Healthcare organizations face a 32% surge in cyberattacks, with sensitive patient data being sold on the Dark Web.…

Healthcare organizations face a 32% surge in cyberattacks, with sensitive patient data being sold on the Dark Web. Hospitals worldwide are vulnerable, as cybercriminals exploit weak defenses and digital health records.

A new report has revealed a troubling trend: healthcare organizations across the globe are falling victim to increasingly **sophisticated cyberattacks**, leaving patients and patients’ families vulnerable to financial gain.

According to recent data from Check Point Research, the global weekly average number of attacks per organization within the healthcare industry has increased by 32% over the same period last year, reaching a staggering 2,018 per week.

The targeted institutions, including vulnerable hospitals, are constantly under the triple threat of cybercrime such as ransomware attacks, data theft, and even selling access to these critical healthcare networks on the dark web.

A closer look at the data reveals that around the world, the top regions of attack are:

****The Asia-Pacific (APAC)****

The Asia-Pacific (APAC) region has suffered the most from these attacks. With 4,556 weekly attacks per organization, a 54% increase, this region is responsible for the majority of healthcare cyberattacks, driven by the rapid expansion of digital health records and telemedicine.

****Latin America****

Latin America also faced a substantial increase in these attacks. With 2,703 weekly attacks per organization, a 34% increase, this region is particularly vulnerable due to weaker regulations and underfunded cyber security initiatives.

****Europe****

According to Check Point’s **report**, Europe, despite experiencing fewer weekly attacks at an average of 1,686, saw the largest percentage increase at 56%, highlighting a growing reliance on digital tools without parallel investments in security.

****North America****

North America, with 1,607 weekly attacks and a 20% increase, remains a prime target due to the wealth of sensitive patient data and established digital infrastructure.

The impact of these cyberattacks is severe. The situation is serious enough that the World Health Organization (WHO) has called for caution, declaring 17 September **World Patient Safety Day** to highlight the risks associated with cyberattacks in the healthcare industry.

On the other hand, cybercriminals are also using ransomware-as-a-service (RaaS) to target healthcare organizations, partnering with others to carry out attacks and siphoning off sensitive data.

A real-life example, according to Check Point, involves a hacker known as Cicada3301, who posted an advertisement on a Russian-language underground forum offering ransomware-as-a-service. He demands a 20% commission on successful attacks and even provides negotiation mechanisms for disputes among partners.

To mitigate these risks, healthcare organizations must adopt comprehensive cybersecurity measures, including technological solutions, employee training, and improved security policies. Key steps include using anti-ransomware solutions, regularly backing up data, segmenting and limiting access to information, educating staff on recognizing cyber threats, installing updates and patches, and ensuring strong passwords and multi-factor authentication.

Compliance with national and international privacy standards and regulations is also important to ensure patient safety. By securing all devices and using the best security solutions, healthcare organizations can better protect themselves against cyber criminals and protect the well-being of their patients.

1.  **7TB of Healthcare Data Leak Affects 12 Million Patients**
2.  **AI in Healthcare: ChatGPT Helps Diagnosis After Doctors Fail**
3.  **8220 Gang Targets Healthcare in Global Cryptojacking Attack**
4.  **Chinese Malware Targets European Healthcare via USB Drives**
5.  **PData of 75,000 people exposed in HealthCare.gov system hack  
    **

Dark Web Sales Fuel 32% Increase in Global Healthcare Cyberattacks

This week on the Lock and Code podcast, we speak with San Francisco City Attorney David Chiu about his team's fight against deepfake porn.

_This week on the Lock and Code podcast…_

On August 15, the city of San Francisco launched an entirely new fight against the world of deepfake porn—it sued the websites that make the abusive material so easy to create.

“Deepfakes,” as they’re often called, are fake images and videos that utilize artificial intelligence to swap the face of one person onto the body of another. The technology went viral in the late 2010s, as independent film editors would swap the actors of one film for another—replacing, say, Michael J. Fox in Back to the Future with Tom Holland.

But very soon into the technology’s debut, it began being used to create pornographic images of actresses, celebrities, and, more recently, everyday high schoolers and college students. Similar to the threat of “revenge porn,” in which abusive exes extort their past partners with the potential release of sexually explicit photos and videos, “deepfake porn” is sometimes used to tarnish someone’s reputation or to embarrass them amongst friends and family.

But deepfake porn is slightly different from the traditional understanding of “revenge porn” in that it can be created without any real relationship to the victim. Entire groups of strangers can take the image of one person and put it onto the body of a sex worker, or an adult film star, or another person who was filmed having sex or posing nude.

