-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Mar 25, 2023
> Security updates have been issued by Debian (chromium, libdatetime-timezone-perl, and tzdata), Fedora (flatpak and gmailctl), Mageia (firefox, flatpak, golang, gssntlmssp, libmicrohttpd, libtiff, python-flask-security, python-owslib, ruby-rack, thunderbird, unarj, and vim), Red Hat (firefox, kpatch-patch, nss, openssl, and thunderbird), SUSE (containerd, hdf5, qt6-base, and squirrel), and Ubuntu (amanda, gif2apng, graphviz, and linux, linux-aws, linux-azure, linux-gcp, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi).
> Github accidentally committed their SSH RSA private key to a repository, and now a bunch of people's infrastructure is broken because it needs to be updated to trust the new key. This is obviously bad, but what's frustrating is that there's no inherent need for it to be - almost all the technological components needed to both reduce the initial risk and to make the transition seamless already exist.
> Matthew Garrett looks at the recent disclosure of GitHub's private host key, how it probably came about, and what a better approach to key management might look like.
> A cyberattack on Our Lady of the Lake University’s computer network compromised personal data on its faculty, students and even individuals who applied to the university but never attended.
> The private Catholic university on San Antonio’s West Side this week confirmed that it recently found evidence that “unauthorized access” to its network occurred about Aug. 30 and that "a limited amount of personal information was removed." It declined to detail the types of information taken.
> Fitzpatrick’s arrest and the disruption of BreachForums comes nearly a year after the Department of Justice announced the seizure of a predecessor hacking marketplace, Raidforums, and unsealed criminal charges against RaidForums’ founder and chief administrator, who is the subject of extradition proceedings in the United Kingdom.
> U.S. cybersecurity firm Fortra said suspicious activity was identified within its GoAnywhere software nearly two months ago, a day after Rio Tinto in a staff memo said personal data of some of its Australian employees may have been stolen.
> The internal memo seen by Reuters on Thursday revealed payroll information, like payslips and overpayment letters, of a small number of the mining giants' Australian employees from January 2023 had possibly been seized by a cybercriminal group.
> The Pension Protection Fund (PPF) has confirmed that data belonging to current and former employees has been exposed in the wake of the GoAnywhere breach.
> In a statement to IT Pro, the fund, which manages pension assets for nearly 300,000 clients, said it has informed affected staff and is providing support and monitoring services for those impacted in the breach.
> Hundreds of thousands of Americans’ personal information is at risk after Medicare’s data was breached. Now, lawmakers want answers.
> House Committee on Oversight and Accountability Chairman James Comer, R-Ky., and House Committee on Energy and Commerce Chair Cathy McMorris Rodgers, R-Wash., sent a letter demanding a range of documents and communications from the Centers for Medicare & Medicaid Services.
> Seemingly immune for so long, here's a reminder that MacOS and Linux need to protect themselves against malware, too.
> Parents are still looking for answers weeks after hackers stole the personal data of thousands of users from kids’ tech coding camp iD Tech, with some fearing that their children’s data was compromised in the data breach.
> iD Tech, which provides on-campus classes and online tech and coding courses for kids, has yet to acknowledge the breach or notify parents.
> On the first day, Pwn2Own Vancouver 2023 hacking challenge participants compromised Windows 11, Tesla, macOS, and Ubuntu Desktop.
-- Response ended
-- Page fetched on Thu Jun 13 23:33:52 2024