Heise Security-Alert

• Sicherheitsupdates: Aruba EdgeConnect SD-WAN vielfältig attackierbar 25. Juli 2024
  Die Entwickler von HPE haben in Arubas SD-WAN-Lösung EdgeConnect mehrere gefährliche Sicherheitslücken geschlossen.
• Siemens SICAM: Angreifer können Admin-Passwort zurücksetzen 24. Juli 2024
  SCADA-Systeme der SICAM-Reihe von Siemens kommen in kritischen Infrastrukturen zum Einsatz. Sicherheitsupdates schließen eine kritische Lücke.
• Software-Distributionssystem TeamCity erinnert sich an gelöschte Zugangstoken 23. Juli 2024
  Angreifer können an sechs mittlerweile geschlossenen Sicherheitslücken in JetBrain TeamCity ansetzen.
• Backup-System Data Protection Advisor von Dell vielfältig angreifbar 23. Juli 2024
  Dell hat mehrere Sicherheitslücken in Data Protection Advisor geschlossen. Es kann Schadcode auf Systeme gelangen.

BSI Bund-Cert

Bruce Schneier

• The CrowdStrike Outage and Market-Driven Brittleness 25. Juli 2024
  Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The outage affected more than 8.5 million Windows computers, and the cost will surely […]
• Data Wallets Using the Solid Protocol 25. Juli 2024
  I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownership. This week, we announced a digital wallet based on the Solid architecture. Details are here, but basically a digital wallet is a repository for personal data and documents. Right now, […]
• Robot Dog Internet Jammer 24. Juli 2024
  Supposedly the DHS has these: The robot, called “NEO,” is a modified version of the “Quadruped Unmanned Ground Vehicle” (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, the director of DHS’s Federal Law Enforcement Training Centers (FLETC), told police at the 2024 Border Security Expo in Texas that DHS is […]
• 2017 ODNI Memo on Kaspersky Labs 23. Juli 2024
  It’s heavily redacted, but still interesting. Many more ODNI documents here.