Security Leftovers
-
LWN ☛ Driving forward in Android drivers (Project Zero)
This
Project Zero article looks at the exploitation of a few Android driver
bugs in great detail.
-
Bruce Schneier ☛ Demo of AES GCM Misuse Problems
This is really neat demo of the security problems arising from reusing nonces with a symmetric cipher in GCM mode.
-
The Register UK ☛ It's the White House's turn to take on insecure Microsoft • The Register
-
LWN ☛ Security updates for Friday
Security updates have been issued by CentOS (389-ds-base, bind, bind-dyndb-ldap, and dhcp, firefox, glibc, ipa, less, libreoffice, and thunderbird), Debian (cups), Fedora (chromium and cyrus-imapd), Mageia (golang and poppler), Oracle (bind, bind-dyndb-ldap, and dhcp, gvisor-tap-vsock, python-idna, and ruby), Red Hat (dnsmasq and expat), SUSE (libaom, php8, podman, python-pymongo, python-scikit-learn, and tiff), and Ubuntu (h2database and vte2.91).
-
Security Week ☛ Ascension Says Personal, Health Information Stolen in Ransomware Attack
Ascension says patient information was stolen in an early-May ransomware attack that involved an employee downloading malware.
-
Security Week ☛ In Other News: Fuxnet ICS Malware, Surveillance Giant Google User Tracking, CISA Employee Scams
Noteworthy stories that might have slipped under the radar: Overview of the ICS malware Fuxnet, Surveillance Giant Google accused of tracking users, scammers impersonate CISA staff.
-
Matt Palmer ☛ Matthew Palmer: Information Security: "We Can Do It, We Just Choose Not To"
Whenever a large corporation disgorges the personal information of millions of people onto the Internet, there is a standard playbook that is followed.
-
Trail of Bits ☛ Announcing the Burp Suite Professional chapter in the Testing Handbook
Based on our security auditing experience, we’ve found that Burp Suite Professional’s dynamic analysis can uncover vulnerabilities hidden amidst the maze of various target components. Unpredictable security issues like race conditions are often elusive when examining source code alone.
-
Security Week ☛ Pakistani Threat Actors Caught Targeting Indian Gov Entities
Security researchers at Cisco Talos and Volexity flag two Pakistani espionage campaigns targeting Indian government entities.
-
Security Week ☛ OpenAI Appoints Former NSA Director Paul Nakasone to Board of Directors [Ed: Microsoft is buying off the US government]
Retired U.S. Army General Paul M. Nakasone brings cybersecurity experience to OpenAI's Board of Directors and Safety and Security Committee.
-
Security Week ☛ Edge Devices: The New Frontier for Mass Exploitation Attacks
The increase in mass exploitation involving edge services and devices is likely to worsen.
-
Security Week ☛ Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE
Rockwell Automation has patched three high-severity vulnerabilities in its FactoryTalk View SE HMI software.
-
Security Week ☛ CISA Warns of Progress Telerik Vulnerability Exploitation
CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.
-
OpenSSF (Linux Foundation) ☛ OpenSSF GUAC Tech Talk Highlights
Last week, the community convened for the OpenSSF Tech Talk, spotlighting GUAC (Graph for Understanding Artifact Composition).
-
Security Week ☛ Microsoft Delaying Recall Feature to Improve Security [Ed: Its very existence is a security problem and short of removal nothing gets solved]
Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.
-
Silicon Angle ☛ Microsoft delays release of backdoored Windows 11’s Recall feature [Ed: It is not being removal, so remove Windows]
Microsoft Corp. has pushed back the release date of Recall, an upcoming backdoored Windows 11 feature that will enable users to more quickly find files and applications they accessed in the past. The company announced the decision in a late Thursday update on the official backdoored Windows blog.