Security and Digital Restrictions (DRM/TPM) Leftovers
-
One of Anom's Top Alleged Sellers Flown to U.S. to Face Charges
Alexander Dmitrienko was an alleged seller for the FBI's honeypot phone company. More than a year and a half after the FBI pulled back the curtain on the operation, Dmitrienko is now in the U.S. to face his charges.
-
Ransomware Attacks – Part 1 (Introduction)
In this series of articles, I will talk about Ransomware attacks and how we can better protect our systems. What is ransomware? Ransomware is a type of malicious software (malware) that is designed to block access to a computer system or its data, usually by encrypting it, until a ransom is paid.
-
Ransomware Attacks – Part 2 (Traditional IT Security)
Table of Contents 1. Introduction 2. How do we protect traditional IT infrastructure? 3. How do I use SELinux, AppArmor and Netfilter? 4. Can STIG hardening guide help me protect my Linux server? 5. How can I apply a STIG profiles to all my servers? 6.
-
Ransomware Attacks – Part 3 (Container Security )
Table of Contents 1. Introduction 2. How do we protect Kubernetes environments? 3. Why use Zero-Trust policies to stop the spread of malware? 4. The importance of having a secure software supply chain? 5. Why must we automate security in Kubernetes environments? 6. How can we scale these measures when we have multiple clusters? 7.
-
Security updates for Wednesday [LWN.net]
Security updates have been issued by Debian (gnutls28 and haproxy), Fedora (syslog-ng), Mageia (apr-util, chromium-browser-stable, editorconfig-core-c, ffmpeg, libzen, phpmyadmin, tpm2-tss, and webkit2), Oracle (kernel and kernel-container), Slackware (mozilla and php), SUSE (git, haproxy, kernel, nodejs18, phpMyAdmin, and timescaledb), and Ubuntu (APR-util, git, and haproxy).
-
691 malicious npm packages and 49 PyPI components containing crypto-miners, remote access Trojans discovered [Ed: Microsoft shipping malware through NPM]
Security researchers have discovered yet another sizable haul of malicious packages on the open source registries npm and PyPI. These packages, which could cause problems if developers downloaded them without realizing it, can be found here. It comes with a number of different packages, all of which contain the same malicious package. go file is a Trojan horse programme that was developed to mine cryptocurrency on Linux computers. According to Sonatype, sixteen of these were able to be traced back to the same actor known as trendava, who has since been removed from the npm registry.
-
Group-IB report details previously unknown Indian-sponsored SideWinder campaign
Cybersecurity services company Group-IB Global Pvt. Ltd. has published details on previously unreported phishing operations carried out by the nation-state cyber threat actor SideWinder between June and November 2021. -
Linux Fix Coming: AMD’s Intermittent System Stutter Issues Due To fTPM RNG
In 2022, AMD cautioned customers that Ryzen systems running Windows 10 and 11 could experience intermittent stuttering if the Firmware Trusted Platform Module (fTPM) were used. Initially, this only occurred with Windows users; however, it has now spread to Linux devices that have enabled the AMD fTPM RNG by default - starting with version 6.1+.
-
Justice Department Says John Deere Should Let Farmers Repair Their Tractors
The DOJ filed a "statement of interest" in a class action lawsuit against John Deere siding with plaintiffs and blasting the company's arguments.