  
The technology to create deepfake porn is more accessible than ever, and it’s led to a global crisis for teenage girls.

In October of 2023, a reported group of more than 30 girls at a high school in New Jersey had their likenesses used by classmates to make sexually explicit and pornographic deepfakes. In March of this year, two teenage boys were arrested in Miami, Florida for allegedly creating deepfake nudes of male and female classmates who were between the ages of 12 and 13. And at the start of September, this month, the BBC reported that police in South Korea were investigating deepfake pornography rings at two major universities.

While individual schools and local police departments in the United States are tackling deepfake porn harassment as it arises—with suspensions, expulsions, and arrests—the process is slow and reactive.

Which is partly why San Francisco City Attorney David Chiu and his team took aim at not the individuals who create and spread deepfake porn, but at the websites that make it so easy to do so.

Today, on the Lock and Code podcast with host David Ruiz, we speak with San Francisco City Attorney David Chiu about his team’s lawsuit against 16 deepfake porn websites, the city’s history in protecting Californians, and the severity of abuse that these websites offer as a paid service.

> “At least one of these websites specifically promotes the non-consensual nature of this. I’ll just quote: ‘Imagine wasting time taking her out on dates when you can just use website X to get her nudes.’”
> 
> David Chiu, San Francisco City Attorney

Tune in today for the full conversation.

_Show notes and credits:_

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)  
Licensed under Creative Commons: By Attribution 4.0 License  
http://creativecommons.org/licenses/by/4.0/  
Outro Music: “Good God” by Wowa (unminus.com)

**Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.**

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.

 San Francisco’s fight against deepfake porn, with City Attorney David Chiu (Lock and Code S05E20) 

The Call For Papers for nullcon Goa 2025 is now open. Nullcon is an information security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 1st through the 2nd, 2025.

Do you wish to become a speaker at Nullcon Goa 2025? The opportunities are endless. The time to think is long gone - Take the only leap to share your research with our infosec community.

Call For Papers - Nullcon Goa 2025 (https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyl0g3gVDYW7lCdLW6lZ3krW5sVJnn2b1pGgW4VfGFw4gSKwKW7T9v298lCB3rW3MyVZN4QZdRZVmt5bS5SZh7_W1gd6mX1JJnTgW3T-ygY70DWZQN8BqbRky-cK7N78QdcBNhhTdW4S5D_934wdgsW5g4QSF1XLcrBW3xm9qY5Fq0K7W29YBzm5FFJZqW1DbVDt8_D4C-W32Tv4x5mwwtFW3G8VF11yBc2DW2_C3z-89wwR2W44r2CW30gPzPW1LCpQB3TC7rDN2_4JXml3TQNW2sxvNm5d4LyqW91kdFY8BF16dW6B3Ycm8XSXV4W7G9dPx4GkwKZf8kv1DK04 )

OPEN...Call For Papers (CFP) for Nullcon Goa 2025

Do you wish to become a speaker at Nullcon Goa 2025? The opportunities are endless. The time to think is long gone - Take the only leap to share your research with our infosec community.

CFP Closes: 15th November 2024

Conference: 1st-2nd March 2025

Venue: BITS, Goa

Submission Topics (but not limited to):

- IoT/Embedded Security/OT  
- Web Applications / AI Security  
- Browser Security  
- Fuzzing & Exploit Development  
- Bug Hunting and Vulnerability Research  
- Forensic  
- Malware & Incident Response  
- Cloud and Infrastructure Security

Know More About Speaker Benefits / Submission Guidelines  
(https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyl0g3gVDYW7lCdLW6lZ3krW5sVJnn2b1pGgW4VfGFw4gSKwKW7T9v298lCB3rW3MyVZN4QZdRZVmt5bS5SZh7_W1gd6mX1JJnTgW3T-ygY70DWZQN8BqbRky-cK7N78QdcBNhhTdW4S5D_934wdgsW5g4QSF1XLcrBW3xm9qY5Fq0K7W29YBzm5FFJZqW1DbVDt8_D4C-W32Tv4x5mwwtFW3G8VF11yBc2DW2_C3z-89wwR2W44r2CW30gPzPW1LCpQB3TC7rDN2_4JXml3TQNW2sxvNm5d4LyqW91kdFY8BF16dW6B3Ycm8XSXV4W7G9dPx4GkwKZf8kv1DK04 )

Nullcon Bangalore 2024

Learn Via Experiences, Not Just Books

Do you know what today’s cutting-edge tech jobs at major companies truly require?

