Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Aug 10, 2023

=> Valley News - PSU robot program has a new goal: Fixing automated scarecrows | Kernel: LWN Articles and Removal of “fTPM” Garbage

Security updates for Wednesday

=> ↺ Security updates for Wednesday

Security updates have been issued by Debian (cjose, hdf5, and orthanc), Fedora (java-17-openjdk and seamonkey), Red Hat (curl, dbus, iperf3, kernel, kpatch-patch, libcap, libxml2, nodejs:16, nodejs:18, postgresql:10, postgresql:12, postgresql:13, and python-requests), SUSE (bluez, cjose, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly, keylime, openssl-1_1, openssl-3, pipewire, poppler, qemu, rubygem-actionpack-4_2, rubygem-actionpack-5_1, rust1.71, tomcat, webkit2gtk3, and wireshark), and Ubuntu (binutils, dotnet6, dotnet7, openssh, php-dompdf, and unixodbc).

Russia ‘prime suspect’ in cyber attack which saw names and addresses of 40M UK voters exposed – reports

=> ↺ Russia ‘prime suspect’ in cyber attack which saw names and addresses of 40M UK voters exposed – reports

Russia is suspected to have been behind a cyber attack which exposed the data of tens of millions of voters in the UK, raising fears it was an attempt to undermine democracy.

The Electoral Commission admitted on Tuesday (8 August) that hackers had been able to access reference copies of electoral registers from between the years 2014 and 2022 – files which contained the names and addresses of the 40 million people registered to vote during that timeframe.

While the security breach was only made public on Tuesday (8 August), it first took place all the way back in August 2021. However, shockingly, it was more than a year before anyone noticed the cyber-attack had happened – with reports to the Information Commissioner’s Office (ICO) and National Crime Agency only made in October 2022.

White House Announces Efforts to Strengthen K-12 Schools’ Cybersecurity

=> ↺ White House Announces Efforts to Strengthen K-12 Schools’ Cybersecurity

In a 2019 post about increasing cyber risks in K-12 schools, we cited a report, “The State of K-12 Cybersecurity: 2018 Year in Review,” that contained sobering information about cybersecurity in local school districts across the country. According to that report, in 2018, there were 122 publicly-disclosed cybersecurity incidents affecting school districts across 38 states. Not much has changed. A more recent article looking at ransomware activity in 2023 reports there being 120 attacks against school districts thus far in the year.

=> gemini.tuxmachines.org