Security Leftovers
-
Security updates for Friday [LWN.net]
Security updates have been issued by Debian (chromium, libdatetime-timezone-perl, and tzdata), Fedora (flatpak and gmailctl), Mageia (firefox, flatpak, golang, gssntlmssp, libmicrohttpd, libtiff, python-flask-security, python-owslib, ruby-rack, thunderbird, unarj, and vim), Red Hat (firefox, kpatch-patch, nss, openssl, and thunderbird), SUSE (containerd, hdf5, qt6-base, and squirrel), and Ubuntu (amanda, gif2apng, graphviz, and linux, linux-aws, linux-azure, linux-gcp, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi).
-
We need better support for SSH host certificates
Github accidentally committed their SSH RSA private key to a repository, and now a bunch of people's infrastructure is broken because it needs to be updated to trust the new key. This is obviously bad, but what's frustrating is that there's no inherent need for it to be - almost all the technological components needed to both reduce the initial risk and to make the transition seamless already exist.
-
Garrett: We need better support for SSH host certificates
Matthew Garrett looks at the recent disclosure of GitHub's private host key, how it probably came about, and what a better approach to key management might look like.
-
Interesting note about the BreachForums situatio
-
Our Lady of the Lake hit by cyberattack; victims say hackers got Social Security and other data
A cyberattack on Our Lady of the Lake University’s computer network compromised personal data on its faculty, students and even individuals who applied to the university but never attended.
The private Catholic university on San Antonio’s West Side this week confirmed that it recently found evidence that “unauthorized access” to its network occurred about Aug. 30 and that "a limited amount of personal information was removed." It declined to detail the types of information taken.
-
Justice Department Announces Arrest of “Pompompurin” and Disruption of BreachForum’s Operation
Fitzpatrick’s arrest and the disruption of BreachForums comes nearly a year after the Department of Justice announced the seizure of a predecessor hacking marketplace, Raidforums, and unsealed criminal charges against RaidForums’ founder and chief administrator, who is the subject of extradition proceedings in the United Kingdom.
-
Rio Tinto data vendor GoAnywhere's possible breach spotted in Jan-end
U.S. cybersecurity firm Fortra said suspicious activity was identified within its GoAnywhere software nearly two months ago, a day after Rio Tinto in a staff memo said personal data of some of its Australian employees may have been stolen.
The internal memo seen by Reuters on Thursday revealed payroll information, like payslips and overpayment letters, of a small number of the mining giants' Australian employees from January 2023 had possibly been seized by a cybercriminal group.
-
Pension Protection Fund confirms employee data exposed in GoAnywhere breach
The Pension Protection Fund (PPF) has confirmed that data belonging to current and former employees has been exposed in the wake of the GoAnywhere breach.
In a statement to IT Pro, the fund, which manages pension assets for nearly 300,000 clients, said it has informed affected staff and is providing support and monitoring services for those impacted in the breach.
-
Warning to Seniors: Personal Data of 254K Medicare Beneficiaries at Risk After Breach
Hundreds of thousands of Americans’ personal information is at risk after Medicare’s data was breached. Now, lawmakers want answers.
House Committee on Oversight and Accountability Chairman James Comer, R-Ky., and House Committee on Energy and Commerce Chair Cathy McMorris Rodgers, R-Wash., sent a letter demanding a range of documents and communications from the Centers for Medicare & Medicaid Services.
-
It’s not just Windows that gets malware [Ed: But not every OS has intentional back doors/bug doors for the NSA et al]
Seemingly immune for so long, here's a reminder that MacOS and Linux need to protect themselves against malware, too.
-
Kids tech camp iD Tech still silent weeks after data breach
Parents are still looking for answers weeks after hackers stole the personal data of thousands of users from kids’ tech coding camp iD Tech, with some fearing that their children’s data was compromised in the data breach.
iD Tech, which provides on-campus classes and online tech and coding courses for kids, has yet to acknowledge the breach or notify parents.
-
Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own
-
Windows 11, Tesla, macOS & Ubuntu Desktop Hacked – Pwn2Own Day One
On the first day, Pwn2Own Vancouver 2023 hacking challenge participants compromised Windows 11, Tesla, macOS, and Ubuntu Desktop.