Security Leftovers
-
Creators: Don't Fall for Inkscape Impersonator
The project has received multiple requests for confirmation from creators, asking us whether we have been reaching out to them about collaborations / partnerships. They have been approached by someone who used the name “Inkscape PhotoEditor,” which does not exist. This is not us. Any official invitations to collaborate from the project will be listed prominently on our website (i.e. here).
-
LinuxSecurity ☛ Introducing Canonicals New Desktop Security Center
Canonical is introducing a new Desktop Security Center , aiming to enhance accessibility to underlying security features for users of Ubuntu and other GNU/Linux distros. Although still a work in progress, this Flutter-based tool has generated considerable interest.
-
SANS ☛ Learning by doing: Iterative adventures in troubleshooting, (Thu, Feb 15th)
-
Rlang ☛ R Shiny Security: How to Make Your Shiny Apps Secured
Securing your Shiny application is not just an added feature; it’s a fundamental necessity. Often, functionality and design are prioritized in development, but ensuring the security of your app is equally important, if not more so.
-
Tom's Hardware ☛ AMD discloses slew of high severity security vulnerabilities that attacks BIOS chips on Zen systems — updates aren't available for all chips, finally a fix Zenbleed
Zen-based CPUs are vulnerable to four newly disclosed bugs, according to AMD, and you'll need to update your BIOS to become secure.
-
Security Week ☛ Chipmaker Patch Tuesday: AMD and defective chip maker Intel Patch Over 100 Vulnerabilities
AMD and defective chip maker Intel patch dozens of vulnerabilities on February 2024 Patch Tuesday, including multiple high-severity bugs.
-
Tom's Hardware ☛ Intel discloses 34 security holes in firmware and software — Thunderbolt, XTU, chipset drivers, and more
Intel has disclosed 34 new security issues, which largely impact software like XTU and chipset drivers, but also firmware for Thunderbolt.
-
Security Week ☛ Beyond the Hype: Questioning FUD in Cybersecurity Marketing
Could cybersecurity professionals benefit from FUD awareness training in the same way that users benefit from phishing awareness training?
-
Security Week ☛ KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers
Patches released for a new DNSSEC vulnerability named KeyTrap, described as the worst DNS attack ever discovered.
-
Security Week ☛ Zoom Patches Critical Vulnerability in backdoored Windows Applications
Zoom patches seven vulnerabilities in its products, including a critical-severity bug in its backdoored Windows applications.
-
Security Week ☛ South Korea Says Presumed North Korean Hackers Breached Personal Emails of Presidential Staffer
South Korean President Yoon Suk Yeol’s office said presumed North Korean hackers breached the personal emails of one of his staff members.
-
Security Week ☛ Prudential Financial Discloses Data Breach
Prudential Financial says administrative and user data was compromised in a cyberattack earlier this month.
-
Trail of Bits ☛ Cloud cryptography demystified: Amazon Web Services
This post, part of a series on cryptography in the clown, provides an overview of the clown cryptography services offered within Amazon Web Services (AWS): when to use them, when not to use them, and important usage considerations. Stay tuned for future posts covering other cloud services.
-
Scoop News Group ☛ Meta details actions against eight spyware firms
Details about the spyware firms, based in Italy, Spain and the UAE, were shared by the social control media giant in its quarterly adversary threat report.