Tux Machines
Posted by Roy Schestowitz on Apr 22, 2023
=> Greener FreeBSD and FreeBSD Status Report First Quarter 2023 | today's howtos
=> ↺ Reproducible Builds (diffoscope): diffoscope 241 released
The diffoscope maintainers are pleased to announce the release of diffoscope version 241. This version includes the following changes: [...]
=> ↺ Modified X_Trader software led to compromise of two critical infrastructure targets, Symantec says
Two targets in the energy sector are among the victims of a supply chain attack that is linked to North Korea and with a growing list of victims.
=> ↺ MIT and Stanford researchers develop operating system with one major promise: Resisting ransomware
Computer science researchers at MIT and Stanford are developing an operating system with built-in cybersecurity defenses.
=> ↺ Symantec: North Korean 3CX Hackers Also Hit Critical Infrastructure Orgs
The North Korean hacking group behind the supply chain attack that hit 3CX also broke into two critical infrastructure organizations in the energy sector.
=> ↺ Abandoned WordPress Plugin Abused for Backdoor Deployment
Attackers are installing the abandoned Eval PHP plugin on compromised WordPress sites to inject PHP code into web pages.
=> ↺ Capita Confirms Data Breach After Ransomware Group Offers to Sell Stolen Information
Capita finally confirmed that hackers stole data after the Black Basta ransomware group offered to sell information allegedly stolen from the company.
=> ↺ House Committee Hears Testimony on DC Health Data Breach
A top administrator with Washington’s health insurance exchange apologized to House members on Wednesday for the data breach that resulted in the disclosure of personal information for thousands of users.
=> ↺ Google Cloud Platform Vulnerability Led to Stealthy Account Backdoors
A vulnerability in Google Cloud Platform allowed attackers to modify and hide OAuth applications to create a stealthy backdoor to any Google account.
=> ↺ Using the iPhone Recovery Key to Lock Owners Out of Their iPhones
This a good example of a security feature that can sometimes harm security: [...]
=> ↺ example
=> ↺ example
=> ↺ 3CX breach linked to software supply chain attack on third party
A successful breach of videoconferencing and business phone company 3CX Ltd. first reported last month was caused by a software supply chain attack on a third party...
=> ↺ Optus lawsuit a ‘wake-up call’ to corporate Australia
A class action against Optus over a massive data breach will ask the courts to put a price on Australians’ privacy and is expected to serve as a wake-up call to the corporate world.
My latest book, A Hacker’s Mind, has a lot of sports stories. Sports are filled with hacks, as players look for every possible advantage that doesn’t explicitly break the rules. Here’s an example from pickleball, which nicely explains the dilemma between hacking as a subversion and hacking as innovation: [...]
=> ↺ A Hacker’s Mind | ↺ Here’s
=> ↺ A Hacker’s Mind | ↺ Here’s
=> ↺ Remotely Exploitable Chromium DoS, Info Disclosure Vulns Fixed
Several high-impact remotely exploitable vulnerabilities were recently discovered in the popular Chromium free and open-source web browser. These issues could lead to the execution of arbitrary code, denial of service (DoS) attacks resulting in potentially exploitable crashes, or the disclosure of sensitive information.
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB