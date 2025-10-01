news
Security and Windows TCO
The Register UK ☛ Kroah-Hartman explains Cyber Resilience Act for open source
When the news of the EU's Cyber Resilience Act (CRA) first emerged, open source software developers and companies were worried sick. As the Python Software Foundation (PSF) executive director Deb Nicholson said at the time, "Under the current language, the PSF could potentially be financially liable for any product that includes Python code, while never having received any monetary gain from any of these products." Ouch!
Since then, however, the EU has made the CRA more open source friendly. How friendly? Well, according to Greg Kroah-Hartman, a top Linux kernel maintainer and member of the CRA working group of experts, "for open source contributors and maintainers, … [the] CRA is a good thing. I think it's gonna help us.
Speaking in Paris at the Linux Kernel Recipes conference, Kroah-Hartman started by saying, "You never expect to be dealing with lawyers and things like that when you start out programming. But here I am. This is all my personal opinion." But, he believes, the CRA has become "something that's actually palatable and can be used" for open source's benefit.
OpenSSF (Linux Foundation) ☛ OpenSSF Newsletter – September 2025
Welcome to the September 2025 edition of the OpenSSF Newsletter! Here’s a roundup of the latest developments, key events, and upcoming opportunities in the Open Source Security community. TL;DR: 🎉...
Security Week ☛ Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues
In one attack, the hackers leveraged the Datto RMM utility on a domain controller and various other legitimate tools to evade detection.
Security Week ☛ Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention
The government has announced a support package, but a cybersecurity expert has raised some concerns.
Federal News Network ☛ Hackers used a fake congressional email to breach federal systems and exploit trust
"It is time to look at ways we can enhance the security of what's going back and forth digitally," said Yejin Jang.
Silicon Angle ☛ New ML-KEM standard aims to protect data from future quantum attacks
Quantum experts are heralding the arrival of a new cryptographic algorithm, Module-Lattice-Based Key-Encapsulation Mechanism, or put more simply: ML-KEM. Why prepare for post-quantum attacks when quantum computers don’t exist yet? Securing your data now is essential, according to Shane Kelly (pictured, left), principal crypto architect at DigiCert Inc.
Windows TCO / Windows Bot Nets
The Register UK ☛ Beijing-backed burglars target government web servers
Unit 42 first spotted this cluster of attackers in 2022 and has kept an eye on it ever since. On Tuesday the infosec investigators decided the group is worthy of a name – “Phantom Taurus” – because it has developed novel tactics, techniques, and procedures (TTPs) in pursuit of military and diplomatic targets across Asia, the Middle East, and Africa.
IT Wire ☛ The SOC case files: Akira ransomware turns victim’s remote management tool on itself
The attackers gained access to a domain controller (DC) — a critical server responsible for authenticating and validating user access to network resources such as files and applications. The Datto remote monitoring and management (RMM) tool was installed on the DC server.
The attackers deployed an approach known as Living Off The Land (LOTL), which involves using pre-installed and legitimate toolsets to carry out an attack.
They homed in on the RMM tool’s management console and used it, together with several previously installed backup agents, to implement the attack without triggering a security alert for a new software install or suspicious activity.
The Register UK ☛ The Windows 11 upgrade wave has yet to hit healthcare
Working out exactly the proportion of Windows devices running version 11 versus Windows 10 is tricky. Microsoft doesn't share its telemetry, yet Lansweeper's data, which is derived from approximately 8.5 million Windows 10 and 11 devices, can provide insight into the state of the enterprise world.
LockBit 5.0 Ransomware Emerges as a Major Cross-Platform Threat to Enterprises [Ed: Spin on Windows issues in Microsoft MVP site]
