Adrian Johnson
TLDR:
- A new Linux vulnerability has been discovered in the util-linux package, affecting Ubuntu 22.04 servers.
- OWASP admitted to a data breach due to a misconfigured server.
In the latest episode of Cyber Security Today, Howard Solomon discusses a new Linux vulnerability found in the util-linux package, affecting Ubuntu 22.04 servers. This vulnerability could potentially leak user passwords and Linux administrators are advised to check with their distribution creators to see if their servers are affected.
OWASP, a cybersecurity organization, recently admitted to a data breach caused by a misconfigured server. This breach resulted in the exposure of a decade-old list of resumes of members, including personal information such as names, email addresses, physical addresses, and phone numbers. OWASP no longer collects resumes from members upon joining.
Google has settled a class-action lawsuit by agreeing to delete browsing data collected during Incognito Mode sessions. This data collection was alleged to have occurred without user knowledge, although Google claims it never associated this data with users in Incognito Mode.
The Rhysida ransomware gang has claimed responsibility for an attack on MarineMax, a boat retailer in the U.S. The gang is reportedly auctioning off stolen data as a result of the attack.
Additionally, a small Michigan school board temporarily closed after a cyber incident, disconnecting access to the IT network and launching an investigation. The DFIR Report has produced a detailed case study of a 2023 ransomware attack on an unnamed company, highlighting how the attack unfolded and emphasizing the importance of cybersecurity measures.