It’s all about the hands-on expertise you’ve developed—through the projects you’ve undertaken and the practical knowledge needed to address real-world business challenges.

Dates: 7th-9th November 2024 | Venue: Hotel Royal Orchid, Bangalore

Hacking Modern Web Apps: Master the Future of Attack Vectors

By Anirudh Anand & Abraham Aranguren

Malware Analysis 0x65: Dissecting & Demystifying Attackers Mindset

By Abhinav Thakur & Niraj Shivtarkar

Practical IoT Hacking

By Hemant Sonkar, Ranit Pradhan, Pugal Selvan & Rupesh Surve

StealthOps: Red Team Operations 24 Edition

By Manish Gupta & Yash Bharadwaj

Sold Out! AI Security: Terminating The Terminator

By Nikhil Joshi

Register with Early Bird Discount!  
(https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyl0z3gVDYW7Y8-PT6lZ3pcW5Z_6zg6bPGw2N6gYMkp15jT0W94QVDk5P5PGyW3BDWFv8GSrP3W72QF1V8zzkJNW72brp-6RfrTGW7F0XXD8X5WVcVQfWd_4HT-BxW1m36Rn7gDN4zW47VSWV8yk5TPN667G5NY2gy8W68yBjv4PZ9THW8rPGRk5k34v2W2KnQWS8y9qwDVPwXGw95657DW8xQm9N1LRLCMN3-7DJW3WTcGW4cdvMh89YnKQW6yx1R52qBcnPW10Yff22vQrxhW7x0pkw35WfrrN7tnpf5GJMDfW9dmylv4bzq_6W16R0NG98-VTfW3mXFMM77D_mNW8HbkFz30psD8f7kC9fg04 )

Job Openings 💼

Evernorth Health Services is looking for a Cyber Security Senior Advisor (https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyl0z3lcq-W7Y8-PT6lZ3mKVxYnF46myHbmVmLD9799wBlpW3V-q831YL_kjW6mZcrB1_s4MmVddB_T60XB9QW7tCfZ13Rd87YW6yYyk-4rqZrqW7XZc046p4cynW1HYc_Q788LnWW60HDdD3VJq12W4CJys-8r4d8dW6YjvF25hsLpmW8xPbw63Z14grW51l1tj3NRGpqW4t6HCC8wl_JdW87p0H610_QYZW2nYpRK88rGG8W2Tvq145BNTtYW7t0Hqr1lmbz3W7Gp8Yt3w6F4qW1xPB-28bMCxqVJm8ZP6Zs0mqW5gP7mz9dl99XN1N1pB2ftxQ3W7c_Hg75vtHfYVXdncG5_P77pf2LHb7g04 ) and a Cyber Security Associate Principal (https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyl0z3lcq-W7Y8-PT6lZ3q7W69Cbdx3b0ZPmN1txRLMr9jfGW8YlfXJ1t2SZbW7jqJs02dS2jYW3lB4Tf2H7CdyW8cKyQr2xJjkdW4ssmfL7d5VzZW1jCqVN3sT8STN3ggNMXxz7CyW1QMJl43BNt8_W6wds4T8BTMsVVtkX2812bpl_W5TGFq43tyJ14W5QN2MZ8gWVPfW6RGlK55JkqxgW3zBXk38Yh9JFW1B4LC76pT6GvW4Gg4YR7Ht5yVW7SsDDh2Cf737My2j9mKT9PfW8sj_1-4cpFbXW1_R_5y3nmwcBN2flG7Qs29d0W3DHv8f6018g2W47lJ1m5NB8dfW78qmSX3lK69Hd5c1WH04 ) in Hyderabad, India

Google is looking for a Security Engineer, Android Security Assurance (https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyk_H5jMY8W69t95C6lZ3pgW7CTQgt6mr-qhW6jgM7f1-TYgNW37sGhY6Fw_MhW3W5hJT3q8xHNW7Dshmj63jCQfMBf7qFzVDkGV1Nwnq1GnCRDW53kp827KkSHjW4kSz1b8DYx2KW33j2fs8ZVDgVW6Ksb1-8_BL3XW4p38gd23RL8lW8Rxnqg1x39n4W8grlTQ89hWP9W7BMh8L22G3RGW72X6Xh7glvrQW1GrZn127P4BlW6ldgZ72C4z86W6f-mJf4sGn7BW84VW45328XTZW7mHvgT82H0HvW7fg1jB43mhcLW6-Vfwl28QHmsW3x1pKc88p20dW3XT4xj1yH5f5W37d9Cp2lWLKgW9612FS8_SBfpW5RwJSL7xH16WW4kzq758RwLFSW5S-KcT7J59fNN9kkyZKPF3VfW7T37gM6tYfQDW3bCHmt4S12ZtV6zTbL4L3yr5W3J9mvh4pvbFmW4gVFgc8BwKzFf7w0CsC04 ) in Bangalore, India

