Security Leftovers
-
Bruce Schneier ☛ Long Analysis of the M-209
Really interesting analysis of the American M-209 encryption device and its security.
-
Security Week ☛ Ransomware Gang Claims Cyberattack on Planned Parenthood
Planned Parenthood confirms "cybersecurity incident" as RansomHub ransomware gang threatens to leak 93 Gb of data stolen from the nonprofit last week.
-
Security Week ☛ Cisco Patches Critical Vulnerabilities in Smart Licensing Utility
Cisco has released patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility.
-
Security Week ☛ Two Nigerians Sentenced to Prison in US for BEC Fraud
Franklin Ifeanyichukwu Okwonna and Ebuka Raphael Umeti were sentenced to prison in the US for business email compromise (BEC) fraud.
-
Security Week ☛ Microchip Technology Confirms Personal Information Stolen in Ransomware Attack
Microchip Technology says employee contact information and other types of data was stolen in an August ransomware attack.
-
Security Week ☛ How Do You Know When Hey Hi (AI) is Powerful Enough to be Dangerous? Regulators Try to Do the Math
An Hey Hi (AI) model trained on 10 to the 26th floating-point operations per second must now be reported to the U.S. government and could soon trigger even stricter requirements in California.
-
OpenSSF (Linux Foundation) ☛ Simplify SBOM Management for Developers: Introducing Bomctl
Software security is a top priority, and understanding the components that make up your software is crucial. Software Bill of Materials (SBOMs) play a vital role in achieving this by providing a detailed list of these components and their relationships.
-
Scoop News Group ☛ Predator spyware resurfaces with signs of activity, Recorded Future says
Sanctions and public exposure might have driven Intellexa into silence for months, but that doesn’t mean its Predator spyware is gone for good.
-
SANS ☛ Enrichment Data: Keeping it Fresh, (Fri, Sep 6th)
I like to enrich my honeypot data from a variety of sources to help understand a bit more about the context of the attack.
-
Security Week ☛ DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign
Two DrayTek vulnerabilities added by CISA to its KEV catalog have been exploited by multiple threat groups to steal data from organizations worldwide.
-
LWN ☛ Security updates for Thursday
Security updates have been issued by AlmaLinux (bubblewrap and flatpak, containernetworking-plugins, fence-agents, ghostscript, krb5, orc, podman, python3.11, python3.9, resource-agents, runc, and wget), Debian (chromium, cinder, glance, gnutls28, nova, nsis, python-oslo.utils, ruby-sinatra, and setuptools), Fedora (kernel), Oracle (bubblewrap and flatpak, buildah, containernetworking-plugins, fence-agents, ghostscript, gvisor-tap-vsock, kernel, krb5, libndp, nodejs:18, orc, podman, postgresql, python-urllib3, python3.11, python3.12, python3.9, runc, skopeo, and wget), SUSE (hdf5, netcdf, trilinos), and Ubuntu (firefox, imagemagick, ironic, openssl, python-django, vim, and znc).
-
High-Severity Intel Microcode Vulnerabilities Fixed in Ubuntu
Recently, multiple high-severity vulnerabilities were discovered in Intel Microcode that could potentially lead to privilege escalation. Canonical, the organization behind Ubuntu, has acted swiftly by releasing security updates to address these vulnerabilities. This article explores the details of these vulnerabilities and offers essential guidance on safeguarding your Ubuntu systems.