While the war between Russia and Ukraine intensifies, the biggest tech giants are announcing that they are suspending their operations in Russia one by one in compliance with the sanctions. The cyber was between the two countries is also escalating, some experts say that Russia is considering disconnecting itself from the rest of the world. Also this week, the notorious Lapsus$ group continue targeting big companies. The group’s latest target was Ubisoft.
Lapsus$ group has hacked Ubisoft as well
The data extortion group Lapsus$ attacked the gaming company Ubisoft as its third big victim. The incident has resulted in disruption in some of its games, services, and systems. The company could not identify the hackers and took immediate measures by sending a password reset request for every user. Lapsus$ has shared the related news in its Telegram group, with a smirking emoji.
AlmaLinux web team is calling for contributors
AlmaLinux web team announced that the team is now rethinking its web presence and associated entities. The developers want to make a new website that looks better, more useful, informative, localized, and accessible while the team is focusing on new features and security fixes. Developers who are interested in contributing to the project can reach out to the team on their community chat, subreddit, or Twitter account.
Firefox removed Russian search providers
Along with many other tech giants, Mozilla also decided to remove the Yandex Search, Mail.ru, and OK.ru services from its popular web browser. In the new version, users are being pointed to google.com. Although Mozilla didn’t make any official statements, it is considered the removal decision is made to prevent Russian state media from spreading information.
Linux netfilter firewall has a security hole
Sophos announced that they have found a new security hole in the Linux netfilter firewall program, which is used for controlling two-way access for the Linux network stack. The vulnerability affects the Linux kernel versions from 5.4 to 5.6.10 and it can be tracked with CVE-2022-25636, with a CVSS score of 7.8. The flaw allows a local attacker with a user account on the system to gain access to out-of-bounds memory.
Germany does not trust Kaspersky anymore
The German government has warned its citizens for avoiding using Kaspersky security products. The statement claims that the Kaspersky solutions are unreliable and they have doubts about the reliability of the manufacturer. The agency advises replacing the Kaspersky security products. Kaspersky has also released an official statement in response to BSI. The company claims that the statement is not based on a technical assessment of Kaspersky products and they have not any ties to the Russian government.
Spectre v2 CPU vulnerability emerges once more
Spectre is a bug that appeared on a performance-enhancing feature on modern CPUs called branch prediction. Spectre was one of the biggest security incidents in 2018. The researchers of VUSec have recently found new vulnerabilities that are based on Spectre v2. It is called Branch History Injection (BHI) and it allows extracting sensitive data such as security keys. Intel states that the best mitigation method is making adjustments to the Linux kernel.
Amazon has released a game for teaching cloud
Amazon has released a new game named AWS Cloud Quest: Cloud Partitioner. The game is free, 3D, and can be played on the web browser. Once you create your avatar, the AWS Cloud-training-game begins training for the interface elements such as locations of the buttons and what they work for. The game is a very nice way to teach the very basics of cloud visually and interactively. The game has a cloud-saving capability.