news
Security Leftovers
-
LWN ☛ Security updates for Thursday
Security updates have been issued by Arch Linux (exim), Debian (exim4, ghostscript, and libcap2), Red Hat (container-tools:rhel8), SUSE (apache-commons-vfs2, argocd-cli, azure-cli-core, buildah, chromedriver, docker-stable, ed25519-java, kernel, kubernetes1.29-apiserver, kubernetes1.30-apiserver, kubernetes1.32-apiserver, libmbedcrypto7, microcode_ctl, php7, podman, proftpd, tomcat10, and webkit2gtk3), and Ubuntu (containerd, exim4, mariadb, opensaml, and org-mode).
-
Security Week ☛ More Solar System Vulnerabilities Expose Power Grids to Hacking
Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA.
-
Security Week ☛ Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations
US defense contractor MORSE Corp has agreed to pay $4.6 million to settle allegations over its cybersecurity failures.
-
Bruce Schneier ☛ A Taxonomy of Adversarial Machine Learning Attacks and Mitigations
NIST just released a comprehensive taxonomy of adversarial machine learning attacks and countermeasures.
-
LWN ☛ Bypassing Ubuntu's user-namespace restrictions
Ubuntu 23.10 and 24.04 LTS introduced a feature using AppArmor to restrict access to user namespaces. Qualys has reported three ways to bypass AppArmor's restrictions and enable local users to gain full administrative capabilities within a user namespace. Ubuntu has followed up with a post that explains the namespace-restriction feature in detail, and says these bypasses do not constitute security vulnerabilities.
-
Security Week ☛ T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit
T-Mobile paid $33 million in a private arbitration process over a SIM swap attack leading to cryptocurrency theft.
-
Windows TCO / Windows Bot Nets
-
SANS ☛ Sitecore "thumbnailsaccesstoken" Deserialization Scans (and some new reports) CVE-2025-27218, (Thu, Mar 27th)
Sitecore itself is written in .Net and is often sold as part of a solution offered by Sitecore partners.
-
Security Week ☛ UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach
The UK ICO has fined Advanced Computer Software Group £3 million ($3.8 million) over a 2022 data breach resulting from a ransomware attack.
-
Security Week ☛ Splunk Patches Dozens of Vulnerabilities
Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App.
-