• Database containing 106m Thailand travelers' details leaked • The Register

  A database containing personal information on 106 million international travelers to Thailand was exposed to the public internet this year, a Brit biz claimed this week.

  Bob Diachenko, head of cybersecurity research at product-comparison website Comparitech, said the Elasticsearch data store contained visitors' full names, passport numbers, arrival dates, visa types, residency status, and more. It was indexed by search engine Censys on August 20, and spotted by Diachenko two days later. There were no credentials in the database, which is said to have held records dating back a decade.

  “There are many people who would prefer their travel history and residency status not be publicized, so for them there are obvious privacy issues,” wrote Comparitech editor Paul Bischoff on the company’s blog.

• Break out your emergency change process and patch this ransomware-friendly bug ASAP, says VMware

  VMware has disclosed a critical bug in its flagship vSphere and vCenter products and urged users to drop everything and patch it. The virtualization giant also offered a workaround.

• Reproducible Builds (diffoscope): diffoscope 185 released

  The diffoscope maintainers are pleased to announce the release of diffoscope version 185. This version includes the following changes:

  [ Mattia Rizzolo ]
  * Fix the autopkgtest in order to fix testing migration: the androguard
    Python module is not in the python3-androguard Debian package
  * Ignore a warning in the tests from the h5py package that doesn't concern
    diffoscope.
  
  [ Chris Lamb ]
  * Bump Standards-Version to 4.6.0.
  

• Apache Ranger response to incorrect analyst report on Cloud data security

  A recent industry analyst report by GigaOm and sponsored by Immuta comparing Apache Ranger to Immuta paints an incorrect picture on the complexities of using Apache Ranger. We believe the report contains a number of errors and inconsistencies. Unfortunately the Apache Ranger Project Management Committee (PMC) was not contacted by the analyst firm during preparation of the report.

  We have attempted to contact the authors and members of the research team several times, requesting the opportunity to review the inaccuracies and have them corrected. Despite our many attempts to rectify the misinformation, no-one from the analyst firm responded.

  For the benefit of existing and potential users of Apache Ranger, it is important for Apache Ranger PMC to respond to this report with facts.

• VMware Releases Security Updates

  VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

• NETGEAR Releases Security Updates for RCE Vulnerability

  NETGEAR has released security updates to address a remote code execution vulnerability—CVE-2021-40847—in multiple NETGEAR routers. A remote attacker could exploit this vulnerability to take control of an affected system.

• 'Shadow Code' Creates Risk for 99% of Websites

  Shadow code — third-party scripts and libraries often added to web applications without security validation — pose risks to websites and jeopardize compliance with privacy regulations, according to new research released Tuesday.

  Third-party code leaves organizations vulnerable to digital skimming and Magecart attacks, the researchers also noted.

• Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants

  The US Treasury on Tuesday sanctioned virtual cryptocurrency exchange Suex OTC for handling financial transactions for ransomware operators, an intervention that's part of a broad US government effort to disrupt online extortion and related cyber-crime.

  Suex is registered in the Czech Republic but operates out of offices in Russia. According to the US Treasury, more than 40 per cent of the firm's known transaction history involves illicit entities, and that it handled payments from at least eight ransomware variants.

• Lumen Technologies’ Black Lotus Labs Proves Linux Executable Files Can Be Used as Stealth Windows Loaders [Ed: This is a Windows issue, not a "Linux" issue]

• World-Class Cyber Protection Available for Rocky Linux Users

• Security updates for Monday

  Security updates have been issued by Debian (gnutls28, nettle, nextcloud-desktop, and openssl1.0), Fedora (dovecot-fts-xapian, drupal7, ghostscript, haproxy, libtpms, lynx, wordpress, and xen), openSUSE (xen), Red Hat (rh-ruby27-ruby), and SUSE (openssl, openssl1, and xen).

• Microsoft Ruined Passwords, Now Aims for a Passwordless Future

  There’s no shortage of security people who will tell you that passwords are broken. It’s also not a coincidence how many of them sell products to supplement or replace passwords. Microsoft just announced that the passwordless future is here. In their announcement they make it clear that passwords are broken, and they should know–they broke them!

  This passwordless future requires that Microsoft follow in Apple’s and Google’s footsteps in deciding which software you are allowed to run on your computer. These vendors don’t trust you to manage your own security, instead they want you to hand all trust over to them. Without them in control, they don’t believe your hardware can be trusted and untrusted hardware isn’t allowed to login to the passwordless future. As more vendors follow in Microsoft’s footsteps to implement passwordless logins, they too will anchor their trust in the hardware and ultimately in Microsoft (or Apple or Google). In the name of security and convenience your computer will be less and less your own.

• American Malware Purveyor That Did Nothing To Limit Misuse Now Horrified To Find Gov't Of India Misused Its Products

  Another malware purveyor is shocked, SHOCKED to discover its products have been used to do Very Bad Things. Thomas Brewster has more details for Forbes. Here's the setup:

• Does Your Organization Have a Security.txt File?

  It happens all the time: Organizations get hacked because there isn’t an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Or maybe it isn’t entirely clear who should get the report when remote access to an organization’s internal network is being sold in the cybercrime underground.

• Major agriculture group New Cooperative hit by ransomware attack [iophk: Windows TCO]

  Agriculture group New Cooperative group was hit by a ransomware attack over the weekend, potentially endangering operations of a company key to the agricultural supply chain.

  A spokesperson for New Cooperative confirmed the attack to The Hill on Monday, noting in a statement that the company "recently identified a cybersecurity incident that is impacting some of our company’s devices and systems."

• [Old] Explainer: Digitech risks for School Boards

  I'm a parent with two children in public schools in Christchurch, NZ. I'm also a software developer with an interest in education. I'm writing this post to make members of NZ school boards of trustees aware of a significant risks they face, but which I believe few if any school boards in NZ recognise, much less attempt to mitigate.

  These risks are created by the software adopted by nearly every school in NZ. This software is provided via national-level agreements made by the Ministry of Education with their vendors, who are mostly US-based multinational technology corporations. Increasingly, school curriculums completely depend on this software.

  Today, nearly every school in NZ is either a 'Microsoft Office 365' or a 'Google Classroom' school. Many schools also embed products like SeeSaw and StoryPark into their student assessment process and depend on them for parental engagement.

  My goal here is to explain the liabilities lurking within this status quo, and how the Ministry of Education has divested responsibility for these liabilities onto individual school board members.

Big businesses are willing to pay top dollars to find access to your sensitive data to design targeted ads. What’s scary is that there are criminals also prowling in the shadows for this information. You must protect yourself. Installing browsers like Tor that ensure online anonymity greatly boost your privacy and security. Downloading a VPN offers greater privacy hiding your identity on the internet. Keep the nosy snoopers away with Tor.