💾 Archived View for gemini.tuxmachines.org › n › 2023 › 05 › 24 › Security_Leftovers.1.gmi captured on 2023-05-24 at 17:45:11. Gemini links have been rewritten to link to archived content

View Raw

More Information

➡️ Next capture (2024-07-09)

-=-=-=-=-=-=-

Tux Machines

Security Leftovers

Posted by Roy Schestowitz on May 24, 2023

Red Hat Leftovers

today's howtos

Rheinmetall Says Military Business Not Impacted by Ransomware Attack

=> https://www.securityweek.com/rheinmetall-says-military-business-not-impacted-by-ransomware-attack/ ↺ Rheinmetall Says Military Business Not Impacted by Ransomware Attack

Rheinmetall confirms being hit by Black Basta ransomware group, but says its military business is not affected.

Google Launches Bug Bounty Program for Mobile Applications

=> https://www.securityweek.com/google-launches-bug-bounty-program-for-mobile-applications/ ↺ Google Launches Bug Bounty Program for Mobile Applications

Google introduces Mobile VRP bug bounty program for vulnerabilities in its mobile applications.

Trusted publishing: a new benchmark for packaging security

=> https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/ ↺ Trusted publishing: a new benchmark for packaging security

Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index to add a new, more secure authentication method called “trusted publishing.”

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own

=> https://www.securityweek.com/mikrotik-belatedly-patches-routeros-flaw-exploited-at-pwn2own/ ↺ Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own

MikroTik patches a major security defect in its RouterOS product a full five months after it was exploited at Pwn2Own Toronto.

Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign

=> https://www.securityweek.com/threat-actor-abuses-supermailer-for-large-scale-phishing-campaign/ ↺ Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign

A credential phishing campaign using the legitimate SuperMailer newsletter distribution app has doubled in size each month since January 2023.

Cutting Through the Noise: What is Zero Trust Security?

=> https://www.securityweek.com/cutting-through-the-noise-what-is-zero-trust-security/ ↺ Cutting Through the Noise: What is Zero Trust Security?

With proactive steps to move toward Zero Trust, technology leaders can leverage an old, yet new, idea that must become the security norm.

Iranian Hackers Using New Windows Kernel Driver in Attacks

=> https://www.securityweek.com/iranian-hackers-target-middle-east-entities-with-new-windows-kernel-driver/ ↺ Iranian Hackers Using New Windows Kernel Driver in Attacks

Iranian threat actors use a Windows kernel driver called ‘Wintapix’ in attacks against Middle East targets.

New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments

=> https://www.securityweek.com/new-goldenjackal-apt-targets-middle-east-south-asia-governments/ ↺ New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments

The newly detailed GoldenJackal APT has been targeting government and diplomatic entities in the Middle East and South Asia since 2019.

gemini.tuxmachines.org