Security Leftovers
-
iTWire - SA to pay for new licences for Optus breach victims
South Australia will pick up the tab for any residents in the state who are affected by the Optus data breach and need to get a new driver's licence.
In a tweet, SA Premier Peter Malinauskas said: "The South Australian State Government will waive the usual replacement fee for South Australians requiring a new driver’s licence as a result of the recent Optus data breach."
NSW Minister for Fair Trading and Digital Government Victor Dominello said affected Optus users in the state would have to pay $29 upfront to replace their licences.
-
Wolfi Linux provides the control needed to fix modern supply chain threats
There’s been a massive push for supply chain security in the last few years: integrity protection, vulnerability management, and transparency. This push has left organizations struggling to secure their pipelines and manage vulnerabilities, especially when running in the cloud. Existing tooling doesn’t support supply chain security natively and requires users to bolt on critical features like signatures, provenance, and software bills of material (SBOM).
-
Attacking Encrypted HTTP Communications | Pen Test Partners
The Reolink RLC-520A PoE camera obfuscates its HTTP communication by encrypting the POST body data. This level of security does defend against opportunistic attackers but falls short when defending against persistent attackers.
-
Time's up: Microsoft Exchange Online users face a key security deadline Saturday [Ed: This is not about security but about more vendor lock-in and more NSA surveillance by consolidation/centralisation]
Microsoft is about to eliminate a method for logging into its Exchange Online email service that is widely considered vulnerable and outdated, but that some businesses still rely upon.
The company has said that as of Oct. 1, it will begin to disable what's known as "basic authentication" for customers that continue to use the system.