Security and Authenticity Leftovers
-
The Hill ☛ Biden administration warns states of cyberattack threat to water, wastewater systems
The Biden administration warned governors Tuesday that “disabling” cyberattacks are targeting drinking water and wastewater systems throughout the country and urged them to help identify and address any vulnerabilities.
Water and wastewater systems can represent an “attractive target” for cyberattacks because of their essential nature and frequent lack of “resources and technical capacity to adopt rigorous cybersecurity practices,” said Michael Regan, the administrator of the Environmental Protection Agency (EPA), and White House national security adviser Jake Sullivan in a letter.
-
LinuxSecurity ☛ Analyzing AcidPour: A New and Evolving GNU/Linux Malware Threat
A new variant of the AcidRain GNU/Linux malware called AcidPour has been discovered. This malware targets explicitly GNU/Linux systems in Ukraine. AcidPour expands upon its predecessor and poses a significant risk to users. Let's examine the importance of this discovery, the implications for admins and security professionals, and measures you can take to protect against threats like AcidPour.
-
Authenticity
-
Krebs On Security ☛ The Not-so-True People-Search Network from China
It’s not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it’s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities.
Responding to a reader inquiry concerning the trustworthiness of a site called TruePeopleSearch[.]net, KrebsOnSecurity began poking around. The site offers to sell a report containing photos, police records, background checks, civil judgments, contact information “and much more!” According to LinkedIn and numerous profiles on websites that accept paid article submissions, the founder of TruePeopleSearch is Marilyn Gaskell from Phoenix, Ariz.
-
Terence Eden ☛ What the UK Government gets wrong about QR codes
Throughout my time in the Civil Service I advocated for the use of .gov.uk URls everywhere. They're a trusted destination for users, they're under Government control so are less likely to be hijacked, and they don't require users to give their data to third parties.
I helped the Government Communication Service write "Link shorteners: the long and short of why you shouldn’t use them."
Today, in the post, I received six QR codes for Government services. Let's take a look at them.
-