Cybersecurity News: Japanese auto security, Feds tap encrypted messages, Microsoft breaks Linux dual-booting
In today’s cybersecurity news…
Security initiative from Japanese auto companies
Dozens of companies in the Japan Automotive Information Sharing and Analysis Center signed on to a collaborative initiative to improve cybersecurity for automobiles. These include industry heavyweights like Toyota and Mazda, parts manufacturers Aisin and Denso, and component supplier Hitachi. Their initial proposal would standardize software bill of materials, SBOMs, between companies. The idea is to make it easier to determine vulnerable components across connected cars. The group began working with the Japan Automobile Manufacturers Association to assess practical issues with the proposal, with hopes to adopt the standard as early as fiscal 2025.
Feds tapping into encrypted messaging haul
According to a review of court records by 404 Media, US law enforcement agencies ramped up access to encrypted chat messages obtained as part of a trove of messages from European agencies from the phone company Sky back in 2021. Records show no indication US agencies have bulk access to this data, rather received from European partners for particular people under investigation. It’s unclear how authorities obtained this trove of messages, but Sky itself claimed someone created a fake version of the app and sold phones loaded with it on “unauthorized channels.” The cases profiled by 404 Media all involved prosecutions involving narcotics smuggling and distribution.
Microsoft breaks Linux dual-boot systems
File this under “This is why we can’t have nice things.” Last week, Linux users reported boot failures on machines running both Linux and Windows. This came as a result of issues with a patch to a two-year-old secure boot bypass vulnerability on devices with the open-source GRUB bootloader installed. Microsoft said the update would only install an SBAT to revoke components in the boot path causing the issue on systems with only Windows installed, but multiple Linux distributions dual-booted with Windows, including Debian, Ubuntu, and my beloved Puppy Linux saw boot issues. Disabling Secure Boot or deleting the SBAT Microsoft pushed in the update remediates the issue, but so far no comment from Microsoft on the issue.
Microchip Technology hit by cyberattack
The US chipmaker reported to the Securities and Exchange Commission that “potentially suspicious activity” over the weekend inhibited the use of “certain servers and some business operations.” As of this recording, it says it’s still operating “at less than normal levels,” with order volume impacted. Its response to the incident sounds bog-standard: isolating impacted systems, shutting down services, and calling in third-party experts to help investigate. No other specific on who orchestrated the attack, but we’ll follow up as more details come to light.
Bypass flaw discovered on GitHub Server
GitHub disclosed a vulnerability in its Enterprise Server that opens the door for an attacker to “forge a SAML response to provision and/or gain access to a user account with site administrator privileges.” GitHub released patches for the issue going back to version 3.10. The company cautioned that admins may see errors in the configuration process after applying the update, but that instances will still boot correctly. There are currently over 36,000 GitHub Enterprise Server instances exposed online, but it’s not clear how many remain vulnerable.
Comments
Post a Comment