news
Security Leftovers
-
LWN ☛ Security updates for Wednesday
Security updates have been issued by Debian (webkit2gtk), Fedora (firefox and libarchive), Red Hat (python3.11-setuptools and python3.12-setuptools), Slackware (mozilla), SUSE (apache2-mod_security2, cairo-devel, cflow, docker, glibc, go1.25, govulncheck-vulndb, gstreamer-0_10-plugins-base, jq, kernel, libarchive, libssh, libxslt, openbao, python-urllib3, systemd, and xz), and Ubuntu (apache2, libssh, libxml2, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop,
linux-hwe-5.15, linux-ibm-5.15, linux-intel-iot-realtime,
linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15,
linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx,
linux-oracle-5.15, linux-realtime, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-lowlatency, linux-lowlatency-hwe-6.8,
linux-realtime, linux-aws-fips, linux-fips, linux-gcp-fips, linux-fips, linux-aws-fips, linux-gcp-fips, linux-ibm-6.8, tomcat10, and webkit2gtk).
-
Latvia ☛ Young Latvians compete at 'Cybersecurity camp'
From August 20th to 24th, a National Cybersecurity Challenge Laureate Camp is taking place at Ratnieki in Cēsis district.
-
Security Week ☛ Elastic Refutes Claims of Zero-Day in EDR Product
Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online.
-
Security Week ☛ RapperBot Botnet Disrupted, American Administrator Indicted
The US Department of Justice has announced the takedown of the RapperBot botnet and charges against its American administrator.
-
Security Week ☛ Pharmaceutical Company Inotiv Confirms Ransomware Attack
Inotiv has notified the SEC that its business operations took a hit after hackers compromised and encrypted its internal systems.
-
Reproducible Builds: Reproducible Builds summit 2025 to take place in Vienna
We are extremely pleased to announce the upcoming Reproducible Builds summit, which will take place from October 28th—30th 2025 in the historic city of Vienna, Austria.
-
Security Week ☛ Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data
CERT/CC has disclosed the details of information exposure vulnerabilities in a Workhorse Software application after patches were released.
-
SANS ☛ Airtell Router Scans, and Mislabeled usernames, (Wed, Aug 20th)
Looking at new usernames collected by our Cowrie honeypots, you will first of all notice a number of HTTP headers. It is very common for attackers to scan for web servers on ports that are covered by our Telnet honeypots. The result is that HTTP request headers end up in our username and password database.
-
Security Week ☛ High-Severity Vulnerabilities Patched in Chrome, Firefox
Google and Mozilla have released patches for multiple high-severity vulnerabilities affecting Chrome and Firefox.
-
Windows TCO / Windows Bot Nets
-
Tom's Hardware ☛ Microsoft’s August 2025 security updates are breaking recovery tools on backdoored Windows 10 and backdoored Windows 11 PCs
Microsoft admits its latest security updates break backdoored Windows recovery tools like "Reset this PC" and "Fix problems using backdoored Windows Update" on multiple backdoored Windows versions.
-