Fedora: Security Advisory (FEDORA-2025-5acdf83593)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

US Disrupts Massive Cell Phone Array in New York

This is a weird story: The US Secret Service disrupted a network of telecommunications devices that could have shut down cellular systems as leaders gather for the United Nations General Assembly in New York City. The agency said on Tuesday that last month it found more than 300 SIM servers and...

Airline data broker selling 5 billion passenger records to US government

We already knew that the US airline industry gave the government access to passenger records. However, this week it emerged that at least five billion passenger records are being sold to government agencies via a searchable database—far more than was initially believed. A few weeks ago,...

Fedora: Security Advisory (FEDORA-2025-c71f0af9b2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: rust-secret-service-5.1.0-1.fc41

Library to interface with Secret Service API...

Fedora 41 : rust-secret-service / uv (2025-c71f0af9b2)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-c71f0af9b2 advisory. Security fix for CVE-2025-58160: rebuilt uv and python-uv-build with rust-tracing-subscriber 0.3.20. Initial package for rust-secret-service in Fedora 43...

[SECURITY] Fedora 43 Update: rust-secret-service-5.1.0-1.fc43

Library to interface with Secret Service API...

[SECURITY] Fedora 42 Update: rust-secret-service-5.1.0-1.fc42

Library to interface with Secret Service API...

Fedora 42 : rust-secret-service / uv (2025-d757bc292e)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-d757bc292e advisory. Security fix for CVE-2025-58160: rebuilt uv and python-uv-build with rust-tracing-subscriber 0.3.20. Initial package for rust-secret-service in Fedora 43...

Fedora 43 : python-uv-build / rust-secret-service / uv (2025-5acdf83593)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-5acdf83593 advisory. Security fix for CVE-2025-58160: rebuilt uv and python-uv-build with rust-tracing-subscriber 0.3.20. Initial package for rust-secret-service in Fedora 43...

Fedora: Security Advisory (FEDORA-2025-d757bc292e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2018-19358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, ...

Feds Link $150M Cyberheist to 2022 LastPass Hacks

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U....

Secret Service Tracking People’s Locations without Warrant

This feels important: The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn't need a warrant...

HUMINT in a cyber world

TL;DR HUMINT / Human Intelligence is gathered from a person in the location in question. It’s the sort of information we think of in the context of spying. A modern intelligence apparatus is multi-discipline with many different collection methods. HUMINT sources include officers, agents, diplomat...

Who Stole 3.6M Tax Records from South Carolina?

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the states revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a...

DoppelPaymer ransomware group suspects identified

The German police in cooperation with the US Secret Service have executed search warrants against suspected members of the DoppelPaymer ransomware group in Germany and Ukraine. In March of 2023, we reported how the German Regional Police and the Ukrainian National Police, with support from Europo...

Ex-USSS CISO Explains Agencies' Struggle with Biden EO

Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden's cybersecurity executive order...

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Nikita Kislitsin, formerly the head of network security for one of Russias top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice. Experts say Kislitsins prosecution could soon put the Kazakhstan government in a...

$10M Is Yours If You Can Get This Guy to Leave Russia

The U.S. government this week put a $10 million bounty on a Russian man who for the past 18 years operated Try2Check, one of the cybercrime undergrounds most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkovs card-checking service...