news
Security Leftovers
-
LWN ☛ Security updates for Wednesday
Security updates have been issued by Fedora (apptainer, civetweb, mod_http2, openssl, pandoc, and pandoc-cli), Oracle (kernel), Red Hat (gstreamer1-plugins-bad-free, iputils, kernel, open-vm-tools, and podman), SUSE (cairo, firefox, ghostscript, gimp, gstreamer-plugins-rs, libxslt, logback, openssl-1_0_0, openssl-1_1, python-xmltodict, and rubygem-puma), and Ubuntu (gst-plugins-base1.0, linux-aws-6.8, linux-aws-fips, linux-azure, linux-azure-nvidia, linux-gke, linux-nvidia-tegra-igx, and linux-raspi).
-
Security Week ☛ Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching
Hundreds of internet-exposed Oracle E-Business Suite instances may still be vulnerable to attacks.
-
Security Week ☛ DraftKings Warns Users of Credential Stuffing Attacks
Hackers accessed user accounts and compromised names, addresses, phone numbers, email addresses, and other information.
-
Security Week ☛ Ransomware Group Claims Attack on Beer Giant Asahi
The hackers claim the theft of 27 gigabytes of data, including contracts, employee information, and financial documents.
-
Federal News Network ☛ The shutdown and CISA lapse expose new cracks in America’s cyber defenses
"What's at risk are confidential communications about commerce and trade deals and what the military is doing," said Mike Hamilton.
-
Federal News Network ☛ Why the public sector can’t afford to measure the wrong cybersecurity metrics
Agencies that embrace automation, reduce bureaucracy and focus on continuous performance will be better positioned to face the threats of today and tomorrow.
-
Latvia ☛ 15% of Latvian businesses experience ICT security incidents
In 2023, 21.5% of EU enterprises experienced ICT security incidents resulting in different types of consequences such as the unavailability of ICT services, destruction or corruption of data or disclosure of confidential data, according to fresh Eurostat data.