Security Leftovers
OpenSSF (Linux Foundation) ☛ VulnCon 2024 Wrap-up: Securing the Ecosystem through Global Cooperation
The OpenSSF was pleased to be one of the sponsors that helped contribute to the inaugural 2024 VulnCon conference that brought together experts from across industry, government, security researchers, and community members throughout 3 days and nearly 40 sessions. Brought together by the FIRST PSIRT SIG and the CVE Board. Christopher “CRob” Robinson, OpenSSF TAC Chair & Director of Security Communications at Intel, covers what happened during the event.
TCAPS Hacked? School Cancelled on Monday for Students at Traverse City Area Public Schools
The students who go to Traverse City Area Public Schools (TCAPS) will have an extra day (or two) to celebrate spring break – but not for a good reason. And it’s no joke, even though it’s April Fools’ Day soon.
Phone calls and emails went out on Saturday evening regarding what TCAPS Superintendent, John R. VanWagoner II, described as a “network disruption that impacted the functionality and access of certain systems.”
DinodasRAT Variant Targeting Linux Uncovered by Kaspersky [Ed: But how does that get there?]
Kaspersky has uncovered a new Linux-targeted DinodasRAT backdoor variant, actively compromising organizations in China, Taiwan, Turkey, and Uzbekistan since at least October 2023. This variant allows cybercriminals to covertly monitor and control compromised systems, highlighting that even Linux’s renowned security is not impervious to threats.
CISA ☛ 2024-03-26 [Older] CISA Adds One Known Exploited Vulnerability to Catalog
CISA ☛ 2024-03-26 [Older] CISA Releases Four Industrial Control Systems Advisories
CISA ☛ 2024-03-26 [Older] Automation-Direct C-MORE EA9 HMI
CISA ☛ 2024-03-26 [Older] Rockwell Automation PowerFlex 527
CISA ☛ 2024-03-26 [Older] Rockwell Automation Arena Simulation
CISA ☛ 2024-03-26 [Older] Rockwell Automation FactoryTalk View ME
CISA ☛ 2024-03-25 [Older] CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA ☛ 2024-03-25 [Older] CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities
CISA ☛ 2024-03-27 [Older] Apple Released Security Updates for Safari and macOS
Peteris Krumins ☛ 2024-03-26 [Older] How to Open Links in a Sandbox
US News And World Report ☛ 2024-03-24 [Older] UK Deputy PM Set to Address Lawmakers on Chinese Cyber Security Threat