Security Leftovers

posted by Roy Schestowitz on Apr 03, 2025

• LWN ☛ Security updates for Wednesday

  Security updates have been issued by Debian (firefox-esr, jetty9, openjpeg2, and tomcat9), Fedora (dokuwiki, firefox, php-kissifrot-php-ixr, php-phpseclib3, and rust-zincati), Red Hat (kernel and pki-core), Slackware (mozilla), SUSE (apparmor, atop, docker, docker-stable, firefox, govulncheck-vulndb, libmodsecurity3, openvpn, upx, and warewulf4), and Ubuntu (inspircd, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-ibm,

  linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oem-6.8, linux-oracle,

  linux-oracle-6.8, linux-aws, linux-aws-5.4, linux-aws-fips, linux-azure-6.8, linux-hwe-6.8, linux-raspi, linux-realtime, nginx, phpseclib, and vim).

• Open Source For U ☛ Major Open-Source Boosts Kubernetes Security

  With new tools like Goldmane for real-time traffic insights, staged policies for safer security enforcement, and an ingress gateway, this upgrade helps organizations build more secure, scalable cloud-native environments. Tigera has unveiled Calico Open Source 3.30, marking its most significant functionality upgrade to date.

• SANS ☛ Surge in Scans for Juniper "t128" Default User, (Wed, Apr 2nd)

  Last week, I noticed a surge in scans for the username "t128". This username, accompanied by the password "128tRoutes," is a well-known default account for Juniper's Session Smart Networking Platform (or "SSR" for "Session Smart Routing"). The username and password are a bit "odd". Juniper acquired a company called "128 Technologies" a few years ago, and with this acquisition, integrated SSR into its product portfolio. But much of the product, including default usernames and passwords, remained unchanged.

• SANS ☛ Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive

• GNU Artanis: A secure design of crypto custody with TEE

  A friend of mine, an early Bitcoin adopter, always believed in self-sovereignty. “Not your keys, not your coins,” he would say. But as the years passed, the risks grew. Hacks, phishing attacks, even forced seizures, he had seen it all.

  He prided himself on keeping his assets secure. He had hardware wallets, multisig setups, and backups. But deep down, he knew there was still a flaw: trust.

  Trust in third-party firmware. Trust in cloud-based recovery solutions. Trust in the fact that his keys, even if protected, were still a single point of failure.

• EDRI ☛ The Security Playbook

  EDRi affiliate SUPERRR is challenging “Security Theater” as a societal maneuver.