Security Leftovers

posted by Roy Schestowitz on Mar 06, 2025

• Reproducible Builds: Reproducible Builds in February 2025

  Welcome to the second report in 2025 from the Reproducible Builds project. Our monthly reports outline what we’ve been up to over the past month, and highlight items of news from elsewhere in the increasingly-important area of software supply-chain security. As usual, however, if you are interested in contributing to the Reproducible Builds project, please visit our Contribute page on our website.

• LWN ☛ Security updates for Wednesday

  Security updates have been issued by Debian (libreoffice), Fedora (exim and fscrypt), Red Hat (kernel), Slackware (mozilla), SUSE (docker, firefox, and podman), and Ubuntu (linux, linux-lowlatency, linux-lowlatency-hwe-5.15, linux, linux-lowlatency, linux-lowlatency-hwe-6.8, linux, linux-oem-6.11, linux-aws, linux-aws-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux-aws, linux-gcp, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux-aws, linux-gkeop, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, and linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop).

• US charges 12 Chinese hackers and officials, offers $10M in rewards

  The hackers allegedly gained access to the data of dissidents and foreign governments to sell to Chinese officials.

• Silicon Angle ☛ Justice Department indicts Chinese officials and contractors over cyber intrusion campaign

  The U.S. Department of Justice has charged 12 Chinese nationals, including officers of China’s Ministry of Public Security and members of the hacking group APT27, over their alleged roles in a sprawling cyber intrusion campaign that targeted victims around the world.

• Scoop News Group ☛ Investigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcement

  Competing agencies and districts are another hurdle for prosecutions, an investigator said in a recent speech.

• Scoop News Group ☛ Chainguard’s FIPS-compliant Cassandra addresses security demand of federal and regulated markets

  The new offering paves the way for orgs to use the widely popular open-source software with their highly sensitive data.

• LWN ☛ Zen and the Art of Microcode Hacking (Google Bug Hunters)

  The Surveillance Giant Google Bug Hunters blog has a

  detailed description of how a vulnerability in AMD's microcode-patching

  functionality was discovered and exploited; the authors have also released

  a set of tools to assist with this kind of research in the future.

• Bruce Schneier ☛ CISA Identifies Five New Vulnerabilities Currently Being Exploited

  Of the five, one is a backdoored Windows vulnerability, another is a Cisco vulnerability. We don’t have any details about who is exploiting them, or how.

  News article. Slashdot thread.

• Scoop News Group ☛ US indicts 12 Chinese nationals for vast espionage attack spree

  A flurry of unsealed indictments reveal China’s alleged well-coordinated effort to use a hacker-for-hire ecosystem to conduct espionage while obscuring the government’s direct involvement.

• Scoop News Group ☛ Cybercriminals picked up the pace on attacks last year

  Ransomware groups last year achieved lateral movement within an average of 48 minutes after gaining initial access to targeted environments, threat intelligence experts said.

• Security Week ☛ Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities

  Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities.

• Scoop News Group ☛ Former top NSA cyber official: Probationary firings ‘devastating’ to cyber, national security

  Rob Joyce emphasized during a House hearing how important probationary employees are to NSA efforts to counter China and other threats in cyberspace.