Tux Machines

Do you waddle the waddle?

Other Sites

news

Security Leftovers

posted by Roy Schestowitz on Mar 21, 2024

  • Scoop News GroupWhite House, EPA warn water sector of cybersecurity threats

    The EPA is also convening a task force to take on some of the challenges facing the sector around cybersecurity efforts.

  • Security Week Mintlify Data Breach Leads to Exposure of Customer GitHub Tokens

    Mintlify announces vulnerability disclosure program after a data breach exposed 91 customer GitHub tokens.

  • SANSAttacker Hunting Firewalls, (Tue, Mar 19th)

    Firewalls and other perimeter devices are a huge target these days. Ivanti, Forigate, Citrix, and others offer plenty of difficult-to-patch vulnerabilities for attackers to exploit. Ransomware actors and others are always on the lookout for new victims. However, being and access broker or ransomware peddler is challenging: The competition for freshly deployed vulnerable devices, or devices not patched for the latest greatest vulnerability, is immense. Your success in the ransomware or access broker ecosystem depends on having a consistently updated list of potential victims.

  • Hong Kong Free Press Hong Kong’s South China Athletic Association investigates data hack, 70,000 data subjects affected

    The South China Athletic Association (SCAA) is investigating a leak of members’ personal data, it said on Monday, as the privacy watchdog’ office warned that around 70,000 data subjects had been affected. The non-profit sports organisation said that names, birthdays, HKID numbers and correspondence addresses had been breached.

  • Security Week UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack

    UnitedHealth is testing the last major system it must restore from last month’s Change Healthcare cyberattack, but it has no date yet for finishing the recovery.

  • Security Week Aiohttp Vulnerability in Attacker Crosshairs

    A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group.

  • Security Week Misconfigured Firebase Instances Expose 125 Million User Records

    A weakness in a Firebase implementation allowed researchers to gain access to names, phone numbers, email addresses, plaintext passwords, confidential messages, and more.

  • Federal News Network Negotiators race to finish government funding bills after reaching deal on Homeland Security bill

    Negotiators from Congress and the White House are scrambling to complete work on funding government agencies for the fiscal year and avoid a partial shutdown that could begin this weekend. Lawmakers passed the first portion of spending bills in early March, funding about 30% of the government.

  • Security Week Chinese APT Hacks 48 Government Organizations

    Earth Krahang, likely a penetration team of Chinese government contractor I-Soon, has compromised 48 government entities worldwide.

  • Security Week Nations Direct Mortgage Data Breach Impacts 83,000 Individuals

    Nations Direct informs 83,000 individuals that their personal information was compromised in a data breach.

  • Latvia Latvian government agrees on major cyber security update

    On Tuesday, March 19, the Latvian Cabinet of Ministers approved the draft law "National Cyber ​​Security Law". The purpose of the draft law is to strengthen cyber security in Latvia, as well as to introduce the revised requirements of the European Union Network and Information Systems Security Directive (NIS2) to achieve a uniformly high level of cyber security throughout the European Union.

  • Dark Reading Russian Intelligence Targets Victims Worldwide in Rapid-Fire Cyberattacks

    Russian state hackers are performing targeted phishing campaigns in at least nine countries spread across four continents. Their emails tout official government business and, if successful, threaten not just sensitive organizational data, but also geopolitical intelligence of strategic importance.

    Such a sophisticated, multi-pronged plot could only be wrought by a group as prolific as Fancy Bear (aka APT28, Forest Blizzard, Frozenlake, Sofacy Group, Strontium, UAC-028, and many more aliases still), which IBM X-Force tracks as ITG05 in a new report.

    Besides the convincing government-themed lures and three new variants of custom backdoors, the campaign stands out most for the information it targets: Fancy Bear appears to be aiming for highly specific information of use to the Russian government.

  • Public notice of break-in at Whitehorse Victim Services office

    The Government of Yukon is reporting a break-in that occurred at the Whitehorse Victim Services office sometime between the evening of March 15 and the morning of March 16, 2024.

    The Whitehorse detachment of RCMP “M” Division is investigating the break-in and the Department of Justice is following the appropriate procedures to respond to the privacy breach affecting confidential files that contain sensitive personal information.

