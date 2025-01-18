Security Leftovers
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (rsync and tomcat9), Fedora (chromium, mingw-python-jinja2, redict, and valkey), Gentoo (GIMP and pip), Oracle (.NET, fence-agents, ipa, kernel, python-virtualenv, raptor2, and rsync), Red Hat (.NET 8.0 and .NET 9.0), SUSE (apache2-mod_jk, git, git-lfs, kernel, python-Django, thunderbird, and xen), and Ubuntu (audacity, bcel, dotnet8, dotnet9, gimp-dds, harfbuzz, libxml2, poppler, rsync, and tqdm).
Federal News Network ☛ Noem calls for ‘smaller, more nimble’ CISA during nomination hearing
South Dakota Gov. Kristi Noem, Trump's pick to lead DHS, criticized CISA's work on misinformation and said the agency "has gotten far off mission."
Hackaday ☛ New Bambu Lab Firmware Update Adds Mandatory Authorization Control System
As per a recent Bambu Lab blog post, its FDM printers in the X1 series will soon receive a firmware update that adds mandatory authentication for certain operations, starting with the firmware update on January 23rd for the aforementioned FDM printers. These operations include performing firmware upgrades, initiating a print job (LAN or cloud), remote video access and adjusting parameters on the printer. Using the printer directly and starting prints from an SD card are not affected.
Bruce Schneier ☛ Social Engineering to Disable iMessage Protections
I am always interested in new phishing tricks, and watching them spread across the ecosystem.