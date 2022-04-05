Security Leftovers
Security updates for Wednesday [LWN.net]
Security updates have been issued by Debian (elog, needrestart, openssl, and waitress), Fedora (curl, libxml2, slurm, and vim), Scientific Linux (zlib), SUSE (e2fsprogs, nodejs10, php72, and thunderbird), and Ubuntu (apport, clamav, needrestart, and pcre3).
iPhone Malware that Operates Even When the Phone Is Turned Off
The research is fascinating, but the attack isn’t really feasible. It requires a jailbroken phone, which is hard to pull off in an adversarial setting.
Threat Actors Exploiting F5 BIG IP CVE-2022-1388
CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released the joint Cybersecurity Advisory Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 in response to active exploitation of CVE-2022-1388, which affects F5 Networks BIG-IP devices. The vulnerability allows an unauthenticated actor to gain control of affected systems via the management port or self-IP addresses.
Surfshark Launches Linux App With Graphical User Interface
And it isn’t all bad news: there are lots of other features including access to Surfshark’s list of MultiHop routes, WireGuard, DNS leak protection and CleanWeb (an ad-blocker).
There’s also a tray menu with a quick-connect option and a list of three servers.
Pwn2Own hacking schedule released – Windows and Linux are top targets
The 2022 edition of the famous (or infamous, depending on your viewpoint) Pwn2Own competition kicks off later today in Vancouver, British Columbia.
