Harry Sintonen

Apparently some of the source code of the Sweden's E-Government platform has been stolen from CGI Sverige AB in a "sustained compromise". The impact of this breach is unclear. In best scenarios the leak of the source code would largely not matter: You should build your systems in a way that access to source code doesn't lead to a compromise. However, some reporting does mention that some credentials would have leaked as well. This sounds quite bad. However, credentials and keys are typically fairly easy to revoke and update (or this should be the case in most well designed systems). Don't get me wrong, this is quite terrible. But it might not be as bad as it might initially seem like. #infosec #cybersecurity #cgi

#CrackArmor: Multiple vulnerabilities in #AppArmor https://cdn2.qualys.com/advisory/2026/03/10/crack-armor.txt These vulnerabilities allow a local attacker to bypass the security normally provided by AppArmor. Also, in some situations, it allows privilege escalation to root by selectively blocking specific syscalls. #infosec #cybersecurity #qualys