news
Windows TCO and Security Leftovers
-
The Register UK ☛ Sudo-rs make me a sandwich, hold the buffer overflows [Ed: This will not improve security; it will, however, give Microsoft more control]
Canonical's Ubuntu 25.10 is set to make sudo-rs, a Rust-based rework of the classic sudo utility, the default – part of a push to cut memory-related security bugs and lock down core system components.
-
Windows TCO / Windows Bot Nets
-
The Strategist ☛ Mapping a decade’s worth of hybrid threats targeting Australia
We collected data from sources including government statements, media reports, cyber firm alerts and think tank reports. We also cross-checked reports, making sure the counted activities were reported across multiple credible sources. We assessed whether these past hybrid activities were state-linked and sorted the activities into six threat categories: economic coercion; foreign interference; narrative and information campaigns; cyberattack; military and paramilitary coercion; and diplomatic coercion.
Due to their nature, covert or unreported hybrid activities were not captured.
-
Security Week ☛ Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day
The vulnerability in question is tracked as CVE-2025-29824 and it was patched by Microsoft with its April 2025 Patch Tuesday updates. The flaw impacts the Windows Common Log File System (CLFS) and it can be exploited by an attacker to escalate privileges.
-
Scoop News Group ☛ PowerSchool customers hit by downstream extortion threats
The downstream extortion attacks highlight the ongoing risk organizations confront when a vendor is hit by a cyberattack, exposing not just their data but also that of others in their supply chain. The follow-on extortion attempts also underscore that paying ransoms for data does not guarantee stolen data won’t be leaked.
-
Scoop News Group ☛ Six DDoS sites seized in multi-national law enforcement operation
The suspects are believed to have operated six so-called “stresser” or “booter” services that enabled customers across the world to launch thousands of attacks on targets ranging from government offices to businesses and schools. From 2022 to 2025, the platforms — identified as Cfxapi, Cfxsecurity, neostress, jetstress, quickdown, and zapcut — allegedly allowed users to bombard websites and servers with high volumes of junk traffic, often rendering them inaccessible.
-
Security Week ☛ Europol Announces More DDoS Service Takedowns, Arrests
For years, law enforcement authorities in North America, Europe and the APAC region have worked together to disrupt services that enable anyone to launch DDoS attacks against specified online services. These DDoS-for-hire services, also known as booter services, enable users to disrupt a website, in some cases for just a few dollars.
-
The Record ☛ Despite ransom payment, PowerSchool [intruder] now extorting individual school districts
The company posted a statement on its website saying it is “aware that a threat actor has reached out to multiple school district customers in an attempt to extort them using data from the previously reported December 2024 incident.”
-
Exponential-e Ltd ☛ NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attacked - Exponential-e Blog
However, in the advisory it published on its website, the NCSC appears to have given credence to the theory that the attackers gained access to corporate victims' internal systems by exploiting employees' legitimate accounts.
-