-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on May 19, 2023
> Some cybersecurity experts have expressed concerns about two new top-level domains that became generally available earlier this month. The two top-level domains were released by Google LLC on May 3 along with six others.
> On May 3rd, Google Registry launched eight new top-level domains (TLDs) “for dads, grads and techies”, including a .zip TLD. While these new TLDs come with benefits such as automatic inclusion on the HSTS preload list, the launch of new TLDs has always presented cyber criminals with the opportunity to register domains in bad faith.
> Kubernetes co-founder Craig McLuckie and Sigstore founder Luke Hinds today announced the launch of a new software supply chain company called Stacklok, after the company raised $17.5 million in venture capital funding ahead of its reveal.
> The U.S. Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency and the Australian Cyber Security Centre have issued a joint warning about a change in tactics from a well-known ransomware group from traditional ransomware encryption to exfiltration-based extortion. The group, called BianLian, is believed to have first emerged in 2021.
> CISA, FBI, and ACSC warn critical infrastructure organizations of the BianLian ransomware group’s attacks.
> Technological equipment supplier Lacroix has closed three production sites after experiencing a ransomware attack.
> AWS is open sourcing its Cedar policy language and authorization engine and Snapchange, an open source snapshot-based fuzzing tool.
> The Security Profiles Operator (SPO) is a feature-rich operator for Kubernetes to make managing seccomp, SELinux and AppArmor profiles easier than ever. Recording those profiles from scratch is one of the key features of this operator, which usually involves the integration into large CI/CD systems. Being able to test the recording capabilities of the operator in edge cases is one of the recent development efforts of the SPO and makes it excitingly easy to play around with seccomp profiles.
> The v0.8.0 release of the Security Profiles Operator shipped a new command line interface called spoc, a little helper tool for recording and replaying seccomp profiles among various other things that are out of scope of this blog post.
> Google has released a Chrome 113 update to patch 12 vulnerabilities, including a critical use-after-free flaw.
> Lawmakers advanced four on Wednesday that would broaden the Cybersecurity and Infrastructure Security Agency's portfolio.
> The Supreme Court of Delaware state ruled on Wednesday that an earlier judgment made by the Delaware Court of Chancery in its memorandum opinion of 6 September 2022 and affirmed in a final order on 13 October 2022 should stand.
> Threat actors have been selling access to energy sector organizations, including ICS and other OT systems, according to a new report from Searchlight Cyber.
> Apple says it rejected 1.7 million applications from being published in the App Store in 2022.
-- Response ended
-- Page fetched on Fri Jun 14 01:46:01 2024