    Confidential files and other items have been accessed. Individuals who have obtained services through Victim Services may be affected, as may other individuals who may be referenced in victims’ files. It is still unclear the extent to which confidential information may have been compromised. Files that may have been accessed often include individuals' names, contact information and birthdates, as well as information about legal proceedings. Some such files contain additional personal information, as do some cell phones that were stolen.

Other Recent Tux Machines' Posts

today's leftovers
GNU/Linux and FOSS picks
Programming and Development Tools
Programming leftovers mostly
Security Leftovers
only 3 for now
Linux Devices and Open Hardware Leftovers
misc. picks
EasyOS Development Updates
EasyOS's latest
KDE: Criticism, KUserFeedback (KUF), and Microsoft Outsources
two KDE picks
Applications: Makulu Tools, Hugin, amd Email Client
4 picks regarding software
today's howtos
first big batch
10 Reasons To Choose Ubuntu Server Over the Competition
When you think of a server's operating system (OS), what comes to mind?
Mozilla Firefox 133 Is Now Available for Download, Here’s What’s New
Mozilla Firefox 133 open-source web browser is now available for download with the ability to show tabs from other devices in the Tab Overview menu and other changes.
Fwupd 2.0.2 Firmware Updater Adds Support for ASUS ROG Ally, Raspberry Pi Pico
Fwupd 2.0.2 Linux firmware update utiltiy is now available for download with support for checking AMD hardware configuration MSR and other changes.
Android Leftovers
Why the Pixel Tablet's cancellation makes sense in light of a possible Android and Chrome OS merge
today's leftovers
security and more
Canonical wants Ubuntu 20.04 LTS users to upgrade as End of Life approaches
Canonical has issued a warning to users of Ubuntu 20.04 LTS
Audiocasts/Shows: Linux Out Loud, GNU World Order, Open Source Security Podcast, This Week in Linux
4 new episodes
Open Hardware/Modding/Retro: GNU-like Mobile Linux, Old Amigas, and More
gadgets and hacking
Guix/Hurd on a Thinkpad X60
A lot has happened with respect to the Hurd since our Childhurds and GNU/Hurd Substitutes post
Free and Open Source Software
Magpie is used by the Budgie Desktop as its window manager
Review: Linux Lite 7.2
Linux Lite 7.2 is an update from the 7.0 release in June, and it's based on Ubuntu 24.04.1 LTS and will receive five years of support
KDE: UX Insights (that we cannot get right now)
After the criticism in the last post about the limitations of KUserFeedback (KUF) for doing data-driven UX work
9to5Linux Weekly Roundup: November 24th, 2024
The 215th installment of the 9to5Linux Weekly Roundup is here for the week ending on November 24th, 2024.
Today in Techrights
Some of the latest articles
TuxCare and Cloudimg Partner to Bring Patches to Dead Linux Cloud Images
TuxCare has partnered with UK-based Cloudimg, to bring its customers TuxCare Endless Lifecycle Support for keeping end-of-life Linux distributions supported
Android Leftovers
Here's what I'll miss about Chrome OS once it turns into Android
Just Starting in the Linux Terminal? Here Are Some Setup Tips
The Linux terminal is useful, but it sometimes gets a bad rap for being boring
Free and Open Source Software
This is free and open source software
today's leftovers
GNU/Linux and FOSS links
dpb (Distributed Ports Builder), Warp and Wireshark
Applications in focus
Games: Humble Bundle, Social Media Card Game, and Snake
With Linux twist
Programming Leftovers
coding related links
Open Hardware Leftovers
ESP32 and more
Audiocasts and Videos: Collection From Invidious and TLLTS
from the past week
today's howtos
many howots for today and some older ones
FreeBSD 14.2-RC1 Now Available
The first Release Candidate build of the 14.2-RELEASE release cycle is now available
Wine 9.22 Released with Display Mode Virtualization Support
Wine 9.22 is now available with Wayland driver enabled by default, DirectPlay network boosts, Unicode CLDR 46 updates, and display virtualization
