Security Leftovers
-
iTWire - Phishing has been around long enough for Westpac to know
In the midst of a spate of data breaches — there have been eight reported in Australia since Optus led the way — the last thing one would expect is for any company to send out digital communications asking people to verify their identity.
But Westpac, one of the big four banks in this country, seems to think this is fine. Last week, I received an SMS and an email, couched in roughly the same language, asking me to "verify your details to better protect your account and identity".
Receiving such communications at other times from any source tends to make me suspicious. At this time, the degree of suspicion is ten times worse.
I called up the Westpac support line and was told that the SMS was not genuine but the email was. Which left me scratching my head.
-
New Release: Tor Browser 11.5.6 (Android, Windows, macOS, Linux)
This is an emergency release resolving an issue with Tor Browser 11.5.5's integration of the Snowflake pluggable transport. Users of 11.5.5 will be unable to connect to the Tor Network via the built-in Snowflake bridge until they update to 11.5.6.
-
Cryptographic signatures for zip distributions
Red Hat's products are distributed through numerous methods, including RPMs, ISOs and zip files. Over the past several months, we have been working across the organization to design and implement a plan to provide signatures for all zip file types so that our customers have greater assurance that Red Hat actually creates the products they receive. This work is essential to our customers' trust in Red Hat and our products.
Released on October 4th, 2022, Red Hat Single Sign-On patch 7.5.3 is the first Red Hat zip distribution to include cryptographic signatures. More product releases will come with this vital security metadata in the coming months.