news
Security Leftovers
-
OpenSSF (Linux Foundation) ☛ OpenSSF at Black Hat USA 2025 & DEF CON 33: AIxCC Highlights, Big Wins, and the Future of Securing Open Source
The Open Source Security Foundation (OpenSSF) marked a strong presence at two cornerstone cybersecurity events, Black Hat USA 2025 and DEF CON 33, engaging with security leaders, showcasing our initiatives, and fostering collaboration to advance open source security.
-
SANS ☛ SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations, (Thu, Aug 14th)
As the world gradually adopts and transitions to using 5G for mobile, operational technology (OT), automation and Internet-of-Things (IoT) devices, a secure 5G network infrastructure remains critical.
-
Security Week ☛ ‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks
The new DDoS attack vector, which involves HTTP/2 implementation flaws, has been compared to Rapid Reset.
-
Security Week ☛ CISA Warns of Attacks Exploiting N-able Vulnerabilities
CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched.
-
Security Week ☛ Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution
Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core.
-
Latvia ☛ Book published on Latvian cybersecurity
The Latvian Ministry of Defence said on August 14th that the first ever academic book on cybersecurity in Latvia has been published.
-
Hacker News ☛ Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon's Reach to Linux and macOS
Japan's CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control (C2) framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple macOS for cross-platform system control.
[...]
In the attacks documented by JPCERT/CC, a scheduled task set up by the threat actor on the compromised machine is used to launch the legitimate java.exe binary, which is then abused to sideload ReadNimeLoader ("jli.dll").
-
It's FOSS ☛ Security Researchers Find XZ Utils Backdoored Debian Images on Docker Hub [Ed: There are many other holes in all the rest, but this one was hyped up by Microsoft staff to distract from major security blunders at Microsoft]
The XZ Utils backdoor discovery in March 2024 sent shockwaves throughout the Linux community. A developer known as "Jia Tan" had spent two years building trust before inserting malicious code into widely used compression libraries.