Security Leftovers
-
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (gst-plugins-good1.0 and opensc), Fedora (iwd and libell), and SUSE (chromium, govulncheck-vulndb, and poppler).
-
Hong Kong Free Press ☛ US Treasury says was targeted by China state-sponsored cyberattack [Ed: Cracked, not "targeted", and it's Windows' fault]
The US Treasury Department said Monday that a China state-sponsored actor was behind a cyber breach resulting in access to some of its workstations, according to a letter to Congress seen by AFP.
-
France24 ☛ Chinese hackers breach US Treasury, access unclassified documents [Ed: Thanks to Windows]
Chinese state-sponsored hackers accessed several US Treasury Department workstations and unclassified documents after exploiting a third-party software provider, the agency revealed Monday. The breach, classified as a "major cybersecurity incident," is under investigation, though officials say there is no evidence the hackers maintain ongoing access.
-
Scoop News Group ☛ Treasury workstations hacked by China-linked threat actors [Ed: China thanks Microsoft Windows]
According to a letter sent to Senate leaders and obtained by CyberScoop, the compromises occurred through third-party software provider BeyondTrust, which provides identity and access management security solutions.
-
Federal News Network ☛ Treasury says Chinese hackers remotely accessed workstations, documents in ‘major’ cyber incident [Ed: Windows TCO]
The Treasury Department says Chinese hackers remotely accessed several employee workstations and unclassified documents after compromising a third-party software service provider. The department did not provide details on how many workstations had been accessed or what sort of documents the hackers may have obtained.
-
SANS ☛ Changes in SSL and TLS support in 2024, (Mon, Dec 30th)
With the end of the year quickly approaching, it is undoubtedly a good time to take a look at what has changed during the past 12 months. One security-related area, which deserves special attention in this context, is related to the use of different versions of SSL and TLS on various servers on the internet, since information about support for these protocols can provide us with a good informal indicator for the overall "level of security" on the global network as a whole.
-
SANS ☛ No Holiday Season for Attackers, (Tue, Dec 31st)
This is a kind of blackmail where someone threatens to share explicit images or videos unless the victim meets their demands. Even today, I receive regularly some of them.
-
PCLinuxOS
-
PCLOS Official ☛ PCLinuxOS Recent Updates
-