Cloud Service on the evening of Thursday, July 8.

  • You've patched that critical Sage X3 ERP security hole, yeah? Not exposing the suite to the internet, either, yeah?

    Admins of on-premises Sage X3 ERP deployments should check they're not exposing the enterprise resource planning suite to the public internet in case they fall victim to an unauthenticated command execution vulnerability.

    And said administrators should have installed by now the latest patches for the software, which address a bunch of bugs earlier discovered and reported by Rapid7. The infosec outfit described in detail the flaws, calling them "protocol-related issues involving remote administration of Sage X3."

    The aforementioned command execution vulnerability (CVE-2020-7388) scores a perfect ten out of ten in CVSS severity. Hence, protect and patch: miscreants have everything they need now to exploit the bugs.

  • Report shines light on REvil's depressingly simple tactics: Phishing, credential-stuffing RDP servers... the usual

    Palo Alto Networks' global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year – along with an estimation of the multimillion-dollar payouts it's receiving.

    REvil, also known as "Ransomware Evil" or "Sodinokibi," first hit the cybersecurity scene while working in partnership with a group called GandCrab. Initially it operated like many other ransomware outfits, distributing malicious code through faked adverts and trojan horse downloads – but it soon stepped up its game.

    The group, which provides what security wonks have come to term "Ransomware as a Service" or RAAS, has been fingered in some high-profile attacks: Travelex, an entertainment-focused law firm with an A-lister client base; Apple supplier Quanta Computer; a major meat producer; a nuclear weapons contractor; and fashion giant French Connection UK – among many others.

  • White hats reported key Kaseya VSA flaw months ago. Ransomware outran the patch

    One of the vulnerabilities in Kaseya's IT management software VSA that was exploited by miscreants to infect up to 1,500 businesses with ransomware was reported to the vendor in April – and the patch just wasn't ready in time.

    As we've covered this week, deployments of Kaseya's flagship Virtual System Administrator (VSA) product were hijacked at the start of the month to inject REvil extortionware into networks around the world. Kaspersky Lab said it saw evidence of 5,000 infection attempts in 22 countries in the three days since the first attack was spotted.

    Kaseya pulled the plug on its software-as-a-service offering of VSA, and urged all of its customers to switch off their VSA servers to avoid being hit by the ransomware. Kaseya's customers are primarily managed service providers looking after the IT estates of their own customers, and so by compromising VSA deployments, miscreants can hijack large numbers of downstream systems.

  • Cybersecurity Game Aims to Train 25K Specialists by 2025

    The National Cyber Scholarship Foundation (NCSF) is taking aim at the U.S.’s cybersecurity talent gap, with recently announced plans to turn out 25,000 high-level specialists by 2025 — and it’s relying on a free game to recruit.

    The U.S. would need to create 359,236 more cybersecurity professionals to have enough talent available for it to be possible to secure all organizations’ critical assets, according to (ISC)2’s April-June 2020 Cybersecurity Workforce Study.

  • Oracle files $7m copyright claim against NEC's US limb over 'unreported royalties' from database distribution

    Oracle is seeking more than $7m in damages from long-time software partner NEC Corporation of America (NECAM) – a subsidiary of tech Japan-based tech giant NEC Corp – over a complaint about copyright and breach of contract.

    According to papers lodged yesterday with the US court in the Northern District of California, in December 2019 Oracle carried out an audit of NECAM's use and distribution of its database software.

    Although NECAM has been a member of the Oracle Partner Network (OPN) since 2004, the audit found issues related to "unreported royalties."

    A letter sent by Oracle in October 2020 called on NECAM to "resolve the compliance findings within 30 days."


More in Tux Machines

Software: Matrix, Ktube, and Monero P2Pool

  • Chat Bubbles on Element and Several Matrix Apps

    This simple comparison wants to help everyone adopt alternative messaging technology, Matrix, with suitable user interface to them. We call Matrix Apps to instant messengers like Element, Fluffy, Nheko, Schildi and Spectral as they are created based upon the said technology. We will start by setting up criteria first that includes chat bubbles, then going through these messengers one by one, and you will see their pictures here along with a little comments from me. I hope you can pick up the messenger with UI you love the most from here.

  • Ktube Media Downloader lets you download YouTube videos easily on Linux

    I always like to tell people about how I have been using Linux as my primary operating system for over ten years. I love Linux, I understand it, it’s free and above all, it fits my workflow in a way Microsoft’s Windows (with all its goodness) probably never will. That also means I love and am a command-line ninja but I also know one thing, a lot of people out there fear and hate the command line.

  • Monero P2Pool V1.0 Is Released

    The latest version of P2Pool, a decentralized Monero mining pool has released. This is the first official release, signaling an invitation for more users to try out the new software.

Better Support & Performance For OpenACC Kernels Is Coming To GCC

While the GNU Compiler Collection has supported OpenACC for a few years now as this parallel programming standard popular with GPUs/accelerators, the current implementation has been found to be inadequate for many real-world HPC workloads leveraging OpenACC. Fortunately, Siemens has been working to improve GCC's OpenACC kernels support. GCC's existing OpenACC kernels construct has been found to be "unable to cope with many language constructs found in real HPC codes which generally leads to very bad performance." Fortunately, improvements are on the way and could potentially be mainlined in time for next year's GCC 12 stable release. Read more

Security Leftovers

  • Database containing 106m Thailand travelers' details leaked • The Register

    A database containing personal information on 106 million international travelers to Thailand was exposed to the public internet this year, a Brit biz claimed this week. Bob Diachenko, head of cybersecurity research at product-comparison website Comparitech, said the Elasticsearch data store contained visitors' full names, passport numbers, arrival dates, visa types, residency status, and more. It was indexed by search engine Censys on August 20, and spotted by Diachenko two days later. There were no credentials in the database, which is said to have held records dating back a decade. “There are many people who would prefer their travel history and residency status not be publicized, so for them there are obvious privacy issues,” wrote Comparitech editor Paul Bischoff on the company’s blog.

  • Break out your emergency change process and patch this ransomware-friendly bug ASAP, says VMware

    VMware has disclosed a critical bug in its flagship vSphere and vCenter products and urged users to drop everything and patch it. The virtualization giant also offered a workaround.

  • Reproducible Builds (diffoscope): diffoscope 185 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 185. This version includes the following changes:

    [ Mattia Rizzolo ]
    * Fix the autopkgtest in order to fix testing migration: the androguard
      Python module is not in the python3-androguard Debian package
    * Ignore a warning in the tests from the h5py package that doesn't concern
    [ Chris Lamb ]
    * Bump Standards-Version to 4.6.0.

GNOME 41 Released. This is What's New.

GNOME team announced the release of GNOME 41 with some exceptional changes and updates. We wrap up the release in this post. Read more