InfoSec Connect 👥

null - The Open Security Community is preparing for its upcoming elections! Submit your questions for potential candidates via GitHub: https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyk_45jMY8W50kH_H6lZ3nvN6Xjl9sXkG90W2YkM_32MTqcxW1GZ2sN4wrQnSW2MGhLx1HYpzyW3gNZtH6T485gVknDzC25Sd7qN6b5t28nrKr4W3gpbhd3nwn5WV96_Nm3wmknhVMX33f2FSw14W5Dq1c75rZTHrW1BKqQT226pSDW2c8B5x16ZcJlW3Kbsyq7g5h-nW8cxfDh1Z1skqW1-QxmT2TkctBW4lCMsm1JCJKmW2MqFJL6V9f0cW5pTyB58RPzhqVRSzQw4g7L1CW4r5ZPQ86cV4wW1rJR6-59ZLWtW6VbG5L6-nMrwW2mNc4H8mM6mQW4GGGP131VbgPW3yWQRh7nTz3DW6QBMq33CSHM7W1dSpvK4tR352W8G30__4P4bgyW6s00nG1lcZyZW69VQJr1j0W5WW1bz5KK62QJstf29fj5P04 (https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyk_45jMY8W50kH_H6lZ3nvN6Xjl9sXkG90W2YkM_32MTqcxW1GZ2sN4wrQnSW2MGhLx1HYpzyW3gNZtH6T485gVknDzC25Sd7qN6b5t28nrKr4W3gpbhd3nwn5WV96_Nm3wmknhVMX33f2FSw14W5Dq1c75rZTHrW1BKqQT226pSDW2c8B5x16ZcJlW3Kbsyq7g5h-nW8cxfDh1Z1skqW1-QxmT2TkctBW4lCMsm1JCJKmW2MqFJL6V9f0cW5pTyB58RPzhqVRSzQw4g7L1CW4r5ZPQ86cV4wW1rJR6-59ZLWtW6VbG5L6-nMrwW2mNc4H8mM6mQW4GGGP131VbgPW3yWQRh7nTz3DW6QBMq33CSHM7W1dSpvK4tR352W8G30__4P4bgyW6s00nG1lcZyZW69VQJr1j0W5WW1bz5KK62QJstf29fj5P04 ) . Your feedback will help shape the future leadership of null.

Join our Discord Server 👋

Stay updated on the latest job announcements and opportunities in our community: https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyl0g3lcq-W7lCdLW6lZ3mSN1rYPzdwB9mRW8bnZP19gYljkW61XSF-5lbBSDW9kRgZ5783hndW7SQScW9dHfnWW24cg8-7g1k4tW5MTCDT39Z25lW6B9t5D3bQFsyW8DLY3H62sFsJN6H1_wpzsHKwW1y0WS-2wXgQTW2HQqNr6nlrmQW7HTlkS2blydMN8G5hm1QFTtVN1_hWxtMsgwfW3T9hgM6W-77GW7F6HKs2_y5v6W52Pvs334vlqGW7R9pjv3hSK7RW5jH-pH6bx5tJW7JzvfR3pTj-vW8MP7m21-hdg5W8j5w9p3Hp3HcW3k67C68Fjz63f5xvHfF04 (https://cTy2804.na1.hubspotlinksstarter.com/Ctc/GE+113/cTy2804/VVCwzM36D4W3W5kdjln8rtsDcW9h8NV35ljxpkN7qyl0g3lcq-W7lCdLW6lZ3mSN1rYPzdwB9mRW8bnZP19gYljkW61XSF-5lbBSDW9kRgZ5783hndW7SQScW9dHfnWW24cg8-7g1k4tW5MTCDT39Z25lW6B9t5D3bQFsyW8DLY3H62sFsJN6H1_wpzsHKwW1y0WS-2wXgQTW2HQqNr6nlrmQW7HTlkS2blydMN8G5hm1QFTtVN1_hWxtMsgwfW3T9hgM6W-77GW7F6HKs2_y5v6W52Pvs334vlqGW7R9pjv3hSK7RW5jH-pH6bx5tJW7JzvfR3pTj-vW8MP7m21-hdg5W8j5w9p3Hp3HcW3k67C68Fjz63f5xvHfF04 )

