Security Leftovers

posted by Roy Schestowitz on Dec 20, 2025

• Scoop News Group ☛ Former incident responders plead guilty to ransomware attack spree

  Ryan Goldberg and Kevin Martin were working at cybersecurity companies when they switched sides and hit five companies with ransomware attacks in 2023.

• OpenSSF (Linux Foundation) ☛ Catching Malicious Package Releases Using a Transparency Log

  Trail of Bits, with funding from OpenSSF, is improving Sigstore’s rekor-monitor to help maintainers detect malicious package releases, monitor signing identities, and strengthen software supply chain security using transparency logs.

• Security Week ☛ University of Sydney Data Breach Affects 27,000 Individuals

  Downloaded from a code library, the information pertains to current and former staff and affiliates, and to alumni and students.

• Security Week ☛ Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments

  The hacking group has been using Group Policy to deploy cyberespionage tools on governmental networks.

• Security Week ☛ Thailand Conference Launches International Initiative to Fight Online Scams

  Similar pledges to fight scam networks were made by members of the Association of Southeast Asian Nations in the months leading up to the Bangkok conference.

• Security Week ☛ ‘Kimwolf’ Android Botnet Ensnares 1.8 Million Devices

  Linked to the Aisuru IoT botnet, Kimwolf was seen launching over 1.7 billion DDoS attack commands and increasing its C&C domain’s popularity.

• Tom's Guide ☛ Dedicated IP arrives on Surfshark's Linux apps – but how does it compare to its rivals?

  Dedicated IP is now available on Surfshark's Linux GUI app, bringing the feature to all the VPN provider's major platforms.

  The move brings Surfshark in line with its best VPN counterparts and provides Linux VPN users more flexibility and control over their IP address.

  Surfshark offers 20 Dedicated IP locations, and it can be purchased as an add-on to any plan, costing $3.75 per month.

  "We're excited to announce that the dedicated IP feature is now available directly within the Linux GUI app," said Justas Pukys, Senior Product Manager at Surfshark.

• Security Week ☛ In Other News: Docker Hey Hi (AI) Attack, Surveillance Giant Google Sues Chinese Cybercriminals, Coupang Hacked by Employee

  Other noteworthy stories that might have slipped under the radar: Convicted Felon could use private firms for cyber offensive, China threat to US power grid, RaccoonO365 suspect arrested in Nigeria.

• Tom's Hardware ☛ French authorities arrest man for installing malware on a passenger ferry on behalf of 'a foreign power' — could have enabled external control of systems, including navigation

  French authorities have arrested a Latvian national suspected of installing malware aboard an Italian passenger ferry while it was docked in southern France.

• Windows TCO / Windows Bot Nets

  • SANS ☛ DLLs & TLS Callbacks, (Fri, Dec 19th)