news
Security Leftovers
-
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (dropbear, firefox-esr, intel-microcode, net-tools, openafs, thunderbird, and xrdp), Fedora (chromium, micropython, syslog-ng, webkitgtk, and xen), Mageia (dropbear and openssh), Oracle (.NET 9.0, kernel, libjpeg-turbo, and yelp and yelp-xsl), Red Hat (compat-openssl11, git-lfs, grafana, kernel, and osbuild and osbuild-composer), Slackware (mozilla), SUSE (cargo-c, gimp, iputils-20240905, kernel, libraw, microcode_ctl, openssh, pnpm, python311-cramjam, python311-httptools, python311-jwcrypto, python311-loguru, python311-mechanize, python311-nltk, python311-oauthlib, python311-py7zr, python311-pycapnp, python311-pyspnego, python311-pywayland, python311-suds, python311-treq, python311-ujson, python311-waitress, ruby3.4-rubygem-actionmailer, ruby3.4-rubygem-actiontext, ruby3.4-rubygem-activerecord, ruby3.4-rubygem-activestorage, ruby3.4-rubygem-fluentd, ruby3.4-rubygem-globalid, ruby3.4-rubygem-jquery-rails, ruby3.4-rubygem-kramdown, ruby3.4-rubygem-loofah, ruby3.4-rubygem-multi_xml, ruby3.4-rubygem-puma, ruby3.4-rubygem-rails, ruby3.4-rubygem-rails-html-sanitizer, ruby3.4-rubygem-sprockets, ruby3.4-rubygem-web-console, ruby3.4-rubygem-websocket-extensions, ucode-intel-20250512, and valkey), and Ubuntu (dotnet8, dotnet9, linux, linux-aws, linux-aws-6.8, linux-ibm, linux-lowlatency,
linux-lowlatency-hwe-6.8, linux-oracle, linux, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-oracle, linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg,
linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia,
linux-oracle, linux-oracle-5.15, linux-fips, linux-gcp, linux-gcp-5.15, linux-gcp-fips, linux-gke, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-realtime, and linux-xilinx-zynqmp).
-
Scoop News Group ☛ Don’t let DOGE destroy CISA
MElon’s DOGE isn’t about efficiency — it’s about destruction. We should not let this administration tear down our best defenses against those trying to attack us in cyberspace.
-
APNIC ☛ The invisible war: Why securing the Internet is everyone’s responsibility
Guest Post: Cybersecurity isn't just a tech problem, it's an everybody problem.
-
Security Week ☛ Prison Sentence for Man Involved in SEC X Account Hack
Eric Council Jr. was sentenced to prison for hacking SEC’s official X account and publishing fraudulent posts increasing Bitcoin value.
-
Security Week ☛ 200,000 Harbin Clinic Patients Impacted by NRS Data Breach
Harbin Clinic says the information of over 200,000 patients was stolen in a July 2024 data breach at Nationwide Recovery Services.
-
Security Week ☛ 480,000 Catholic Health Patients Impacted by Serviceaide Data Leak
Serviceaide exposed a database containing personal and medical information belonging to Catholic Health patients.
-
Security Week ☛ UK Legal Aid Agency Finds Data Breach Following Cyberattack
The UK’s Legal Aid Agency was targeted in a cyberattack in April and it recently determined that hackers have stolen sensitive data.
-
Security Week ☛ Printer Company Procolored Served Infected Software for Months
Procolored’s public website served dozens of software downloads containing information stealer malware and a backdoor.
-
Windows TCO / Windows Bot Nets
-
SANS ☛ RAT Dropped By Two Layers of AutoIT Code, (Mon, May 19th)
.... simple language that can interact with all the components of the backdoored Windows operating system. I regularly discover AutoIT3 binaries (yes, it can be compiled).
-