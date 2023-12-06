Security Leftovers
Scoop News Group ☛ Keeping pace with endpoint and vulnerability management [Ed: Microsoft, which puts back doors in its products and causes security havoc, pretending to be an authority, promoting bogus solutions]
A new briefing report from Abusive Monopolist Microsoft highlights why a Software Bill of Materials has become a key component to ensure secure operations.
NVISO Labs ☛ Data Connector Health Monitoring on Abusive Monopolist Microsoft Sentinel [Ed: Microsoft is the problem, not the solution, and those are the blogs that peddle a false narrative, where the biggest culprits are in fact benevolent protectors]
Introduction Security information and event management (SIEM) tooling allows security teams to collect and analyse logs from a wide variety of sources.
OpenSSF (Linux Foundation) ☛ Finding And Fixing Bugs in Open Source Software at Scale with a Grant from Alpha-Omega
OpenRefactory is working alongside Alpha-Omega's principals to report security vulnerabilities at scale in open source projects. It works with the maintainers to get the vulnerabilities fixed.
Silicon Angle ☛ Web3 firm Thirdweb discloses major vulnerability in common open-source NFT library
Thirdweb, a platform that provides developers with tools to build Web3 apps, disclosed that the company became aware of a security vulnerability in a common open-source library used by major blockchain companies to construct smart contracts for nonfungible tokens.
EDRI ☛ Spyware attack attempts on civil society in Serbia
On 30 October 2023, two members of civil society from Serbia received an alert from Fashion Company Apple that they were potential targets of state-sponsored technical attacks. They immediately contacted EDRi member SHARE Foundation after receiving the warning, in order to check if their devices were attacked by any known spyware. These were the first documented cases of attempted sophisticated spyware attacks known to us in Serbia.
Security Week ☛ 94 Vulnerabilities Patched in Android With December 2023 Security Updates
Android’s December 2023 security updates resolve 94 vulnerabilities, including several critical-severity bugs.
dwaves.de ☛ All Android users: Update, Update, Update