Payatu Technologies Pvt Ltd., Office No. 502, Tej House, 5th Floor, 5 M.G. Road, Camp, Pune, Maharashtra 411001

Unsubscribe (https://hs-7328024.s.hubspotstarter.net/preferences/en/unsubscribe?data=W2nXS-N30h-BrW3LHlhC34rt-5W2qSxDn2q_nGsW2nTBZy1-XBPFW3DXWqr3Z-_tCW2WqQ3730GyvSW1S2hF03835hXW2YyfNm3JSNdZW2zYXgc24WzKdW2Pvm-h4fsmRdW43F1K13M62zMW2RrG9Z2Wy8kHW4mbnlg3dsp0fW4pyH862313-zW1Bczj53T5WDMW4mytFw45XcXLW3jdkps3_YkSJW32xGwS1ZqWrgW4pB1tk4rvDxMW3QRD2L4tFmCcW3z2X5n4cKGJ8W1_jPkL3DYJ5pW1L7shZ3yXrT1W3gs6ks2HFWFSW4mGpm92TMWDSW32rKK32sVklYW2zPb-71Lmv6XW2CqPVY3T47WMW2sT7Py49TPG1W2RJTzl4mtnMjW1Zgz8l4ftc1FW3XyTv52KSvkzW30c2cn2-g8DjW2sFqnF3Vz5zYW2Ry1N61Ljfl0W3K6FDF1BDJp3W2KZkNq3bcfRYW41tWSP1L3Gn_W49tXYY3ggbJZW2TjQnn3f-nvYW4mrF_s4fnXVLW1ZljCP2qVBl7W3W2mYG4fr5PdW2TzZDB36Fsy4W4cPR5w2PsLMfW3dppWB4mstSlW47wtPz1_nZN9W3H6XWj3C89-df1ZvBy304&_hsenc=p2ANqtz-_4kDnRpYLE-TWAHbI6iNAV0yfG-pGLSCVy_UhGcPYKKegnkWd5NrsrumPiy2SzOiKwRWd8iI3lUz1brTj75EqS1ofT1uSnLYe5ip-U8gHYAz8qiaI&_hsmi=325820415 )  
Manage preferences (https://hs-7328024.s.hubspotstarter.net/preferences/en/manage?data=W2nXS-N30h-BrW3LHlhC34rt-5W2qSxDn2q_nGsW2nTBZy1-XBPFW3DXWqr3Z-_tCW2WqQ3730GyvSW1S2hF03835hXW2YyfNm3JSNdZW2zYXgc24WzKdW2Pvm-h4fsmRdW43F1K13M62zMW2RrG9Z2Wy8kHW4mbnlg3dsp0fW4pyH862313-zW1Bczj53T5WDMW4mytFw45XcXLW3jdkps3_YkSJW32xGwS1ZqWrgW4pB1tk4rvDxMW3QRD2L4tFmCcW3z2X5n4cKGJ8W1_jPkL3DYJ5pW1L7shZ3yXrT1W3gs6ks2HFWFSW4mGpm92TMWDSW32rKK32sVklYW2zPb-71Lmv6XW2CqPVY3T47WMW2sT7Py49TPG1W2RJTzl4mtnMjW1Zgz8l4ftc1FW3XyTv52KSvkzW30c2cn2-g8DjW2sFqnF3Vz5zYW2Ry1N61Ljfl0W3K6FDF1BDJp3W2KZkNq3bcfRYW41tWSP1L3Gn_W49tXYY3ggbJZW2TjQnn3f-nvYW4mrF_s4fnXVLW1ZljCP2qVBl7W3W2mYG4fr5PdW2TzZDB36Fsy4W4cPR5w2PsLMfW3dppWB4mstSlW47wtPz1_nZN9W3H6XWj3C89-df1ZvBy304&_hsenc=p2ANqtz-_4kDnRpYLE-TWAHbI6iNAV0yfG-pGLSCVy_UhGcPYKKegnkWd5NrsrumPiy2SzOiKwRWd8iI3lUz1brTj75EqS1ofT1uSnLYe5ip-U8gHYAz8qiaI&_hsmi=325820415 )

