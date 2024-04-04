Security Leftovers and Windows TCO
-
Bryan Lunduke ☛ Which Operating System has the Most Vulnerabilities?
Serious question. Is it Windows? iOS? Ubuntu Linux? Which system is the least / most secure? And, while we're at it, are computers more or less secure now than before? Let's look at hard stats (on CVEs) and find out.
-
LinuxSecurity ☛ OWASP Discloses Data Breach Attributed to Wiki Misconfiguration
A recent data breach incident disclosed by the OWASP Foundation due to a wiki misconfiguration highlights a critical concern for security practitioners, specifically GNU/Linux admins and infosec professionals. The breach exposed personal information from members who joined the foundation between 2006 and 2014.
-
LinuxSecurity ☛ New GitHub Actions Enhancements Boost Security & Power [Ed: GitHub Actions means outsourcing the compiler to the NSA and the back doors fanatics at Microsoft. It is the very opposite of security, but sites like these don't strive for real advice on real security.]
Recent enhancements have been made to Microsoft's proprietary prison GitHub Actions, a feature of Microsoft's proprietary prison GitHub that enables automation and CI/CD processes for developer teams.
-
New York Times ☛ Canadian Politicians Were Targeted by China in 2021, Report Says [Ed: They should delete Windows; so should their family members]
Lawmakers testified at a public hearing on foreign interference that they had been caught in China’s cross hairs after criticizing it over human rights.
-
SANS ☛ Some things you can learn from SSH traffic, (Wed, Apr 3rd)
This week, the SSH protocol made the news due to the now infamous xz-utils backdoor. One of my favorite detection techniques is network traffic analysis. Protocols like SSH make this, first of all, more difficult.
-
Security Week ☛ Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites
A critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information.
-
Security Week ☛ XZ Utils Backdoor Attack Brings Another Similar Incident to Light
The discovery of the XZ Utils backdoor reminds an F-Droid developer of a similar incident that occurred a few years ago.
-
Windows TCO
-
Firstpost ☛ China’s attack on Microsoft was preventable if they had taken cybersecurity seriously says US govt – Firstpost
The Chinese attack that rocked Microsoft last summer could have been easily prevented, if the company had taken cybersecurity seriously, said the US Cyber Safety Review Board, in a scathing report
-
Silicon Angle ☛ Report finds more than a fifth of S&P 500 firms hit by data breaches in 2023
A new report out today from security ratings firm SecurityScorecard Inc. today on security at S&P 500 companies finds that 21% experienced a data breach in 2023, as new regulations heighten the urgency of cybersecurity.
-