CISA orders federal agencies to patch Looney Tunables Linux bug

Trending 2 weeks ago
  1. Home
  2. Technology
  3. CISA orders federal agencies to patch Looney Tunables Linux bug

Linux

Today, CISA ordered U.S. federal agencies to defended their systems adjoin an actively exploited vulnerability that lets attackers accretion basis privileges on abounding above Linux distributions.

Dubbed 'Looney Tunables' by Qualys' Threat Research Unit (who apparent the bug) and tracked as CVE-2023-4911, this aegis vulnerability is due to a absorber overflow weakness in the GNU C Library's ld.so activating loader.

The aegis blemish impacts systems active the latest releases of broadly acclimated Linux platforms, including Fedora, Ubuntu, and Debian in their absence configurations.

Administrators are apprenticed to application their systems as anon as possible, seeing that the vulnerability is now actively exploited and several proof-of-concept (PoC) exploits accept been appear online back its acknowledgment in aboriginal October.

"With the adequacy to accommodate abounding basis acceptance on accepted platforms like Fedora, Ubuntu, and Debian, it's acute for arrangement administrators to act swiftly," Qualys' Saeed Abbasi warned.

CISA additionally added the actively exploited Linux blemish to its Known Exploited Vulnerabilities Catalog today, including it in its account of "frequent advance vectors for awful cyber actors" and assuming "significant risks to the federal enterprise."

Following its admittance in CISA's KEV list, U.S. Federal Civilian Executive Branch Agencies (FCEB) charge application Linux accessories on their networks by December 12, as allowable by a bounden operational charge (BOD 22-01) issued one year ago.

Although the BOD 22-01 primarily targets U.S. federal agencies, CISA additionally audacious all organizations (including clandestine companies) to accent patching the Looney Tunables aegis blemish immediately.

Exploited in Kinsing malware attacks

While CISA didn't aspect the advancing Looney Tunables exploitation, aegis advisers with billow aegis aggregation Aqua Nautilus revealed two weeks ago that Kinsing malware operators are application the blemish in attacks targeting billow environments.

The attacks alpha with base a accepted vulnerability aural the PHP testing framework 'PHPUnit.' This antecedent aperture allows them to authorize a cipher beheading foothold, followed by leveraging the 'Looney Tunables' affair to amplify their privileges.

After accepting basis acceptance to compromised Linux devices, blackmail actors install a JavaScript web carapace for backdoor access. This carapace allows them to assassinate commands, administer files, and conduct arrangement and server reconnaissance.

The Kinsing attackers' ultimate ambition is to abduct billow account provider (CSP) credentials, aiming for acceptance to AWS instance character data.

Kinsing is accepted for breaching and deploying crypto mining software cloud-based systems, including Kubernetes, Docker APIs, Redis, and Jenkins.

Microsoft has additionally afresh empiric the accumulation targeting Kubernetes clusters via misconfigured PostgreSQL containers, while TrendMicro spotted them exploiting the analytical CVE-2023-46604 Apache ActiveMQ bug to accommodation Linux systems.

Related Article

Windows 11 Notepad gets a built-in character counter, finally

Windows 11 Notepad gets a built-in character counter, finally

40 minutes ago
WordPress fixes POP chain exposing websites to RCE attacks

WordPress fixes POP chain exposing websites to RCE attacks

55 minutes ago
Russian pleads guilty to running crypto-exchange used by ransomware gangs

Russian pleads guilty to running crypto-exchange used by ransomware gangs

3 hours ago
UK and allies expose Russian FSB hacking group, sanction members

UK and allies expose Russian FSB hacking group, sanction members

4 hours ago
Meta rolls out default end-to-end encryption on Messenger, Facebook

Meta rolls out default end-to-end encryption on Messenger, Facebook

6 hours ago
Krasue RAT malware hides on Linux servers using embedded rootkits

Krasue RAT malware hides on Linux servers using embedded rootkits

15 hours ago

Trending

1. Warriors
2. Jon Rahm
3. Hanukkah
4. Hanukkah 2023
5. LEGO Fortnite
6. Craig Kimbrel
7. Pearl Harbor Day
8. Game Awards 2023
9. Vivek Ramaswamy
10. Post-traumatic amnesia

Popular Article

Where to watch It’s a Wonderful Life

Where to watch It’s a Wonderful Life

20 hours ago
Australia building 'top secret' cloud to catch up and link with US, UK intel orgs

Australia building 'top secret' cloud to catch up and link with US, UK intel orgs

16 hours ago
Dell XPS 15 is still at its Black Friday and Cyber Monday price

Dell XPS 15 is still at its Black Friday and Cyber Monday price

11 hours ago
Belgian man charged with smuggling sanctioned military tech to Russia and China

Belgian man charged with smuggling sanctioned military tech to Russia and China

13 hours ago
New SLAM attack steals sensitive data from AMD, future Intel CPUs

New SLAM attack steals sensitive data from AMD, future Intel CPUs

20 hours ago
Much-desired iPhone feature may not arrive until 2027

Much-desired iPhone feature may not arrive until 2027

15 hours ago
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions · Disclaimer ·

©2023 PAK MEDIA BLOG.
All Rights Reserved.