Language Selection

English French German Italian Portuguese Spanish

Security: Updates and National Targets

Filed under
Security
  • Security updates for Friday

    Security updates have been issued by Arch Linux (apache, chromium, nodejs, nodejs-lts-erbium, nodejs-lts-fermium, and virtualbox), Fedora (vsftpd and watchdog), Oracle (java-1.8.0-openjdk, java-11-openjdk, and redis:6), and Ubuntu (libcaca, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-azure-5.8, and mailman).

  • This Week In Security: Argentina, MysterySnail, And L0phtcrack | Hackaday

    The government of Argentina has a national ID card system, and as a result maintains a database containing data on every citizen in the country. What could possibly go wrong? Predictably, an attacker has managed to gain access to the database, and is offering the entire dataset for sale. The Argentinian government has claimed that this wasn’t a mass breach, and only a handful of credentials were accessed. This seems to be incorrect, as the seller was able to provide the details of an arbitrary citizen to the journalists investigating the story.

  • Nation-State Attacker of Telecommunications Networks

    LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures.

  • Eswatini Government's gov.sz website is running a cryptojacker | Netcraft News

    The Government of Eswatini’s website, www.gov.sz, is running a cryptojacker. Cryptojackers use website visitors' CPU power to mine cryptocurrency, most often without their knowledge or permission. Data from archive.org suggests the JavaScript snippet was added to the site’s HTML source between 28th September and 6th October.