Tux Machines
Security Leftovers and Windows TCO
Posted by Roy Schestowitz on Sep 19, 2024
Tigera Adds Vulnerability Management Capabilities to Calico Platform
Tigera today extended the reach of the network virtualization platform for cloud-native application environments based on open-source Calico software into the realm of vulnerability management.
APNIC ☛ The ultimate weapon against DDoS — BGP Flowspec
Guest Post: How to filter malicious traffic directly at the network edge, without third-party scrubbing centres.
Federal News Network ☛ GuidePoint Security brings regional commercial conferences to public sector
Federal employees can hear from zero trust experts across the public sector at GPSEC, and learn how to transform their cybersecurity practices.
Security Week ☛ Threat Actors Target Accounting Software Used by Construction Contractors
Malicious hackers are caught brute-forcing Foundation Accounting Software at scale, compromising organizations in the construction industry.
Security Week ☛ Australian Police Infiltrate Encrypted Messaging App Ghost and Arrest Dozens
Australian police have infiltrated encrypted messaging app Ghost, which has been used for illegal activities, and arrested dozens of people.
Security Week ☛ CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities
CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them.
Security Week ☛ AT&T to Pay $13 Million in Settlement Over 2023 Data Breach
AT&T has agreed to pay $13 million in a settlement with the FCC over a 2023 data breach at a third-party vendor’s cloud environment.
Pen Test Partners ☛ Cyber threats to shipping explained
TL;DR Modern vessels are becoming increasingly connected.
Windows TCO
SANS ☛ Python Infostealer Patching backdoored Windows Exodus App, (Wed, Sep 18th)
Infostealers are everywhere these days. They target mainly browsers (cookies, credentials) and classic applications that may handle sensitive information.
University of Michigan ☛ Enhanced Duo security feature starts Sept. 25 [Ed: Windows TCO is real and gadgets with snake-oil cannot overcome it]
U‑M community members who use Duo two-factor authentication push notifications will be required to enter a three-digit code when logging into U‑M Weblogin, starting at noon Sept. 25.