Security and Microsoft/Windows TCO

posted by Roy Schestowitz on May 03, 2025

• The New Stack ☛ Linux Security Software Turned Against Users [Ed: Microsoft-sponsored site [1, 2]... Turned Against Users of Linux]

Federal News Network ☛ Cyber roundup: Another cybersecurity False Claims Act settlement

DoJ's Civil-Cyber Fraud Initiative put another feather in its cap with a new $8.5 million False Claims Act settlement with Raytheon.

• Security Week ☛ Canadian Electric Utility Hit by Cyberattack

  Nova Scotia Power and Emera are responding to a cybersecurity incident that impacted IT systems and networks. 

• Security Week ☛ SonicWall Flags Two More Vulnerabilities as Exploited

  SonicWall has updated the advisories for two vulnerabilities to warn that they are being exploited in the wild.

• Pen Test Partners ☛ The remote desktop puzzle. DFIR techniques for dealing with RDP Bitmap Cache

  TL;DR How RDP Bitmap Cache can reveal user activity No RDP logs? How can we reconstruct RDP activity?

• Security Week ☛ SentinelOne Targeted by North Korean IT Workers, Ransomware Groups, Chinese Hackers

  SentinelOne has shared some information on the types of threat actors that have targeted the security firm recently.

• Security Week ☛ Ascension Discloses Data Breach Potentially Linked to Cleo Hack

  Ascension is notifying over 100,000 people that their personal information was stolen in a data breach potentially linked to the Cleo hack.

• NYPost ☛ Billions of iPhone users at risk of dangerous malware attack — newly-found flaw warning issued

  Apple users are being urged to update their devices ASAP.

• Security Week ☛ Chinese APT’s Adversary-in-the-Middle Tool Dissected

  ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor.

• CVE-2025-43857: DoS vulnerability in net-imap

  There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier CVE-2025-43857. We recommend upgrading the net-imap gem.

• Scoop News Group ☛ Quantum computer threat spurring quiet overhaul of internet security

  Cryptography experts said a “Cambrian explosion” of standards is on its way as a response to worries over quantum computers breaking current algorithms.

• Windows TCO / Windows Bot Nets

  • Security Week ☛ Commvault Shares IoCs After Zero-Day Attack Hits Microsoft trap Azure Environment

    Commvault provides indicators of compromise and mitigation guidance after a zero-day exploit targeting its Microsoft trap Azure environment lands in CISA’s KEV catalog.

  • The Record ☛ Nefilim ransomware suspect extradited from Spain to US

    A Ukrainian citizen has been charged and extradited to the United States for allegedly using Nefilim ransomware to attack large companies in the U.S. and elsewhere, federal prosecutors said Thursday.

  • The Register UK ☛ ICO confirms no action to be taken against British Library

    The UK's data protection overlord is not going to pursue any further investigation into the British Library's 2023 ransomware attack.

  • The Record ☛ British Library avoids investigation over ransomware attack, praised again for response

    The British Library — the national library of the United Kingdom and an archive of millions of books and manuscripts — has been praised for its response to the incident. Officials across government have wanted to avoid punishing victim organizations that responded to ransomware attacks in a way that meets the standards of best victim behavior.

• Entrapment (Microsoft GitHub)

  • Krebs On Security ☛ xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

    An employee at Elon Musk’s artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk’s companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned.

  • The New Stack ☛ Linus Torvalds Reflects on 20 Years of Git [Ed: Bad way to mark this anniversary

    It was 20 years ago that Linus Torvalds wrote the Git distributed version control system — April 7 2005 was he made the first commit. So in early April, GitHub celebrated. GitHub staff software engineer Taylor Blau conducted an interview with Torvalds, which GitHub then shared on YouTube (where the git-based service’s channel has 467,000 subscribers).

• Confidentiality

  • Marcy Wheeler ☛ Despite Pete Hegseth, Signal is Good

    So despite the fact that Hegseth’s phone would be one of the more targeted in the world, and Hegseth himself is an idiot, his phone isn’t necessarily compromised. It might be, but it’s hard to be sure. It’s quite hard to hack a modern phone, especially if the person using the phone updates it every time there’s an update released, and doesn’t click on things they don’t know are OK. There are fancy attacks, called Zero-Click Attacks, that don’t require any user interaction, but they’re hard to build and expensive.

  • Tor ☛ Arti 1.4.3 is released: Prometheus metrics support, inital work on Counter Galois Onion and congestion control. | The Tor Project

    Arti is our ongoing project to create a next-generation Tor client in Rust. Now we're announcing the latest release, Arti 1.4.3.