Security Leftovers
-
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (ansible, chromium, ghostscript, glib2.0, intel-microcode, and kernel), Fedora (dotnet9.0, needrestart, php, and python3.6), Oracle (cups, kernel, osbuild-composer, podman, python3.12-urllib3, squid, and xerces-c), Red Hat (buildah, edk2, gnome-shell, haproxy, kernel, kernel-rt, libvpx, pam, python3.11-urllib3, python3.12-urllib3, qemu-kvm, rhc-worker-script, squid:4, and tigervnc), Slackware (php), SUSE (chromedriver, chromium, dcmtk, govulncheck-vulndb, iptraf-ng, and traefik2), and Ubuntu (linux-oracle and openjdk-23).
-
SANS ☛ The strange case of disappearing Russian servers, (Mon, Nov 25th)
Few months ago, I noticed that something strange was happening with the number of servers seen by Shodan in Russia...
-
Silicon Angle ☛ Ransomware attack on Panasonic’s Blue Yonder disrupts supply chains in UK and US [Ed: Well, ransomware is almost always Windows]
A ransomware attack on Panasonic Corp.-owned supply chain management company Blue Yonder Group Inc. resulted in supply chain delays and issues in the U.K. and U.S. over the weekend and into today. The ransomware attack, which was detected on Nov. 21, caused disruptions to Blue Yonder’s managed services hosted environment.
-
Bruce Schneier ☛ Security Analysis of the MERGE Voting Protocol
Interesting analysis: An Internet Voting System Fatally Flawed in Creative New Ways.
Abstract: The recently published “MERGE” protocol is designed to be used in the prototype CAC-vote system. The voting kiosk and protocol transmit votes over the internet and then transmit voter-verifiable paper ballots through the mail. In the MERGE protocol, the votes transmitted over the internet are used to tabulate the results and determine the winners, but audits and recounts use the paper ballots that arrive in time.
-
OpenSSF (Linux Foundation) ☛ Understanding the CRA: OpenSSF’s Role in the Cyber Resilience Act Implementation – Part 1
With publishing as Regulation (EU) 2024/2847 in the Official Journal of the European Union, the Cyber Resilience Act (CRA) enters into force (EIF) on December 10, 2024. The CRA will fully apply three years later, on December 11, 2027. The CRA will obligate all products with digital elements, including their remote data processing, put on the European market to follow this regulation. This new blog series will cover the implementation of the CRA and its relevance to open source software.
-
Scoop News Group ☛ An opportunity for Trump’s deregulation journey: Cybersecurity harmonization
The incoming administration should lean into its efficiency push by taking on the patchwork system of cyber regulations.
-
Federal News Network ☛ CISA debuts new cybersecurity training platform
The new "CISA Learning" system will offer the same training to both internal staff and tens of thousands of external users.
-
Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking [Ed: 'Article' partly composed by bots to repeat old and discredited FUD about "Linux"]
-
Standards/Consortia
-
IT Wire ☛ Yubico to submit YubiKey 5 FIPS Series for FIPS 140-3 validation
Yubico has a large number of customers that rely on our YubiKey 5 FIPS Series security keys to keep their organisations secure from increasingly sophisticated phishing attacks, as well as stay compliant to the latest government and industry regulations. The next steps in our journey toward FIPS 140-3 validation ensures the strongest phishing-resistant security for our customers will be available and in line with CMVP recommendations for transitioning, thus allowing organisations to meet strict compliance requirements with the highest authenticator assurance level 3 (AAL3) requirements from the NIST SP800-63B guidance.
-