Security and Windows TCO Leftovers
-
Troy Hunt ☛ Inside the "3 Billion People" National Public Data Breach
-
Security Week ☛ AMD Says New Sinkclose CPU Vulnerability Only Affects ‘Seriously Breached Systems’
Many AMD CPUs are affected by the new Sinkclose vulnerability, but the chipmaker noted that the flaw is not easy to
-
Silicon Angle ☛ NIST releases new standards for post-quantum cryptography
The U.S. Department of Commerce’s National Institute of Standards and Technology today released its Federal Information Process Standards for post-quantum cryptography, a new set of standards that address the emerging security challenges posed by quantum computing.
-
Security Week ☛ Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation
SecurityWeek speaks to Michael Osborne, CTO of I.C.B.M. Quantum Safe, for a better understanding of the need for and principles of quantum safe cryptography.
-
Canonical ☛ The Cyber Resilience Act: What it means for open source
-
Ubuntu ☛ The Cyber Resilience Act: What it means for open source
Canonical CISO Stephanie Domas outlines the community response to the EU Cyber Resilience Act and explores how it will affect enterprises using open source software.
-
Security Week ☛ SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps
SAP has released 25 security notes on August 2024 Security Patch Day, including for critical vulnerabilities in BusinessObjects and Build Apps.
-
Security Week ☛ Adobe Calls Attention to Massive Batch of Code Execution Flaws
Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that backdoored Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks.
-
OpenSSF (Linux Foundation) ☛ What’s in the SOSS? Podcast #11 – Google’s Andrew Pollock and Addressing Open Source Vulnerabilities
-
SANS ☛ Microsoft August 2024 Patch Tuesday, (Tue, Aug 13th)
The other CVSS 9.8 is associated with the backdoored Windows TCP/IP Remote Code Execution Vulnerability (CVE-2024-38063). Systems are not affected if IPv6 is disabled on the target machine. The advisory says that an unauthenticated attacker could repeatedly send IPv6 packets, that include specially crafted packets, to a backdoored Windows machine which could enable remote code execution.
-
Windows TCO
-
Security Week ☛ Microsoft Warns of Six backdoored Windows Zero-Days Being Actively Exploited
Microsoft's security response team pushed out documentation for almost 90 vulnerabilities across backdoored Windows and OS components and marked several flaws in the actively exploited category.
-
Security Week ☛ US Unseals Charges Against Three Eastern Europeans Over Ransomware, Malvertising
Maksim Silnikau was extradited to the US to face charges for roles in the distribution of the Angler exploit kit, malware, and the Ransom Cartel ransomware.
-