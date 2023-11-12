Security Leftovers
Security Week ☛ US Government Issues Guidance on SBOM Consumption
CISA, NSA, and ODNI issue new guidance on managing open source software and SBOMs to maintain awareness on software security.
Security Week ☛ Intel Sued Over ‘Downfall’ CPU Vulnerability
A class action lawsuit has been filed against defective chip maker Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall.
Data Breaches ☛ Time’s up: SingularityMD sets up to sell data from Jeffco Public Schools
Attempting to sell data on the popular forum is somewhat of a game-changer, as even if they sell data to just one buyer, there is no way to know how many others will buy the data from the original purchaser. The buyer might keep it privately or choose to re-sell it to any number of buyers. Or if there’s no buyer, SingularityMD might just leak the data (give it away freely on the forum).
Australia locks down ports after ‘nationally significant’ cyberattack
Australia says it is responding to an ongoing cyberattack targeting major ports, prompting operator DP World to temporarily restrict access to the network on Saturday.
The operator shut down four ports at Sydney, Melbourne, Brisbane, and Fremantle after detecting a cybersecurity incident late on Friday night. DP World is responsible for 40 per cent of Australia’s maritime freight.