10 Best Linux FTP Clients for Every User in 2024
Looking for reliable FTP clients on Linux
Moksha – modern iteration of the Enlightenment window manager
This is free and open source software
RELIANOID Load Balancer Community Edition v7.5 Release Notes
We are thrilled to announce the release of RELIANOID 7.5.0 (Community Edition)
AlmaLinux OS 9.5 Is Here as a Free Alternative to Red Hat Enterprise Linux 9.5
The AlmaLinux OS Foundation announced today the release and general availability of AlmaLinux OS 9.5 (codename Teal Serval), as the latest stable version of this free Red Hat Enterprise Linux (RHEL) fork.
GhostBSD 24.10.1 Is Now Available
We’re excited to announce the release of GhostBSD 24.10.1
KaOS 2024.11
More application are now ready to use Qt6 and Frameworks 6 including Freecad, Sqlitebrowser, Cantor, Kalzium, Webacmoid and Liquidshell
Fedora / IBM / Oracle Linux / IBM Leftovers
the Red Hat universe in blogs and news sites
Today in Techrights
Some of the latest articles
Archinstall 3.0.1: Improved Partition Management and System Stability
Archinstall 3.0.1, a guided installer for Arch Linux, is a patch update that fixes partition issues, improves code quality, and enhances user experience
today's leftovers
GNU/Linux and FOSS news
OpenSUSE: Tumbleweed Review and Hackweek
Some openSUSE updates
Open Hardware/Modding: Raspberry Pi, Pine64, Fairphone, and More
Gadgets and more
Milk-V Launches MILK-V Megrez PC, Starting at $199.00
The Milk-V Megrez, first announced in August this year, is recognized as one of the first RISC-V hardware hypervisors available in the market
Firefox Woes and Firefox DevTools Newsletter
Mozilla/Firefox picks
Programming Leftovers
Development bits
Free and Open Source Software
Only free and open source software is featured here
Security Leftovers
Security bits and pieces
today's howtos
more howtos
Compulab’s UCM-iMX95 with NXP i.MX 95 Processor, Real-Time Cortex-M7, and eIQ Neutron NPU
The UCM-iMX95 supports mainline Linux and the Yocto Project, with a comprehensive Board Support Package
Linux Kernel 6.12 Officially Released, This Is What’s New
Linus Torvalds announced today the release and general availability of Linux kernel 6.12, the latest stable version of the Linux kernel that introduces several new features and improvements.
today's howtos
many howtos, esp. idroo
Canonical/Ubuntu: Warehouse, EdgeIQ and Ubuntu Core
Canonical/Ubuntu news
Windows TCO Leftovers
The full cost of Microsoft deployments
Games: Unreal and Unreal Tournament on Internet Archive, More Picks Mostly From GamingOnLinux
gamers' news
mesa 24.3.0
This release has seen the continuing trend of OpenGL work slowing down
today's leftovers
Mozilla, BSD, and more
Games: Age of Empires II: The Conquerers, Microsoft Failing Badly
Some gaming picks
Programming Leftovers
Development related picks
Open Hardware: Raspberry Pi, Arduino, and More
Some hardware picks
Google Demotes GNU/Linux to Linux (Android), Linux Foundation Gets Misleading Puff Piece From SJVN
setbacks?
Fedora / Red Hat / IBM Leftovers
mostly Red Hat stuff
today's howtos
this weekend's first batch
Security Leftovers
Inc. bugfix releases
Android Leftovers
Your next Android phone could swap out Google Fit for this alternative
Canonical/Ubuntu Leftovers
security and commercial bits
FreeCAD 1.0 Released After 22 Years in Development
Good things come to those who wait, and for 3D modelling professionals with a preference for open-source software
Best Free and Open Source Software
Only free and open source software is eligible for inclusion here
This Week in Plasma: Battery Charge Cycles in Info Center
This week we of course continued the customary bug-fixing, but got some nice new features and UI improvements too
This Week in GNOME: #175 Magic
Update on what happened across the GNOME project in the week from November 15 to November 22
Today in Techrights
Some of the latest articles
Linux Code of Conduct Board and CoC Supremacy Over Code/Function
CoC strikes