Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Sep 02, 2023

=> PHP 8.1.23 and PHP 8.3.0 RC 1 Released | You Can Now Install Linux Kernel 6.5 on Ubuntu, Here’s How

Sourcegraph Discloses Data Breach Following Access Token Leak

=> ↺ Sourcegraph Discloses Data Breach Following Access Token Leak

Sourcegraph says customer information was breached after an engineer accidentally leaked an admin access token.

Over $1 Million Offered at New Pwn2Own Automotive Hacking Contest

=> ↺ Over $1 Million Offered at New Pwn2Own Automotive Hacking Contest

ZDI is offering more than $1 million at the Pwn2Own Automotive hacking contest, hosted in January at the Automotive World conference in Tokyo.

Energy Department Offering $9M in Cybersecurity Competition for Small Electric Utilities

=> ↺ Energy Department Offering $9M in Cybersecurity Competition for Small Electric Utilities

Small electric utilities in the US offered $9 million as part of a competition whose goal is to help them boost their cybersecurity posture.

Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks

=> ↺ Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks

A vulnerability in the All-in-One WP Migration plugin’s extensions exposes WordPress websites to attacks leading to sensitive information disclosure.

Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence

=> ↺ Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence

Splunk has released patches for multiple high-severity vulnerabilities impacting Splunk Enterprise and IT Service Intelligence.

Dangling DNS Used to Hijack Subdomains of Major Organizations

=> ↺ Dangling DNS Used to Hijack Subdomains of Major Organizations

Dangling DNS records were abused by researchers to hijack subdomains belonging to major organizations, warning that thousands of entities are impacted.

500k Impacted by Data Breach at Fashion Retailer Forever 21

=> ↺ 500k Impacted by Data Breach at Fashion Retailer Forever 21

Fashion retailer Forever 21 says that the personal information of more than 500,000 individuals was compromised in a data breach.

Optus says it will not release Deloitte report into data breach

=> ↺ Optus says it will not release Deloitte report into data breach

Telco Singtel Optus will not release a report into the data breach it suffered last year, which it commissioned professional services firm Deloitte to carry out, the company has confirmed.

Asked about the report on Thursday, an Optus spokesperson said: "Optus can confirm that Deloitte has completed its report. The report is confidential and the subject of a legal professional privilege claim."

No details were given as to the "legal professional privilege claim".

Lawsuit Accuses University of Minnesota of Not Doing Enough to Prevent Data Breach

=> ↺ Lawsuit Accuses University of Minnesota of Not Doing Enough to Prevent Data Breach

A lawsuit filed on behalf of a former student and former employee at the University of Minnesota accuses the university of not doing enough to protect personal information from a recent data breach.

=> gemini.tuxmachines.org