Security: Patches, Android, and Reproducible Builds
-
Security updates for Friday [LWN.net]
Security updates have been issued by Debian (chromium and exiv2), Fedora (curl, device-mapper-multipath, dotnet6.0, mediawiki, mingw-gcc, and php-pear-CAS), Gentoo (lesspipe), Slackware (php), SUSE (git, glibc, kernel, libarchive, python, python-rsa, python3-lxml, rpm, sudo, xen, and xwayland), and Ubuntu (wavpack).
-
Experts Uncover Two Long-Running Android Spyware Campaigns Targeting Uyghurs
Two long-running surveillance campaigns have been found targeting the Uyghur community in China and elsewhere with Android spyware tools designed to harvest sensitive information and track their whereabouts.
This encompasses a previously undocumented malware strain called BadBazaar and updated variants of an espionage artifact dubbed MOONSHINE by researchers from the University of Toronto's Citizen Lab in September 2019.
-
Reproducible Builds in October 2022 - reproducible-builds.org
Welcome to the Reproducible Builds report for October 2022! In these reports we attempt to outline the most important things that we have been up to over the past month.
-
Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan
Both the apps function as a dropper, meaning the apps themselves are harmless and are a conduit to retrieve the actual payload, which, in the case of Todo, is hosted on GitHub.