Security Leftovers
-
Federal News Network ☛ The FBI’s CAT has been stalking cyber rats for nearly 20 years
"We have this whole government approach that we take in response to intrusions that are targeting the US government and our allies," Unit Chief Scott Ledford.
-
Federal News Network ☛ Pentagon’s first cyber policy chief targets better metrics for cybersecurity progress
'There is power in quantity, but how we talk about our return on the nation’s investment is an area I’m looking to try to work on," Michael Sulmeyer said.
-
Security Week ☛ Intel Warns of 20+ Processor Vulnerabilities, Advises Firmware Updates
Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products.
-
Security Week ☛ Beyond Immature Rhetoric: The Case Against Mockery and Ambulance Chasing in the Security Industry
Five reasons why “Ambulance Chasing” and mocking harm the security profession and are never a good idea.
-
Bleeping Computer ☛ Microsoft fixes backdoored Windows Server performance issues from August updates
Microsoft says this month’s Patch Tuesday cumulative updates also fix a known issue causing backdoored Windows Server 2019 boot problems, freezes, and performance issues after installing the August 2024 security updates.
-
TwinCities Pioneer Press ☛ Do this right now if your Social Security number was snared by hackers
Follow these steps from experts to protect yourself after a data breach.
-
LRT ☛ Lithuania joins US initiative to strengthen cyber security
Lithuania on Wednesday joined the US international initiative on strengthening cyber security following the government’s approval.
-
TwinCities Pioneer Press ☛ ACA enrollment platforms suspended over alleged foreign access to consumer data
The Centers for Medicare & Medicaid Services identified “a serious lapse in the security posture” that could have led to marketplace data, including consumers’ personal information, being accessed from overseas.
-
Security Week ☛ Data Breach at Golf Course Management Firm KemperSports Impacts 62,000
Golf course management company KemperSports has disclosed a cyberattack and data breach impacting over 62,000 individuals.
-
Security Week ☛ Ivanti Patches Critical Vulnerabilities in Endpoint Manager
Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control.
-
Security Week ☛ PIXHELL Attack Allows Air-Gap Jumping via Noise From Screens
Noise generated by the pixels on a screen can be leveraged to exfiltrate data from air-gapped computers in what is called a PIXHELL attack.
-
Security Week ☛ Google Introduces ‘Air-Gapped’ Backup Vault to Thwart Ransomware
“It’s critical to not only back up your critical workloads, but also to secure those backups against subsequent modification and deletion."
-
Security Week ☛ Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library [Ed: OK, but Microsoft works with the NSA to undermine encryption]
Microsoft has started introducing support for post-quantum algorithms in SymCrypt, its main cryptographic library.
-
Microsoft Says backdoored Windows Update Zero-Day Being Exploited to Undo Security Fixes
Microsoft on Tuesday raised an alarm for in-the-wild exploitation of a critical flaw in backdoored Windows Update, warning that attackers are rolling back security fixes on certain versions [...]
-
Bleeping Computer ☛ Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws
Today is Microsoft’s September 2024 Patch Tuesday, which includes security updates for 79 flaws, including four actively exploited and one publicly disclosed zero-days. This Patch Tuesday fixed seven critical vulnerabilities, which were either remote code execution or elevation of privileges flaws.
-
Security Week ☛ Chrome 128 Update Resolves High-Severity Vulnerabilities
Google has released a Chrome 128 security update to resolve high-severity memory safety vulnerabilities.
-
Debian 12.7 Released with 55 Security Updates and 51 Bug Fixes
The Debian Project has officially released Debian 12.7, the latest point release in the Debian GNU/Linux 12 “Bookworm” series. It arrives just two months after the previous release, Debian 12.6, as the sixth point release of the Bookworm series. This new update retains the Linux 6.1 LTS kernel and brings important security fixes and bug corrections, ensuring long-term stability and security for Debian 12 users.