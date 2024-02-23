Security Leftovers
LWN ☛ Security updates for Wednesday
Security updates have been issued by CentOS (linux-firmware and python-reportlab), Debian (unbound), Fedora (freeglut and syncthing), Red Hat (edk2, go-toolset:rhel8, java-1.8.0-ibm, kernel, kernel-rt, mysql:8.0, oniguruma, and python-pillow), Slackware (libuv and mozilla), SUSE (abseil-cpp, grpc, opencensus-proto, protobuf, python- abseil, python-grpcio, re2, bind, dpdk, firefox, hdf5, libssh, libssh2_org, libxml2, mozilla-nss, openssl-1_1, openvswitch, postgresql12, postgresql13, postgresql14, postgresql15, postgresql16, python-aiohttp, python-time-machine, python-pycryptodomex, runc, and webkit2gtk3), and Ubuntu (kernel, libspf2, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, and linux, linux-aws, linux-kvm, linux-lts-xenial).
RFA ☛ N Korea ‘attempts’ to hack Russian foreign ministry: report
The news comes even as Moscow and Pyongyang strengthen their relationship.
Zimbabwe ☛ Malawi unable to print passports, as hackers take over immigration system. Or not!
President Lazarus Chakwera said this week that Malawi’s immigration system, used for passport printing, was hacked and remains under hacker control.
Federal News Network ☛ CISA’s new plan to better align cybersecurity operations
The Cybersecurity and Infrastructure Security Agency is introducing a new strategic approach for 2024 called the Federal Enterprise Operations Cyber Alignment Plan.
Security Week ☛ Researchers Devise ‘VoltSchemer’ Attacks Targeting Wireless Chargers
Researchers document VoltSchemer attacks that manipulate power voltage to take over commercial wireless chargers.
Security Week ☛ ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation
Security experts describe exploitation of the CVSS 10/10 flaw as “trivial and embarrassingly easy.”
Security Week ☛ Control Systems Firm PSI Struggles to Recover From Ransomware Attack
German control system solutions provider PSI Software says it is still recovering from a ransomware attack.
OpenSSF (Linux Foundation) ☛ Submit to Speak at SOSS Fusion 2024
The Secure Open Source Software (SOSS) Fusion Conference by the OpenSSF is a leading event for open source professionals, uniting diverse experts from software developers to CISOs and tech pioneers. It's not just an event; it's a push toward a more secure digital future.
LRT ☛ Lithuania takes over chairmanship of EU’s cyber security force
Lithuania is taking over the chairmanship of the EU Cyber Rapid Response Force (CRRT) Council, the Defence Ministry said on Wednesday.
Pen Test Partners ☛ No fix KrbRelay VMware style
TL;DR The VMware Enhanced Authentication plugin that is offered as part of VMware vSphere’s seamless login experience for the web console contains multiple vulnerabilities relating to Kerberos authentication relay.
Windows TCO
Security Week ☛ Cyber Insights 2024: Ransomware [Ed: Ransomware is primarily a Microsoft Windows issue]
Ransomware insights: When ransomware first appeared, the term became associated with encrypting data. This is a misconception.
CS Monitor ☛ Lockbit locked out: Russian ransomware gang shut down by US, allies
Security officials from Ukraine, the US, and Britain pooled their resources to put an end to Lockbit’s hacking – a Russia-backed cybercriminal operation with a history of targeting multinational corporations like Boeing.
Let's Just Blame 'China'
Scoop News Group ☛ Microsoft rolls out expanded logging six months after Chinese breach [Ed: Trying to blame China instead of Microsoft's holes]
The technology giant has come under heavy criticism for not making robust logging features available by default.
Federal News Network ☛ CISA, Abusive Monopolist Microsoft unveil progress on free logging capabilities for federal agencies [Ed: Those agencies need to boycott Microsoft if they value security, but Microsoft infiltrates the administration and bribes decision makers]
CISA says the free logging will make it easier for agencies to identify and address cyber incidents.
Security Week ☛ Executive Order on Port Cybersecurity Points to IT/OT Threat Posed by Chinese Cranes
A new Biden executive order to boost the cybersecurity of US ports highlights the risks associated with the use of Chinese cranes.
RFA ☛ Biden unveils $20 billion for US port security
The dominance of the crane industry by one Chinese company poses a dangerous security threat, officials say.
New York Times ☛ Leaked Files Show the Secret World of China’s Hackers for Hire
China has increasingly turned to private companies in campaigns to hack foreign governments and control its domestic population.
Scoop News Group ☛ Leaked documents show how firm supports Chinese hacking operations
Documents that appear to belong to the offensive security firm I-SOON provide a rare window into the world of Beijing's hackers for hire.
Confidentiality Faked
Security Week ☛ Apple Adds Post-Quantum Encryption to iMessage [Ed: Buzzwords and hype to distract from the back doors]
Apple unveils PQ3, a new post-quantum cryptographic protocol for iMessage designed to protect communications against quantum computing attacks.
Scoop News Group ☛ Apple rolls out quantum-resistant cryptography for iMessage
The tech giant hopes to make its messaging platform secure against highly capable quantum computers of the future.
Silicon Angle ☛ Apple introduces post-quantum cryptography protocol for iMessage [Ed: It is only supposed to sound advanced and thus secure; but there are back doors, as usual]
Apple Inc. plans to update iMessage with a new encryption component, dubbed PQ3, that can block cyberattacks launched by quantum computers. Members of the company’s cybersecurity research team detailed the technology in a blog post published today. They describe it as the most significant cryptography-related update to iMessage since launch.
