Security Leftovers
-
Fundamental Flaw in RNGs Affects Many IoT Devices | Decipher
The hardware-based random number generators used in most modern IoT devices have a serious fundamental weakness that undermines the security of the encryption keys they generate for communications: The RNGs don’t really generate random numbers.
That’s a fairly serious issue when the whole function of the RNG is to generate random numbers, which are then used as seeds for encryption keys. Researchers from Bishop Fox found that the overwhelming majority of the tens of billions of IoT devices in use today have flawed RNGs, a vulnerability that is not limited to a group of vendors or specific IoT operating systems. It’s a widespread problem that security researchers have been discussing in various forms for some time, and there’s no simple way to address it.
-
Comparing macOS vs. Windows security [Ed: Apple+Microsoft false dichotomy. Both are proprietary and both admit to providing state-controlled back doors]
-
Network Server Management: Datadog vs. NetCrunch
-
Retail sector top target for ransomware attack in 2020: Report [iophk: Windows TCO]
The global retail sector faced the highest level of ransomware attacks during 2020, with 44 per cent of organisations hit (compared to 37 per cent across all industry sectors), according to a report by UK-based cybersecurity firm Sophos on Wednesday.
-
Consulting group Accenture hit by cyberattack
Global consulting group Accenture confirmed Wednesday that it had been hit by a cyberattack, becoming the latest in a string of organizations in recent months to be targeted.
-
Another big company hit by a ransomware attack
Accenture (ACN)'s encrypted files will be published by the group on the dark web on Wednesday unless the company pays the ransom, LockBit claimed, according to screenshots of the website reviewed by CNN Business and Emsisoft, a cybersecurity firm.
Stacey Jones, an Accenture spokesperson, confirmed a cybersecurity incident to CNN Business on Wednesday, but did not explicitly acknowledge a ransomware attack.
-
Zoom’s new focus mode could keep students from distracting each other
Zoom has announced a new Focus mode, which it says is meant to keep students from getting distracted while in a virtual classroom, while still allowing the teacher to keep an eye on everybody. When activated, Focus mode will make it so that a meeting’s participants won’t be able to see each other’s videos or screen shares, while the host is still able to see everyone’s webcams. It provides some of the control found in Webinar mode, without the complexity and lack of flexibility that comes with it — for instance, a teacher could turn on Focus mode while presenting, and then turn it off when it’s time for a class discussion. And, while hosting a Webinar costs money, Focus mode appears to be available to free accounts, based on my testing.
-
Achieving SOC2 Compliance for Teleport Cloud with Teleport On-Prem
SOC2 has a few control areas related to SSH management. Teleport goes beyond what’s typically required, and we hope that SOC2 requirements will eventually be updated to make using certificates the expectation.
-
- Login or register to post comments
- Printer-friendly version
- 742 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
The Linux Kernel Begins Preparing For AV1 Decode Support
The number of hardware platforms providing accelerated AV1 coding is still quite limited for now but with more hardware coming to market supporting encode/decode of this royalty-free video codec, the Linux kernel's media subsystem is getting ready. A "request for comments" patch series was sent out on Tuesday by Collabora's Daniel Almeida for implementing the stateless AV1 user-space API for the Linux kernel within the media subsystem.
today's leftovers
Security Leftovers
PostgreSQL 13.4, 12.8, 11.13, 10.18, 9.6.23, and 14 Beta 3 Released!
The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 13.4, 12.8, 11.13, 10.18, and 9.6.23, as well as the third beta release of PostgreSQL 14. This release closes one security vulnerability and fixes over 75 bugs reported over the last three months.
Recent comments
29 min 45 sec ago
1 hour 29 min ago
1 hour 35 min ago
1 hour 38 min ago
2 hours 25 min ago
12 hours 15 min ago
13 hours 20 min ago
14 hours 40 min ago
14 hours 43 min ago
15 hours 50 min ago