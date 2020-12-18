Security: Scans, Microsoft Cracked, and Latest Patches
New, free tool adds layer of security for the software supply chain | NYU Tandon School of Engineering
The software supply chain has long been a prime target for cyberattacks, putting servers, IoT devices, personal computers, and connected equipment from surgically embedded devices to avionics at risk of sabotage. These risks will increase dramatically with the global rollout of such new technologies as 5G telecommunications, and new tools will be required to affirm the security and authenticity of software projects. Against this backdrop, in-toto, an open-source tool developed by researchers at the NYU Tandon School of Engineering that provides an unprecedented level of assurance against such attacks, announces it has hit a significant milestone with the release of its first major version.
In-toto is supported by a grant from the National Science Foundation
Modernize Your Intrusion Detection Strategy with an AI-Powered, Open-Source NIDS
Microsoft says it found malicious software in its systems
Microsoft Corp said on Thursday it found malicious software in its systems related to a massive hacking campaign disclosed by U.S. officials this week, adding a top technology target to a growing list of attacked government agencies.
Security updates for Monday
Security updates have been issued by Debian (curl, influxdb, lxml, node-ini, php-pear, and postsrsd), Fedora (chromium, curl, firefox, matrix-synapse, mingw-jasper, phpldapadmin, and thunderbird), Mageia (openjpeg2), openSUSE (gcc7, openssh, PackageKit, python-urllib3, slurm_18_08, and webkit2gtk3), Oracle (fapolicydbug, firefox, nginx:1.16, nodejs:12, and thunderbird), Red Hat (libpq, openssl, and thunderbird), and SUSE (curl, firefox, openssh, ovmf, slurm_17_11, slurm_18_08, slurm_20_02, and xen).
