news
Security Leftovers and Fear, Uncertainty, Doubt (FUD) Against "Linux"
-
LWN ☛ Security updates for Monday
Security updates have been issued by AlmaLinux (galera and mariadb, kernel, kernel-rt, mingw-libtiff, redis:7, tigervnc, and xorg-x11-server-Xwayland), Fedora (bind, bind-dyndb-ldap, bpfman, chromium, dolphin-emu, dotnet9.0, golang-github-openprinting-ipp-usb, kea, libnbd, luksmeta, python-cloudpickle, python-pydantic, python-pydantic-core, python-uv-build, ruby, ruff, rust-get-size-derive2, rust-get-size2, rust-regex, rust-regex-automata, rust-reqsign, rust-reqsign-aws-v4, rust-reqsign-command-execute-tokio, rust-reqsign-core, rust-reqsign-file-read-tokio, rust-reqsign-http-send-reqwest, singularity-ce, uv, xen, and xorg-x11-server-Xwayland), Mageia (libxml2, libxslt, opencontainers-runc, and xen), Oracle (bind, galera and mariadb, libsoup, linux-firmware, mariadb:10.5, mingw-libtiff, osbuild-composer, qt5-qt3d, tigervnc, and xorg-x11-server-Xwayland), SUSE (chromium, erlang, google-osconfig-agent, govulncheck-vulndb, java-11-openjdk, java-17-openjdk, java-1_8_0-openj9, opentofu, python-djangorestframework-simplejwt, python311-Django, python315, squid, thunderbird, tiff, tomcat, tomcat11, and xen), and Ubuntu (linux-fips, linux-hwe-6.14, and linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx,
linux-raspi).
-
Bruce Schneier ☛ New Attacks Against Secure Enclaves
Encryption can protect data at rest and data in transit, but does nothing for data in use. What we have are secure enclaves. I’ve written about this before:
Almost all cloud services have to perform some computation on our data. Even the simplest storage provider has code to copy bytes from an internal storage system and deliver them to the user. End-to-end encryption is sufficient in such a narrow context. But often we want our cloud providers to be able to perform computation on our raw data: search, analysis, Hey Hi (AI) model training or fine-tuning, and more.
-
OpenSSF (Linux Foundation) ☛ OpenSSF Announces Key Membership Growth and Golden Egg Award Winners at Open Source SecurityCon North America
At Open Source SecurityCon in Atlanta, the Open Source Security Foundation (OpenSSF) announced Target Corporation and Thread Hey Hi (AI) as new general members, OSTIF’s upgrade to general membership, and recognized Golden Egg Award winners for their contributions to open source security. The Foundation continues to advance education, collaboration, and tooling to secure the global software supply chain.
-
Security Week ☛ Runc Vulnerabilities Can Be Exploited to Escape Containers
The flaws tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 have been patched.
-
Security Week ☛ Two New Web Application Risk Categories Added to OWASP Top 10
OWASP has added two new categories to the revised version of its Top 10 list of the most critical risks to web applications.
-
Security Week ☛ Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site
The Cl0p website lists major organizations such as Logitech, The Washington Post, Cox Enterprises, Pan American Silver, LKQ Corporation, and Copeland.
-
Security Week ☛ QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland
Multiple vulnerabilities across QNAP’s portfolio could lead to remote code execution, information disclosure, and denial-of-service (DoS) conditions.
-
Scoop News Group ☛ Cyber information sharing law would get extension under shutdown deal bill
The Cybersecurity and Information Sharing Act of 2015 would go from expired to extended through Jan. 30.
-
The Straits Times ☛ North Korean hackers hijack Google, KakaoTalk accounts to control South Korean phones: Report
This marks the first confirmed case of a North Korean state-sponsored hacking group compromising Surveillance Giant Google accounts.
-
SANS ☛ It isn't always defaults: Scans for 3CX usernames, (Mon, Nov 10th)
Today, I noticed scans using the username "FTP3cx" showing up in our logs. 3CX is a well-known maker of business phone system software. My first guess was that this was a default user for one of their systems. But Surveillance Giant Google came up empty for this particular string. The 3CX software does not appear to run an FTP server, but it offers a feature to back up configurations to an FTP server.
-
Security Week ☛ GlassWorm Malware Returns to Open VSX, Emerges on Microsoft's proprietary prison GitHub
Three more VS Code extensions were infected last week and the malware has emerged in Microsoft's proprietary prison GitHub repositories as well.
-
Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation
-
FUDZilla ☛ Hackers bypass Windows defences by installing Linux [Ed: No, Windows is not Linux and WSL is Windows; Hyper-V is not Linux either, it's for Windows; The problem here is Microsoft's proprietary software [1, 2]]
Russian hackers have figured out how to bypass Windows security by running their malware on Linux inside Microsoft’s own Hyper-V virtualisation.
-