Security Leftovers

posted by Roy Schestowitz on May 23, 2025

• LWN ☛ Security updates for Thursday

  Security updates have been issued by AlmaLinux (kernel, kernel-rt, and webkit2gtk3), Fedora (mozilla-ublock-origin and sudo-rs), Oracle (.NET 8.0, compat-openssl10, grafana, osbuild-composer, redis:6, ruby:2.5, and webkit2gtk3), SUSE (dante, firefox-esr, gnuplot, govulncheck-vulndb, grype, postgresql13, postgresql14, postgresql15, postgresql16, postgresql17, python-tornado6, python314, thunderbird, ucode-intel, and xen), and Ubuntu (bind9, libfcgi-perl, linux-ibm-5.4, linux-oracle-5.4, postgresql-17, and Tomcat).

• OpenSSF (Linux Foundation) ☛ OpenSSF Newsletter – May 2025

• Pen Test Partners ☛ Fully segregated networks? Your dual-homed devices might disagree

  TL;DR Using dual-homed devices as a segregation tool is not recommended as a security design solution Use dedicated hardware and robust firewalls to segregate networks to limit acces ...

• Scoop News Group ☛ Senators revive bill to harmonize conflicting cybersecurity regulations

  The legislation Sens. Gary Peters and James Lankford would create an executive branch panel to align federal cyber rules.

• Security Week ☛ Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People

  Marlboro-Chesterfield Pathology has been targeted by the SafePay ransomware group, which stole personal information from its systems.

• RiskyBiz ☛ Risky Business #792 -- Beware, Coinbase users. Crypto thieves are taking fingers now - Risky Business Media

  On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: [...]

• Security Week ☛ Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities

  Cisco published 10 security advisories detailing over a dozen vulnerabilities, including two high-severity flaws in its Identity Services Engine (ISE) and Unified Intelligence Center.

• Security Week ☛ Security Theater or Real Defense? The KPIs That Tell the Truth

  In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.

• Security Week ☛ Akamai, Abusive Monopolist Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw

  Akamai documents a privilege escalation flaw in backdoored Windows Server 2025 after Redmond declines to ship an immediate patch.

• SANS ☛ Resilient Secure Backup Connectivity for SMB/Home Users, (Thu, May 22nd)

  If you are reading this, you are probably someone who will not easily go without internet connectivity for an extended amount of time. You may also have various home systems that you would like to be able to reach in case of an outage of your primary internet connection. A typical setup would include a primary connection via cable/fiber and a secondary connection via cellular or sattelite.

• Security Week ☛ Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough

  Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.

• Windows TCO / Windows Bot Nets

  • Scoop News Group ☛ DanaBot malware operation seized in global takedown

    The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days.

  • Security Week ☛ Marks & Spencer Expects Ransomware Attack to Cost $400 Million

    UK retailer Marks & Spencer expects the disruptions caused by the recent cyberattack to continue through July. 

  • Google ☛ The backdoored Windows Registry Adventure #7: Attack surface analysis