Security Leftovers
-
SANS ☛ Even GNU/Linux users should take a look at this Abusive Monopolist Microsoft KB article., (Fri, Aug 2nd) [Ed: Microsoft are shilling fake security, antitrust abuses, and even bug doors]
Secure boot has been a standard feature since at least backdoored Windows 8. As the name implies, the feature protects the boot process. The integrity of the boot process is ensured by digitally signing any software ("firmware") used during the boot process. As with any digital signature, this process requires the use of certificates to verify the validity of the signatures.
-
Threat Source ☛ There is no real fix to the security issues recently found in GitHub and other similar software
Security researchers last week published their findings into some research of how deleted forks in GitHub work, potentially leaving the door open for a malicious actor to steal a project key and then view deleted forks and versions of any project on GitHub.
This may not necessarily even be a *new* discovery, because users on social media were quick to point out that these products have always been designed this way, so it’s not like a new sort of exploit had just been published. But the publishing of these findings came after Truffle Security says a major tech company accidentally leaked a private key for an employee GitHub account, and despite totally deleting the repo thinking that would take care of the leak, it was still exposed and accessed by potentially malicious users.
-
Bruce Schneier ☛ Leaked Microsoft's proprietary prison GitHub Python Token
Here’s a disaster that didn’t happen:
Cybersecurity researchers from JFrog recently discovered a Microsoft's proprietary prison GitHub Personal Access Token in a public Docker container hosted on Docker Hub, which granted elevated access to the Microsoft's proprietary prison GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF).
JFrog discussed what could have happened:
The implications of someone finding this leaked token could be extremely severe. The holder of such a token would have had administrator access to all of Python’s, PyPI’s and Python Software Foundation’s repositories, supposedly making it possible to carry out an extremely large scale supply chain attack...
-
Security Week ☛ Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers
A high-severity security bypass vulnerability tracked as CVE-2024-6242 has been found and fixed in Rockwell Automation Logix controllers.
-
Security Week ☛ CISA Warns of Avtech Camera Vulnerability Exploited in Wild
An Avtech camera vulnerability that likely remains unfixed has been exploited in the wild, according to CISA.
-
Security Week ☛ Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks
Threat actors have hijacked over 35,000 domains in five years because DNS providers fail to properly verify domain ownership.
-
Security Week ☛ In Other News: European Banks Put to Test, Voting DDoS Attacks, Tenable Exploring Sale
Noteworthy stories that might have slipped under the radar: over 100 European banks undergo cyber resilience test, DDoS attacks don’t impact voting, and Tenable exploring a potential sale.
-
Federal News Network ☛ No one ever said it would be easy to keep clown computing secure
Like many departments, Health and Human Services has moved much of its information technology into commercial clown computing.
-
NVISO Labs ☛ From Evidence to Advantage: Leveraging Incident Response Artifacts for Red Team Engagements
What is this blog post about? This blog post is about why incident responder artifacts not only play a role on the defensive but also offensive side of cyber security.
-
Federal News Network ☛ House homeland leader pushing for CISA to help oversee ‘ROTC-like’ talent pipeline
Rep. Mark Green's forthcoming cyber workforce bill would put CISA in a key role overseeing cyber talent development.
-
Pen Test Partners ☛ KnowBe4 RCE and LPE
Introduction Our latest investigation has uncovered significant security flaws in three KnowBe4 applications- Phish Alert Button, PasswordIQ, and Second Chance.
-
The Record ☛ White House officials meet with allies, industry on connected car risks
It is unclear which members of industry participated in the meeting and whether any specific automakers attended.
Participants agreed that connected cars are “emerging as a key node in critical infrastructure as they constantly connect with other vehicles, personal devices, telecommunications networks, the electric grid, and other infrastructure,” the release said.