Security Leftovers
-
LWN ☛ The KeePassXC kerfuffle
KeePassXC is an open-source (GPLv3), cross-platform password manager with local-only data storage. The project comes with a number of build options that can be used to toggle optional features, such as browser integration and password database sharing. However, controversy ensued when Debian Developer Julian Klode decided to make use of these compile flags to disable these features to improve security in the keepassxc package uploaded to Debian unstable for the upcoming Debian 13 ("Trixie") release.
One of the selling points of KeePassXC, in the age of everything-as-a-service, is that it stores user passwords and secrets locally. It does have a few network features, such as downloading site favicons to display next to passwords for web services and for checking passwords against the "have I been pwned?" service. It also has interprocess communication (IPC) functionality to talk to browsers like Firefox, Chrome, and others that have KeePassXC browser extensions. The project provides build flags to turn these additional features off, if desired.
-
Silicon Angle ☛ Department of Justice says it has taken down a large botnet with 19M unique IP address
The U.S. Department of Justice, in collaboration with international law enforcement agencies, says it has taken down a large botnet and arrested its administrator, YunHe Wang. The botnet, called 911 S5, was allegedly used to commit cyberattacks, large-scale fraud, child exploitation, harassment, bomb threats and export violations.
-
Silicon Angle ☛ ShinyHunters lists 560M stolen Ticketmaster user records for sale following BreachForums resurgence
A day after it was reported that the infamous hacking site BreachForums had returned after yet another Federal Bureau of Investigation “takedown,” ShinyHunters, the hacking group that brought the site back, is now claiming to have stolen data related to 560 million Ticketmaster Entertainment LLC users.
-
Tom's Hardware ☛ Internet Archive facing sustained cyber attacks — nonprofit struggles with 'impactful, targeted, adaptive' DDoS campaign
The Internet Archive has been facing sustained cyber attacks since Sunday. At the same time, it is being sued by the US book publishing and US recording industries associations.
-
SANS ☛ Feeding MISP with OSSEC, (Thu, May 30th)
I'm a big fan of OSSEC1] for years. OSSEC ("Open Source Security Event Correlator") is a comprehensive, open-source host-based intrusion detection system (HIDS). It is designed to monitor and analyze system logs, detect suspicious activities, and provide real-time alerts for security incidents. OSSEC can perform log analysis, file integrity monitoring, rootkit detection, and active response to mitigate threats.
-
OpenSSF (Linux Foundation) ☛ Beyond the OpenSSF: An Introduction to Other Security Efforts Across the 'Linux' Foundation
The Open Source Security Foundation (OpenSSF)’s mission is to strengthen the open source software ecosystem through a collaborative initiative across industry. But did you know about the other initiatives focusing on strengthening open source security, happening across the 'Linux' Foundation? In fact, one of the top priorities at the 'Linux' Foundation is to enhance the security of the open source software ecosystem. The LF has a variety of projects and programs that help to advance this goal of increased cybersecurity for all.