Security Leftovers
-
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (docker.io, libreoffice, node-dompurify, python-reportlab, and thunderbird), Fedora (buildah, chromium, kernel, kernel-headers, libgsf, mosquitto, p7zip, podman, python-cramjam, python-virtualenv, redis, rust-async-compression, rust-brotli, rust-brotli-decompressor, rust-libcramjam, rust-libcramjam0.2, rust-nu-command, rust-nu-protocol, rust-redlib, rust-tower-http, thunderbird, and webkit2gtk4.0), Oracle (.NET 6.0, .NET 8.0, e2fsprogs, firefox, golang, openssl, python3-setuptools, systemd, and thunderbird), SUSE (chromium, firefox, java-jwt, libmozjs-128-0, libwireshark18, ntpd-rs, OpenIPMI, thunderbird, and wireshark), and Ubuntu (firefox, python2.7, python3.5, thunderbird, and ubuntu-advantage-desktop-daemon).
-
Windows TCO
-
The Register UK ☛ US healthcare org admits up to 400k people's data stolen
Within a month of its ransomware disaster earlier this year, UnitedHealth – the parent company of Change Healthcare – was hit with at least six class-action lawsuits.
-
The Register UK ☛ Would banning ransomware insurance stop the scourge?
As soon as law enforcement disrupts one menace, three or four new ransomware groups spring up in its place because it's still a very lucrative business. Last year alone, the FBI received 2,825 reports of ransomware infections accounting for more than $59.6 million in losses.
One solution suggested by White House cyber boss Anne Neuberger involves eliminating insurance reimbursements for extortion payments.
-
-
Integrity/Availability/Authenticity
-
DomainTools ☛ A Website Attacked
The following is a non-exhaustive investigation into a so-called “watering hole attack” on a U.S.-based apartment’s public facing website to deliver malware by spoofing a fake browser update. The investigation led to the identification of dozens of other compromised websites from health care providers, retail, hobbyist and other consumer websites.
Compromised websites were modified to load malicious scripts from external domains. Some scripts were found to utilize browser profilers to customize delivery and spoof content for Chrome, Mozilla, and Edge browser updates to deliver NetSupport malware, with examples provided below.
-
Ali Reza Hayati ☛ Give me the menu!
Maybe I don’t have a smartphone, maybe I don’t have cellular or Wi-Fi connection, or maybe I simply don’t want to scan some random code in a random place and visit a random web site. And I was almost tolerating with all of that until I was told that some cafes and restaurants force people to sign up on a third-party web site to get the menu and they are forced to pay online for the meals.
-
-
Privacy/Surveillance
-
Wired ☛ The War on Passwords Is One Step Closer to Being Over
The password-killing tech known as “passkeys” have proliferated over the past two years, developed by the tech industry association known as the FIDO Alliance as an easier and more secure authentication alternative. And although superseding any technology as entrenched as passwords is difficult, new features and resources launching this week are pushing passkeys toward a tipping point.
-