Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Oct 03, 2024

APNIC ☛ Web PKI: How to protect a popular security service?

Guest Post: Lessons learned from a study on the interrelation of CAA, CT, and DANE in web PKI deployments.

How to Secure Cloud-Native Architectures Without Sacrificing Agility

The real question isn’t just about what risks you are missing, but how to secure your infrastructure without losing the agility offered by cloud-native architectures.

Security Week ☛ T-Mobile to Pay Millions to Settle With FCC Over Data Breaches

T-Mobile has agreed to invest $15.75 million in cybersecurity and pay $15.75 million to settle an FCC investigation into four data breaches.

Federal News Network ☛ Inside HHS’ ‘one-stop shop’ for health sector cybersecurity [Ed: Delete Microsoft]

In the wake of the Change Healthcare ransomware attack, HHS has been expanding its "one-stop shop" for working with the healthcare sector on cyber issues.

Security Week ☛ Critical Zimbra Vulnerability Exploited One Day After PoC Release

A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers.

Didier Stevens ☛ Overview of Content Published in September

Here is an overview of content I published in September

Windows TCO

Security Week ☛ More LockBit Hackers Arrested, Unmasked as Law Enforcement Seizes Servers

Previously seized LockBit websites have been used to announce more arrests, charges and infrastructure disruptions.