news
Security Leftovers
-
Federal News Network ☛ How to know if your random number generator is really random
"Encryption methodology actually makes use of random numbers in order to secure that information," said Travis Humble.
-
LWN ☛ Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, kernel, kernel-rt, redis:6, and yelp and yelp-xsl), Debian (chromium), Red Hat (compat-openssl11, kernel, and thunderbird), and SUSE (nbdkit, open-vm-tools, and rustup).
-
Security Week ☛ Google Warns UK Retailer Hackers Now Targeting US
Google says the hacking group behind the recent cyberattacks on UK retailers is now shifting focus to the US.
-
Security Week ☛ Chinese Hackers Hit Drone Sector in Supply Chain Attacks
The China-linked hacking group Earth Ammit has launched multi-wave attacks in Taiwan and South Korea to disrupt the drone sector.
-
Bruce Schneier ☛ Communications Backdoor in Chinese Power Inverters
This is a weird story:
U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said.
Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, one of them said.
-
Tom's Hardware ☛ Intel reports wave of high-severity GPU vulnerabilities — ten unique security vulnerabilities stemming from poor software hit range of graphics solutions
Intel has reported ten new GPU-related security vulnerabilities affecting drivers and graphics control software across a range of its GPU offerings this week. The announcement immediately follows announcements of a Spectre workaround from ETH Zurich.
-
Neowin ☛ The Tor Project's new Oniux tool protects all your GNU/Linux apps from snoopers
The Tor Project has announced a new program for GNU/Linux users which routes individual programs through Tor very securly, here's how to install it.
-
OpenSSF (Linux Foundation) ☛ Case Study: Ericsson’s C/C++ Compiler Options Hardening Guide and OpenSSF Collaboration
Ericsson, a global leader in telecommunications and networking, has been deeply engaged in open source and software security for over a decade.
-
Security Week ☛ Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’
Google has rolled out a Chrome 136 update that resolves a high-severity vulnerability for which a public exploit exists.
-
Security Week ☛ Production at Steelmaker Nucor Disrupted by Cyberattack
American steel giant Nucor on Wednesday disclosed a cybersecurity incident that bears the hallmarks of a ransomware attack.
-
Security Week ☛ Canadian Electric Utility Lists Customer Information Stolen by Hackers
Nova Scotia Power says a wide range of personal and financial information was stolen in the recent cyberattack.
-
Security Week ☛ Australian Human Rights Commission Discloses Data Breach
The Australian Human Rights Commission says data submitted through the complaint form on its website was inadvertently exposed.
-
Troy Hunt ☛ Welcoming the Malaysian Government to Have I Been Pwned
Today, we welcome the 40th government onboarded to Have I Been Pwned's free gov service, Malaysia.
-
Silicon Angle ☛ Coinbase suffers data breach, exposing customer information to hackers
Coinbase Global Inc., a major U.S. cryptocurrency exchange with more than 100 million customers, disclosed today that cybercriminals bribed offshore customer service support agents to steal customer data. In a blog post, the company said no passwords, private keys or funds were exposed, but personal customer information was stolen.
-
Heads Up Windows, Mac, Linux Users: High-Severity Chrome Flaw Patched By Google; Update Now
Google has issued an emergency security patch in order to fix a high-severity flaw in the Chrome web browser that could result in complete account takeover if successfully exploited. The critical security issue is one of four Chrome vulnerabilities that Google has released updates for.
Although it is unknown if this security issue has been utilised in attacks, the tech giant cautioned that it ha
-
Windows TCO / Windows Bot Nets
-
Beta News ☛ Windows 11 hacked multiple times by security researchers at Pwn2Own Berlin 2025
As part of its Zero Day Initiative (ZDI), Trend Micro is holding its first Pwn2Own event in Berlin.
-