Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jul 22, 2023

=> Linux Foundation, Openwashing, and Microsoft | WinTile GNOME Extension Adds More Settings, Drag Zones

Microsoft Gets the Top Spot for Impersonated Brand for Phishing Scams in Quarter 2 of 2023, Reveals Report [Ed: Microsoft back doors are even worse because Microsoft is directly culpable]

=> ↺ Microsoft Gets the Top Spot for Impersonated Brand for Phishing Scams in Quarter 2 of 2023, Reveals Report

New Delhi, July 21: Microsoft took the top spot in the second quarter (Q2) of 2023 as the most impersonated brand for phishing scams, a new report showed on Friday.

Car thefts have skyrocketed in cities across the U.S.

=> ↺ Car thefts have skyrocketed in cities across the U.S.

Car thefts in dozens of cities across the U.S. have skyrocketed so far this year, according to a new report on crime.

=> ↺ Car thefts

Why it matters: Motor vehicle thefts are up by roughly 34% from the same period last year, underscoring how crime patterns have evolved as the country has emerged from the pandemic.

=> ↺ Council on Criminal Justice | ↺ Car thefts

Russia Seeks 18 Years in Jail for Founder of Cybersecurity Firm

=> ↺ Russia Seeks 18 Years in Jail for Founder of Cybersecurity Firm

A Russian prosecutor requested an 18-year prison sentence for Ilya Sachkov, founder of cybersecurity firm Group-IB.

Russian Prosecutors Seek 18 Years In Prison For Cybersecurity Company Chief

=> ↺ Russian Prosecutors Seek 18 Years In Prison For Cybersecurity Company Chief

Prosecutors have asked the Moscow City Court to convict and sentence Ilya Sachkov, the head of a leading Russian cybersecurity company, to 18 years in prison on a high treason charge.

Reproducible Builds (diffoscope): diffoscope 245 released

=> ↺ Reproducible Builds (diffoscope): diffoscope 245 released

The diffoscope maintainers are pleased to announce the release of diffoscope version 245. This version includes the following changes:

GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees [Ed: Microsoft is not a security authority; it's a security risk and foe, a purveyor of back doors]

=> ↺ GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees

North Korean hackers are targeting employees at technology firms with repository invitations and malicious NPM packages.

Notorious North Korean hackers targeted a US software company to steal crypto data

=> ↺ Notorious North Korean hackers targeted a US software company to steal crypto data

A North Korean state-backed hacker group attacked JumpCloud, a US software company, in an attempt to steal information about its cryptocurrency clients. JumpCloud first reported that a “nation-state actor” carried out a security breach in late June, and yesterday (July 20) the company confirmed North Korean actors…

=> ↺ attacked JumpCloud

Tampa General Hospital Says Patient Information Stolen in Ransomware Attack

=> ↺ Tampa General Hospital Says Patient Information Stolen in Ransomware Attack

Tampa General Hospital has started informing patients that their personal information was stolen in a ransomware attack.

Citrix Zero-Day Exploited Against Critical Infrastructure Organization

=> ↺ Citrix Zero-Day Exploited Against Critical Infrastructure Organization

CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization.

VirusTotal Provides Clarifications on Data Leak Affecting Premium Accounts

=> ↺ VirusTotal Provides Clarifications on Data Leak Affecting Premium Accounts

VirusTotal has provided clarifications on the recent data leak that resulted in the exposure of information on 5,600 of the threat analysis service’s customers.

In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

=> ↺ In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 17, 2023.

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers

=> ↺ OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers

Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely.

P2P Worm Attacking 307,000 Redis Instances on Linux and Windows Systems [Ed: This bug was patched ages ago; this is an issue of negligence, not "Linux"]

=> ↺ P2P Worm Attacking 307,000 Redis Instances on Linux and Windows Systems

While the P2PInfect P2P worm targets the Redis instances using CVE-2022-0543 vulnerability.

Podcast: How to make IoT more consumer-friendly

=> ↺ Podcast: How to make IoT more consumer-friendly

This week we dig in on two topics that will make the internet of things friendlier for consumers. The first is the newly announced cybersecurity label plan from the White House that will create a way for consumers to see if their planned IoT purchase meets adequate cybersecurity standards.

Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy

=> ↺ Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy

The Atlantic Council released a detailed commentary on the White House’s new “Implementation Plan for the 2023 US National Cybersecurity Strategy.” Lots of interesting bits.

=> ↺ detailed commentary

=> ↺ detailed commentary

=> gemini.tuxmachines.org

Proxy Information
Original URL
gemini://gemini.tuxmachines.org/n/2023/07/22/Security_Leftovers.gmi
Status Code
Success (20)
Meta
text/gemini;lang=en-GB
Capsule Response Time
140.709169 milliseconds
Gemini-to-HTML Time
1.430269 milliseconds

This content has been proxied by September (ba2dc).