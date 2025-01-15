Security Leftovers
Pen Test Partners ☛ Tackling Hey Hi (AI) threats. Advanced DFIR methods and tools for deepfake detection
TL; DR AI-generated documents, videos and more pose significant challenges for DFIR DFIR teams can harness innovative detection strategies and tooling Digital fingerprinting and watermarking [...]
Wladimir Palant ☛ Wladimir Palant: Chrome Web Store is a mess
Let’s make one thing clear first: I’m not singling out Google’s handling of problematic and malicious browser extensions because it is worse than Microsoft’s for example. No, Abusive Monopolist Microsoft is probably even worse but I never bothered finding out. That’s because Abusive Monopolist Microsoft Edge doesn’t matter, its market share is too small. Surveillance Giant Google Chrome on the other hand is used by around 90% of the users world-wide, and one would expect Surveillance Giant Google to take their responsibility to protect its users very seriously, right? After all, browser extensions are one selling point of Surveillance Giant Google Chrome, so certainly Surveillance Giant Google would make sure they are safe?
Krebs On Security ☛ Microsoft: Happy 2025. Here’s 161 Security Updates [Ed: And mass layoffs, too]
Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.
[DE] SequoiaPGP ☛ Sequoia PGP: c’t Open Source Spotlight interview with Neal
Kurz nach dem 1.0 Release von sq, schrieb mir Keywan Tonekaboni eine Mail und fragte mich, ob ich Zeit für ein kurzes Interview für den c’t Open Source Spotlight hätte. Ein paar Tage später erschien das Interview mit einer schönen Einleitung von Keywan. Leider gibt es kein Archiv also habe ich den Inhalt mit Keywans Erlaubnis hier wiedergegeben.
Windows TCO / Windows Bot Nets
Cyble Inc ☛ Eindhoven University Cybeattack: Network Shut Down
On Sunday, January 12, 2025, the Univerity announced that it had shut down its network in response to the cyberattack on Eindhoven University. The university’s statement explained that, due to the cyberattack, the network-bound systems were rendered inaccessible, which meant that systems like email, Wi-Fi, Canvas, and Teams were unavailable for students and staff. The closure affected all educational activities, including lectures, and will remain in place at least until Monday, January 13, 2025.
The Register UK ☛ UK floats ransomware payout ban for public sector
Announced today, the 12-week consultation will run from January 14 to April 8 and explore three proposals, the first of which is the total payment ban for the public sector and critical national infrastructure (CNI) organizations.
The overarching notion is to make the prospect of targeting these sectors undesirable for financially motivated criminals. It would also involve mandatory reporting of incidents to support law enforcement and intelligence agencies.
Confidentiality
Clayton Errington ☛ Changing Your LUKS Full Disk Encryption Password
You can do a full disk encryption on you Linux devices and changing your Linux Unified Key Setup (LUKS) Full Disk Encryption Password should be a normal practice as well. When I did the installation of my operating system, it was a choice to set this up at boot. Just like passwords to online and other accounts, it is a good practice to change your user account logins on my computer as well.
Integrity/Availability/Authenticity
The Register UK ☛ Snyk deployed 'malicious' packages, claims infoseccer [Ed: Snyky spies in "security" clothing]
Developer security [sic] company Snyk is at the center of allegations concerning the possible targeting or testing of Cursor, an AI code editor company, using "malicious" packages uploaded to NPM.
