LWN ☛ Security updates for Monday
Security updates have been issued by Debian (openjdk-11), Fedora (bind, bind-dyndb-ldap, chromium, ffmpeg, hostapd, trafficserver, and wpa_supplicant), and Ubuntu (curl and linux-oem-6.5).
Silicon Angle ☛ Cybersecurity tool sprawl is out of control – and it’s only going to get worse
Any chief information officer who assembled a portfolio of 130 discrete products to address a single problem would probably be accused of mismanagement. But when the problem is cybersecurity, they’re more likely to be seen as prudent.
Pen Test Partners ☛ Fuzzy matching with Ghidra BSim, a guide
TL;DR BSim, Ghidra’s new built-in plugin is a game-changer for reversing firmware and other stripped binaries. Rapidly identify and annotate functions from known libraries.
OpenSSF (Linux Foundation) ☛ New Guide for Package Repositories to Adopt Trusted Publishers
By Seth Michael Larson The Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group (WG) has just released a new guide for maintainers of open source software repositories.
Security Week ☛ Ransomware Attack Cost Keytronic Over $17 Million
Keytronic says the recent ransomware attack resulted in expenses and lost revenue totaling more than $17 million.
SANS ☛ Script obfuscation using multiple instances of the same function, (Mon, Aug 5th)
There are any number of techniques which they may employ in this area, nevertheless, the one approach, that is common to pretty much all threat actors, is the use of obfuscation.
Qubes OS Summit 2024: Last call for proposals
As previously announced, this year’s Qubes OS Summit will be held from September 20 to 22 in Berlin, Germany. If you would like to submit a proposal, the call for participation (CFP) closes on 2024-08-07 at 23:59 CEST (UTC+2).
The Strategist ☛ How the critical infrastructure act demands resilience measures
Time and time again, cyber attackers have shown nothing is off limits. Healthcare, telecommunications and banking. Education, public sector and energy.
New York Times ☛ CrowdStrike Hits Back in Heated Spat With Delta Over Global Tech Outage
The cybersecurity company said the airline should take the blame after it struggled to rebound from a software outage that caused disruptions worldwide.
Scoop News Group ☛ CrowdStrike points finger back at Delta after airline threatened to sue over outages
Delta will have to account for its own shortcomings if it follows through on a threat based on a “misleading narrative,” CrowdStrike said.
Security Week ☛ Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning
Chinese group StormBamboo spotted delivering backdoored Windows and macOS malware by compromising an ISP and using DNS poisoning.
Security Week ☛ Apache OFBiz Users Warned of New and Exploited Vulnerabilities
Organizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed.
A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn't get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim's operations.
WhichUK ☛ Which? Get Answers podcast: how hackable is your smart home?
We explain how the household items you expect to last years, may be letting you down and leaving you vulnerable to hackers.
Unicorn Media ☛ IBM Report: Breach Costs Continue to Rise While Consumers Foot the Bill
One surprise in this year's Cost of a Data Breach Report is that generative Hey Hi (AI) is being successfully used not only to prevent data breaches, but to substantially lower the cost of a breach when one happens.
Multiple Tomcat Vulnerabilities Fixed in Ubuntu and Debian
Tomcat, a widely-used servlet and JSP engine, has recently undergone several security updates to address critical vulnerabilities. These vulnerabilities, if exploited, could lead to denial of service (DoS) attacks or arbitrary code execution, posing significant risks to affected systems. This article explores the specifics of these vulnerabilities, their potential consequences, and provides guidance for safeguarding your Linux infrastructure.
