Tux Machines

Proprietary and Security Leftovers

Posted by Roy Schestowitz on Feb 28, 2023

=> Programming: Raspberry Pi, Qt Project, Go with the Gin Framework | Linux Mint 21.2 Promises Better Support for Flatpak Apps, Faster File Management

Danish hospital websites targeted in cyber attack

=> ↺ Danish hospital websites targeted in cyber attack

A hacker group took nine Danish hospital websites offline on Sunday afternoon, following a similar attack on Danish airports last Wednesday, and another in Sweden.

Security updates for Monday [LWN.net]

=> ↺ Security updates for Monday [LWN.net]

Security updates have been issued by Debian (apr-util, freeradius, mono, nodejs, php7.3, php7.4, and python-cryptography), Fedora (epiphany, haproxy, and podman), SUSE (chromium, libraw, php7, php74, python-pip, and rubygem-activerecord-4_2), and Ubuntu (apr, clamav, curl, intel-microcode, nss, openvswitch, webkit2gtk, and zoneminder).

How Offensive Action is Countering Ransomware

=> ↺ How Offensive Action is Countering Ransomware

Ransomware attacks have crossed a red line for many countries with continued merciless attacks. The threat to national economies and critical infrastructure marked a turning point. Governments are fighting back, and one of the strategies now routinely employed is infiltrating the servers and infrastructure of ransomware gangs. A recent offensive action against a top ransomware gang shows it can be a powerful tool both to rattle ransomware groups and provide real-time help to victims.

Don't be fooled by serverless

=> ↺ Don't be fooled by serverless

But what happens if a customer needs the performance of a whole box, most of the time? Then they're paying $1,400/month for $1,000's worth of computing. Or maybe, because they're reserving the whole box, they'll get a deal at $1,250/month by committing to a whole year. That deal is far less obviously good on both sides. It's basically a credit agreement at a 25% APR. Tread wisely!

Enter serverless. It's the same financial mechanics as above, but you can slice the server far more thinly. Instead of renting out your one big server to seven customers at $200/month, you rent out individual function executions to 100 customers at $20/month. This now clears $1,000/month in profit instead of just $400/month. No wonder cloud providers love serverless!

Responsible Disclosure: Abandoned Buckets and Billing Emails

=> ↺ Responsible Disclosure: Abandoned Buckets and Billing Emails

This is a problem. Amazon doesn't reserve bucket names after they're abandoned. Which means digital miscreants can claim them.

553 days from discovery to notification? DataBreaches asked Dental Health Management Solutions why.

=> ↺ 553 days from discovery to notification? DataBreaches asked Dental Health Management Solutions why.

Why did it take 553 days from discovery to notify patients? Is the delay acceptable? Applying the standards for HIPAA-covered entities, and having reported on many breaches by now, DataBreaches believes a delay that long is not acceptable unless there are factors we do not know about in play. DataBreaches sent inquiries to both DHMS and their external counsel at Wilson Elser to ask for an explanation for the serious delay. No replies have been received.

=> gemini.tuxmachines.org