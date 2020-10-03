Security Leftovers
Security updates for Tuesday
Security updates have been issued by Fedora (chromium, libproxy, mumble, and thunderbird), openSUSE (perl-DBI), Red Hat (qemu-kvm-rhev, rh-mariadb102-mariadb and rh-mariadb102-galera, rh-maven35-jackson-databind, spice and spice-gtk, and unbound), SUSE (gnutls, java-1_7_0-openjdk, openssl1, and perl-DBI), and Ubuntu (brotli, cyrus-imapd, openconnect, opendmarc, python-urllib3, ruby-rack-cors, spice, tika, and yaws).
Attackers use complicated method to try and steal cryptocurrency
Ganot said the attack was likely to have been an SMSC (short message service centre) spoofing attack; this uses the roaming function and the attackers need access to a cellular network that interacts with Israeli networks.
“It’s a rare assault. The hackers send a message from a foreign cell network to an Israeli one, updating the client’s location. For example: ‘The client has just landed in Tbilisi, he has registered with our network. Please route his SMS messages via this network'," Ganot explained.
Ransomware gangs add DDoS to their arsenal to put pressure on victims
Ransomware gangs appear to have added another tool to their arsenal in order to extort ransoms from their victims, with some using distributed denial of service attacks to pile on the pressure.
A gang of cyber criminals using SunCrypt, a new addition to the ransomware fold, claim to have staged a DDoS to attack the Irish company Glen Dimplex Home Appliances.
Formerly known as Glen Electric, the company is an electrical goods firm that has its headquarters in Dublin and manufacturing and development centres in the UK, China and a few other countries.
Glen also has branches in North America, Germany, the Netherlands, Japan, Poland, Belgium, France, Australia and Scandinavia.
Nervous System: The Sleepy History of the Buffer Overflow Attack
With the aggressive pace of technological change and the onslaught of news regarding data breaches, cyber-attacks, and technological threats to privacy and security, it is easy to assume these are fundamentally new threats. The pace of technological change is slower than it feels, and many seemingly new categories of threats have been with us longer than we remember. Nervous System is a monthly series that approaches issues of data privacy and cyber security from the context of history—to look to the past for clues about how to interpret the present and prepare for the future.
Should Rockets Have Only Free Software? Free Software and Appliances
Could there be a rocket that is totally free software? Should we demand that SpaceX liberate the software in its satellite launching rockets? I don't think the person who asked me this was serious, but answering that question may illuminate similar issues about the sorts of products people really buy today. As far as I know, software as such is not capable of generating thrust. A rocket is necessarily principally a physical device. But it may include computerized control and telemetry systems, and thus software. If someone offered to sell me a rocket, I would treat it like any other appliance. Consider, for instance, a thermostat. If it contains software to be modified, all the software in it needs to be free. If, however, the software in it needs not ever be altered, and it communicates only through some limited interface, such as buttons on the control panel, a TV remote control, or a USB interface with a fixed set of commands, I would not consider it crucial to know what is inside the thermostat: whether it contains a special-purpose chip, or a processor running code, makes no direct difference to me as user. If it does contain code, it might as well have a special chip instead, so I don't need to care which it is.
today's howtos
Android Leftovers
DXVK 1.7.2 Released
