Cyber Security News Week of March 13

This week in the cyber security blog we will go over some of the biggest news to help you be better informed on threats and changes.

• Mozilla releases Advisory 2022-09 that alerts users to two critical impact vulnerabilities. One is exploited by removing an XSLT parameter in a use-after-free attack. The other is another Use-after-free attack in the WebGPU IPC framework, with exploitable sandbox escape. Mozilla reports both of these being exploited in the wild. Mozilla has released updates to all affected products. To check the fixed versions or to read more, go to Mozilla's Advisory page

• Bleeping Computer reported on security researchers at VUSec discovering exploits with speculative execution in Intel, AMD, and Arm chips. These vulnerabilities do require low privilege to pull, but a Proof of Concept released by the researchers shows that the root password hash can be dumped from the /etc/shadow file using the exploited speculative execution. Intel and AMD's CVEs were both high, and AMD reported no known active exploitation. To read more, go to Bleeping Computer's article.

• Linux kernel versions 5.8 and later have privilege escalation vulnerabilities known as "Dirty Pipe." This is caused by improper initialization in the copy_page_to_iter_pipe and push_pipe functions in the Linux kernel. An unprivileged user can exploit this vulnerability to gain root privileges. To read more, see CVE-2022-0847

• CISA rereleases its advisory on Conti ransomware. CISA Alert, AA21-265A, is updated to add a new set of domains to their indicators of compromise. Additionally, as recently as February 28, 2022, the advisory noted those affected by Conti have surpassed more than 1,000 organizations. CISA notes that multifactor authentication, network segmentation, and keeping operating systems and software up to date are the best immediate actions to take to best protect again the ransomware. See CISA's advisory page to read more.

This was rewritten in org, then exported to html to maintain the consistent look. As part of that, hakyll is no longer used, and I never really got it working either.