nullcon Goa 2025 Call For Papers

Ubuntu Security Notice 7028-1 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    =========================================================================Ubuntu Security Notice USN-7028-1September 23, 2024linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities=========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 18.04 LTS- Ubuntu 16.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems- linux-kvm: Linux kernel for cloud environments- linux-oracle: Linux kernel for Oracle Cloud systems- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe: Linux hardware enablement (HWE) kernelDetails:It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash).Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - GPU drivers;  - Greybus drivers;  - Modular ISDN driver;  - Multiple devices driver;  - Network drivers;  - SCSI drivers;  - VFIO drivers;  - F2FS file system;  - GFS2 file system;  - JFS file system;  - NILFS2 file system;  - Kernel debugger infrastructure;  - Bluetooth subsystem;  - IPv4 networking;  - L2TP protocol;  - Netfilter;  - RxRPC session sockets;(CVE-2024-42154, CVE-2023-52527, CVE-2024-26733, CVE-2024-42160,CVE-2021-47188, CVE-2024-38570, CVE-2024-26851, CVE-2024-26984,CVE-2024-26677, CVE-2024-39480, CVE-2024-27398, CVE-2022-48791,CVE-2024-42224, CVE-2024-38583, CVE-2024-40902, CVE-2023-52809,CVE-2024-39495, CVE-2024-26651, CVE-2024-26880, CVE-2024-42228,CVE-2024-27437, CVE-2022-48863)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 18.04 LTS  linux-image-4.15.0-1135-oracle  4.15.0-1135.146          Available with Ubuntu Pro  linux-image-4.15.0-1156-kvm     4.15.0-1156.161          Available with Ubuntu Pro  linux-image-4.15.0-1166-gcp     4.15.0-1166.183          Available with Ubuntu Pro  linux-image-4.15.0-1173-aws     4.15.0-1173.186          Available with Ubuntu Pro  linux-image-4.15.0-1181-azure   4.15.0-1181.196          Available with Ubuntu Pro  linux-image-4.15.0-229-generic  4.15.0-229.241          Available with Ubuntu Pro  linux-image-4.15.0-229-lowlatency  4.15.0-229.241          Available with Ubuntu Pro  linux-image-aws-lts-18.04       4.15.0.1173.171          Available with Ubuntu Pro  linux-image-azure-lts-18.04     4.15.0.1181.149          Available with Ubuntu Pro  linux-image-gcp-lts-18.04       4.15.0.1166.179          Available with Ubuntu Pro  linux-image-generic             4.15.0.229.213          Available with Ubuntu Pro  linux-image-kvm                 4.15.0.1156.147          Available with Ubuntu Pro  linux-image-lowlatency          4.15.0.229.213          Available with Ubuntu Pro  linux-image-oracle-lts-18.04    4.15.0.1135.140          Available with Ubuntu Pro  linux-image-virtual             4.15.0.229.213          Available with Ubuntu ProUbuntu 16.04 LTS  linux-image-4.15.0-1135-oracle  4.15.0-1135.146~16.04.1          Available with Ubuntu Pro  linux-image-4.15.0-1166-gcp     4.15.0-1166.183~16.04.1          Available with Ubuntu Pro  linux-image-4.15.0-1173-aws     4.15.0-1173.186~16.04.1          Available with Ubuntu Pro  linux-image-4.15.0-1181-azure   4.15.0-1181.196~16.04.1          Available with Ubuntu Pro  linux-image-4.15.0-229-generic  4.15.0-229.241~16.04.1          Available with Ubuntu Pro  linux-image-4.15.0-229-lowlatency  4.15.0-229.241~16.04.1          Available with Ubuntu Pro  linux-image-aws-hwe             4.15.0.1173.186~16.04.1          Available with Ubuntu Pro  linux-image-azure               4.15.0.1181.196~16.04.1          Available with Ubuntu Pro  linux-image-gcp                 4.15.0.1166.183~16.04.1          Available with Ubuntu Pro  linux-image-generic-hwe-16.04   4.15.0.229.241~16.04.1          Available with Ubuntu Pro  linux-image-gke                 4.15.0.1166.183~16.04.1          Available with Ubuntu Pro  linux-image-lowlatency-hwe-16.04  4.15.0.229.241~16.04.1          Available with Ubuntu Pro  linux-image-oem                 4.15.0.229.241~16.04.1          Available with Ubuntu Pro  linux-image-oracle              4.15.0.1135.146~16.04.1          Available with Ubuntu Pro  linux-image-virtual-hwe-16.04   4.15.0.229.241~16.04.1          Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7028-1  CVE-2021-47188, CVE-2022-48791, CVE-2022-48863, CVE-2023-52527,  CVE-2023-52809, CVE-2024-26651, CVE-2024-26677, CVE-2024-26733,  CVE-2024-26851, CVE-2024-26880, CVE-2024-26984, CVE-2024-27398,  CVE-2024-27437, CVE-2024-38570, CVE-2024-38583, CVE-2024-39480,  CVE-2024-39495, CVE-2024-40902, CVE-2024-42154, CVE-2024-42160,  CVE-2024-42224, CVE-2024-42228

