Security Leftovers
-
Security updates for Wednesday [LWN.net]
Security updates have been issued by Debian (gdal, maven-shared-utils, thunderbird, webkit2gtk, and wpewebkit), Fedora (firefox and libofx), SUSE (dpdk, firefox, flatpak, grafana, kernel, libcaca, and opera), and Ubuntu (ghostscript and linux-gcp-5.15).
-
iTWire - PM tells Optus it will have to pay for replacing users' passports
Prime Minister Anthony Albanese has told Optus that it must pay the costs for customers who want to replace their passports if their data was caught up in the breach that the telco announced last Thursday.
Albanese said Australia's security and privacy legislation would be updated, adding that big data breaches would result in penalties.
He added that Optus, not taxpayers, should pay for the new identity documents because the breach was caused by the telco's failures, and expressed surprise that the Opposition was asking the government to pick up the bill.
-
Delhi HC issues notice in SnTHosting’s challenge to legality of CERT-In’s Directions
The Delhi HC has issued notice in a petition filed by SnTHostings challenging the legality of Direction No. 20(3)/2022-CERT-In dated April 28, 2022 (‘2022 Directions’) by the The Indian Computer Emergency Response Team (‘CERT-In’). SnTHostings provides hosting, Virtual Private Network (‘VPN’) and Virtual Private Server (‘VPS’) services. The 2022 Directions presented an existential crisis to SnTHostings as they mandated it to collect a range of personal data and share it with CERT-In on demand and / or on the occurrence of a cyber-security incident. Mr. Samar Bansal appeared on behalf of SnTHosting. Justice Yashwant Verma of the Delhi HC heard detailed submissions from the counsel and directed CERT-In to provide a response to the Petition, stating that the issue requires consideration. IFF provided legal assistance.
-
CISA Releases Three Industrial Control Systems Advisories [Ed: Now revised]
CISA has released three (3) Industrial Control Systems (ICS) advisories on September 27th, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
-
Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems [Ed: So don't install it. In Windows there are back doors, so it may be outside the user's control.]
A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet.
-
Pro-ISIS Outlet Recommends Most Secure Linux Systems [Ed: Now they try to associate Linux with terrorism even if the vast majority of terrorists use Windows]