Security Leftovers
-
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (amanda, ncurses, nghttp2, opendkim, rabbitmq-server, and roundcube), Fedora (golang-github-openprinting-ipp-usb, kernel, kernel-headers, kernel-tools, and samba), Mageia (audiofile, galera, libvpx, and virtualbox), Oracle (kernel and postgresql:13), SUSE (openssl-3, optipng, and python-Pillow), and Ubuntu (firefox).
-
OpenSSF (Linux Foundation) ☛ OpenSSF Releases Top 10 Secure Software Development Guiding Principles
Today, we are excited to announce version 1.0 of the Secure Software Development Guiding Principles. These 10 principles describe a series of foundational practices that, if followed, can help provide better assurance and security for organizations leveraging them. Though aspirational, they provide a set of core practices that producers and suppliers of software can pledge to align with and follow throughout their development lifecycles helping create more secure software.
-
OpenSSF (Linux Foundation) ☛ OpenSSF Announces New Members, Guiding Software Security Principles at OpenSSF Day Japan
The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the 'Linux' Foundation that focuses on sustainably securing open source software (OSS), announced new members from leading technology firms and a new set of Secure Software Development Guiding Principles at OpenSSF Day Japan.
-
PR Newswire ☛ OpenSSF Announces New Members, Guiding Software Security Principles at OpenSSF Day Japan
-
Bleeping Computer ☛ Linux version of Qilin ransomware focuses on VMware ESXi [Ed: The issue here is proprietary bloat of VMware, not Linux, but Microsoft-connected sites present this as something wrong with Linux, as usual]
In each folder, a ransom note named [extension]_RECOVER.txt will be created that contains links to the ransomware gang's Tor negotiation site and the login credentials required to access the victim's chat page.
-
Jerusalem Post ☛ Hackers steal IDF patient records from cyberattack on Israeli hospital
A hacker group allegedly linked to Iran says it stole 100,000 IDF medical records from a cyberattack on Ziv Medical Center in Safed in the Galilee.
-
The Guardian UK ☛ Sellafield nuclear site hacked by groups linked to Russia and China
The UK’s most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China, the Guardian can reveal.
The astonishing disclosure and its potential effects have been consistently covered up by senior staff at the vast nuclear waste and decommissioning site, the investigation has found.
The Guardian has discovered that the authorities do not know exactly when the IT systems were first compromised. But sources said breaches were first detected as far back as 2015, when experts realised sleeper malware – software that can lurk and be used to spy or attack systems – had been embedded in Sellafield’s computer networks.
-
Data Breaches ☛ Former Public School Information Technology Manager Charged with Damaging School’s Computer Network
An Ayer man was charged today and agreed to plead guilty in connection with a June 2023 cyberattack targeting the computer network of his former employer, an Essex County public high school.
Conor LaHiff, 30, was charged in an Information with one count of unauthorized damage to protected computers. He will appear in federal court in Boston at a later date.
-
Data Breaches ☛ Research: Privacy as Pretense: Empirically Mapping the Gap Between Legislative & Judicial Protections of Privacy
While many statutes recognize that violations of privacy cause harm—and some even provide for private rights of action to enforce privacy rights—scholars have speculated that the judicial doctrine of Article III standing could create a procedural hurdle to remedying privacy harms. This empirical study maps the extent of that hurdle by investigating the data privacy litigation landscape of the U.S. Federal Courts in light of the strict Article III injury requirement for addressing privacy violations. The results are striking: Close to 60% of the cases heard in federal courts from 2000 to 2020 were dismissed for a failure to satisfy the strict injury threshold of Article III standing requirements. The empirical analysis thus reveals a significant gap between what legislators intend privacy protection to do (and what privacy statutes provided for on their face), and the actual landscape of privacy protection as interpreted by courts.
-
Windows TCO
-
Data Breaches ☛ AlphV claims they have started contacting some of Tipalti’s clients (1)
As of today, the threat actors have not stated what clients they have already reached out to and whether they got any responses.
Claims by people on Twitter that named companies are being extorted or will almost certainly be extorted within days just help the threat actors while possibly harming the clients’ reputations and stock values.
-
Dark Reading ☛ Japan's Space Program at Risk After Microsoft Active Directory Breach
The agency, known as JAXA, has shut down parts of its network as it conducts an investigation to discover the scope and impact of the breach.
-
Kevin Beaumont ☛ What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
Credit union technology firm Trellance own Ongoing Operations LLC, and provide a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler patches had been applied since May 2023:
-
Data Breaches ☛ On September 2nd, the U.S. branch of Great Star Industrial Co. disbursed a ransom of 1 million dollars to a ransomware group
In the chat, we were able to read several interesting passages. The ransom amount requested by Akira was initially set at 2 million dollars in cryptocurrency, but it later increased to 2.4 million dollars. This escalation occurred because the ransomware group had in its possession the data of two other companies connected to Hangzhou Great Star Industrial Co., Ltd.
-