Ubuntu Security Notice USN-7028-1

Gentoo Linux Security Advisory 202409-20 - Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure. Versions greater than or equal to 8.7.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-20  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: curl: Multiple Vulnerabilities  
     Date: September 23, 2024  
     Bugs: #919325, #919889, #923413, #927960  
       ID: 202409-20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in curl, the worst of  
which could lead to information disclosure.

Background  
=========  
A command line tool and library for transferring data with URLs.

Affected packages  
================  
Package        Vulnerable    Unaffected  
-------------  ------------  ------------  
net-misc/curl  < 8.7.1       >= 8.7.1

Description  
==========  
Multiple vulnerabilities have been discovered in curl. Please review the  
CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All curl users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-misc/curl-8.7.1"

References  
=========  
[ 1 ] CVE-2023-42619  
      https://nvd.nist.gov/vuln/detail/CVE-2023-42619  
[ 2 ] CVE-2023-46218  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46218  
[ 3 ] CVE-2023-46219  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46219  
[ 4 ] CVE-2024-0853  
      https://nvd.nist.gov/vuln/detail/CVE-2024-0853  
[ 5 ] CVE-2024-2004  
      https://nvd.nist.gov/vuln/detail/CVE-2024-2004  
[ 6 ] CVE-2024-2398  
      https://nvd.nist.gov/vuln/detail/CVE-2024-2398  
[ 7 ] CVE-2024-2466  
      https://nvd.nist.gov/vuln/detail/CVE-2024-2466

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-20

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-20

Gentoo Linux Security Advisory 202409-19 - A vulnerability has been found in Emacs and org-mode which could result in arbitrary code execution. Versions greater than or equal to 26.3-r19:26 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-19  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Emacs, org-mode: Command Execution Vulnerability  
     Date: September 22, 2024  
     Bugs: #934736  
       ID: 202409-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
A vulnerability has been found in Emacs and org-mode which could result  
in arbitrary code execution.

Background  
=========  
Emacs is the extensible, customizable, self-documenting real-time  
display editor. org-mode is an Emacs mode for notes and project  
planning.

Affected packages  
================  
Package             Vulnerable     Unaffected  
------------------  -------------  --------------  
app-editors/emacs   < 26.3-r19:26  >= 26.3-r19:26  
                    < 27.2-r17:27  >= 27.2-r17:27  
                    < 28.2-r13:28  >= 28.2-r13:28  
                    < 29.3-r3:29   >= 29.3-r3:29  
app-emacs/org-mode  < 9.7.5        >= 9.7.5

Description  
==========  
%(...) link abbreviations could specify unsafe functions.

Impact  
=====  
Opening a malicious org-mode file could result in arbitrary code  
execution.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Emacs users should upgrade to the latest version according to the  
installed slot, one of:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-editors/emacs-26.3-r19:26"

Alternatively:

  # emerge --ask --oneshot --verbose ">=app-editors/emacs-27.2-r17:27"

  # emerge --ask --oneshot --verbose ">=app-editors/emacs-28.2-r13:28"

  # emerge --ask --oneshot --verbose ">=app-editors/emacs-29.3-r3:29"

All org-mode users should upgrade to the latest package:

  # emerge --ask --oneshot --verbose ">=app-emacs/org-mode-9.7.5"

References  
=========  
[ 1 ] CVE-2024-39331  
      https://nvd.nist.gov/vuln/detail/CVE-2024-39331

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-19

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-19

Gentoo Linux Security Advisory 202409-18 - Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Versions greater than or equal to 3.25.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-18  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: liblouis: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #905298  
       ID: 202409-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in liblouis, the worst of  
which could result in denial of service.

Background  
=========  
liblouis is an open-source braille translator and back-translator.

