-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Mar 23, 2023
> Security updates have been issued by Fedora (firefox), Oracle (kernel, kernel-container, and nss), and SUSE (curl, dpdk, drbd, go1.18, kernel, openstack-cinder, openstack-glance, openstack-neutron-gbp, openstack-nova, python-oslo.utils, oracleasm, python3, slirp4netns, and xen).
> Ransomware and data related attacks are the top cybersecurity threats to the transport sector in the EU, ENISA says.
> Spain needs more transparency over the Pegasus spyware hacking scandal, a European Parliament committee said.
> Many of the most successful cybercriminals are shrewd; they want good ROI, but they don’t want to have to reinvent the wheel to get it.
> Privacy Commissioner Michael Harvey has stepped away from further involvement in his office’s investigation into the 2021 cyber attack on the health care system.
> Revelations about government seeking a court ruling on a potential conflict of interest with Harvey was a topic during question period in the House of Assembly yesterday.
> Harvey is a former assistant deputy minister of health and was on the board of the Newfoundland and Labrador Centre for Health Information before being appointed as Privacy Commissioner.
> CISA announces adding more experts to its Cybersecurity Advisory Committee and updating the Cybersecurity Performance Goals.
> M7 Group’s Czech and Slovak operator Skylink has fallen the victim of a hacker attack.
> In a note published on the Skylink CZ’s Facebook page, the operator said: “We apologise, currently we have reported a system outage (web, customer zone) due to a hacker attack. We are working intensively on the repair. We thank you for your understanding”.
> McDonald's Korea was given a fine of 696 million won (US$532,110) on Wednesday after the personal data of 4.87 million customers was leaked to hackers due to the firm's lax data management.
> The Personal Information Protection Commission handed out the fine to the Korean branch of the American fast food chain, along with a financial penalty of about 10 million won for the data breach.
> Guenevere Chen, an associate professor in the UTSA Department of Electrical and Computer Engineering, recently published a paper on USENIX Security 2023 that demonstrates a novel inaudible voice trojan attack to exploit vulnerabilities of smart device microphones and voice assistants — like Siri, Google Assistant, Alexa or Amazon’s Echo and Microsoft Cortana — and provide defense mechanisms for users.
> Nearly 50,000 documents containing personal information of special education students who live in New York City and attend public school there were recently found
> Former Colorado GOP Senate candidate Robert “Eli” Bremer is livid over the Air Force’s failure to notify him about the branch’s improper release of his military records, which he first learned about from a reporter who was covering the latest developments in the problematic story for the Defense Department.
> Speaking to Fox News Digital on Wednesday, Bremer, a former Olympian who sought the GOP nomination for Senate in Colorado last year, said he was first notified about the incident by a Politico reporter who sought comment from him about the Air Force’s admission that it had leaked his records to Due Diligence Group, a Democratic Party-aligned research firm.
> Not all ransomware groups wield crypto-locking malware. Some have adopted other strategies. Take BianLian. After security researchers released a free decryptor for its malware, instead of encrypting files, the group chose to steal them and demand ransom solely for their safe return.
> Thousands of employees in the Massachusetts cannabis industry received an official email last week about a major data breach: the name, home and email address, phone number and date of birth of every cannabis worker in the state had been made public in an “inadvertent release of agency documents” by the state’s own Cannabis Control Commission. Along with the names and personal information, the dataset included a list of former employees and the specific reasons they were no longer associated with the marijuana company, including alleged violations of company policy.
> Hacktivist are increasingly turning towards targeting operational technology in critical infrastructure systems.
> Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones.
> The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.
> Cisco Talos researchers found two high-severity vulnerabilities in WellinTech’s KingHistorian industrial data historian software.
> The popular cybercrime forum BreachForums is being shut down following the arrest of Conor Brian Fitzpatrick, who is accused of running the website.
-- Response ended
-- Page fetched on Fri Jun 14 04:23:04 2024