Affected packages  
================  
Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
dev-libs/liblouis  < 3.25.0      >= 3.25.0

Description  
==========  
Multiple vulnerabilities have been discovered in liblouis. Please review  
the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All liblouis users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">Þv-libs/liblouis-3.25.0"

References  
=========  
[ 1 ] CVE-2023-26767  
      https://nvd.nist.gov/vuln/detail/CVE-2023-26767  
[ 2 ] CVE-2023-26768  
      https://nvd.nist.gov/vuln/detail/CVE-2023-26768  
[ 3 ] CVE-2023-26769  
      https://nvd.nist.gov/vuln/detail/CVE-2023-26769

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-18

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-18

Gentoo Linux Security Advisory 202409-17 - Multiple vulnerabilities have been discovered in VLC, the worst of which could result in arbitrary code execution. Versions greater than or equal to 3.0.20 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-17  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: VLC: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #788226, #883943, #917274  
       ID: 202409-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in VLC, the worst of which  
could result in arbitrary code execution.

Background  
=========  
VLC is a cross-platform media player and streaming server.

Affected packages  
================  
Package          Vulnerable    Unaffected  
---------------  ------------  ------------  
media-video/vlc  < 3.0.20      >= 3.0.20

Description  
==========  
Multiple vulnerabilities have been discovered in VLC. Please review the  
CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All VLC users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=media-video/vlc-3.0.20"

References  
=========  
[ 1 ] CVE-2022-41325  
      https://nvd.nist.gov/vuln/detail/CVE-2022-41325

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-17

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-17

Gentoo Linux Security Advisory 202409-16 - Multiple vulnerabilities have been discovered in Slurm, the worst of which could result in privilege escalation or code execution. Versions less than or equal to 22.05.3 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-16  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Slurm: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #631552, #920104  
       ID: 202409-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in Slurm, the worst of  
which could result in privilege escalation or code execution.

Background  
=========  
Slurm is a highly scalable resource manager.

Affected packages  
================  
Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
sys-cluster/slurm  <= 22.05.3    Vulnerable!

Description  
==========  
Multiple vulnerabilities have been discovered in Slurm. Please review  
the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
Gentoo has discontinued support for Slurm. We recommend that users  
unmerge it:

  # emerge --ask --depclean "sys-cluster/slurm"

References  
=========  
[ 1 ] CVE-2020-36770  
      https://nvd.nist.gov/vuln/detail/CVE-2020-36770  
[ 2 ] CVE-2023-49933  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49933  
[ 3 ] CVE-2023-49934  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49934  
[ 4 ] CVE-2023-49935  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49935  
[ 5 ] CVE-2023-49936  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49936  
[ 6 ] CVE-2023-49937  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49937  
[ 7 ] CVE-2023-49938  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49938

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-16

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-16

Gentoo Linux Security Advisory 202409-15 - Multiple vulnerabilities have been discovered in stb, the worst of which lead to a denial of service. Versions greater than or equal to 20240201 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-15  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: stb: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #818556  
       ID: 202409-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in stb, the worst of which  
lead to a denial of service.

Background  
=========  
A set of single-file public domain (or MIT licensed) libraries for C/C++

Affected packages  
================  
Package       Vulnerable    Unaffected  
------------  ------------  ------------  
dev-libs/stb  < 20240201    >= 20240201

Description  
==========  
Multiple vulnerabilities have been discovered in stb. Please review the  
CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All stb users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">Þv-libs/stb-20240201"

Note that stb is included at compile time, so all packages that depend  
on it should also be reinstalled. If you have app-portage/gentoolkit  
installed you can use:

  # emerge --ask --verbose $( equery depends dev-libs/stb | sed 's/^/=/' )

References  
=========  
[ 1 ] CVE-2021-28021  
      https://nvd.nist.gov/vuln/detail/CVE-2021-28021  
[ 2 ] CVE-2021-37789  
      https://nvd.nist.gov/vuln/detail/CVE-2021-37789  
[ 3 ] CVE-2021-42715  
      https://nvd.nist.gov/vuln/detail/CVE-2021-42715  
[ 4 ] CVE-2021-42716  
      https://nvd.nist.gov/vuln/detail/CVE-2021-42716  
[ 5 ] CVE-2022-28041  
      https://nvd.nist.gov/vuln/detail/CVE-2022-28041  
[ 6 ] CVE-2022-28042  
      https://nvd.nist.gov/vuln/detail/CVE-2022-28042  
[ 7 ] CVE-2022-28048  
      https://nvd.nist.gov/vuln/detail/CVE-2022-28048

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-15

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Tag

#web