Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Chinese Researchers ...

 Firewall Daily

A team of researchers from China has broken RSA encryption using quantum computing technology. Utilizing D-Wave’s advanced quantum annealing systems, this innovative research raises pressing concerns about the security of widely adopted cryptographic methods.  The findings were published in the Chinese Journal of   show more ...

Computers under the title “Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage.” This paper highlights the researchers' pioneering approach to not only breaking RSA encryption but also launching attacks on symmetric encryption systems.   The implications of these results could accelerate the timeline for when quantum computers may pose a tangible threat to traditional cryptographic frameworks.   Breaking RSA Encryption with Quantum Computing   The study was initiated by Wang Chao, a prominent researcher from Shanghai University, along with his colleagues Wang Qidi, Hong Chunlei, Hu Qiaoyun, and Pei Zhi. Their research focused on two main strategies utilizing D-Wave’s quantum computing capabilities to mount attacks on RSA encryption.   [caption id="attachment_91406" align="alignnone" width="876"] Source: Chinese Journal of Computers[/caption] The first approach involved redefining cryptographic attacks as combinatorial optimization problems, specifically using Ising and Quadratic Unconstrained Binary Optimization (QUBO) models. This reformulation enabled the successful factorization of the integer 2,269,753, an achievement that surpasses prior results from other laboratories.   The second strategy employed quantum annealing techniques to optimize the closest vector problem (CVP), culminating in the successful factorization of a 50-bit RSA integer. These breakthroughs underscore the robust capabilities of D-Wave systems, particularly given the slow pace of advancements in quantum computing as a whole.   Highlights of the Research   The paper meticulously describes the team’s approach to integer factorization and CVP optimization:   Integer Factorization: By restructuring cryptographic problems, the researchers were able to leverage the D-Wave Advantage system to effectively factor 2,269,753. This is a significant milestone in demonstrating the potential of quantum computing in tackling complex cryptographic challenges.   CVP Optimization: The optimization of the CVP using quantum annealing not only enhances efficiency but also represents a groundbreaking moment in the quest for cracking RSA integers. The team's success in factorizing a 50-bit integer showcases the promise of D-Wave's technology in real-world applications.   These findings suggest that quantum annealing may provide significant advantages over traditional quantum algorithms, particularly in overcoming challenges like the barren plateau problem often encountered in Noisy Intermediate-Scale Quantum (NISQ) devices.   Current Landscape of Quantum Computing   The researchers contextualized their findings within the broader landscape of quantum computing. Recent breakthroughs by various institutions, including Professor Yin Hualei's advancements in quantum-secure networks and Google's quantum systems, remain limited when it comes to breaking encryption efficiently. The D-Wave Advantage system, however, appears to be carving out a niche that positions it favorably for public key cryptography applications.   D-Wave Systems Inc., founded in 1999, has consistently led the quantum computing sector. Its machines, including the D-Wave 2000Q and the forthcoming Advantage 2, operate in conditions close to absolute zero and utilize quantum tunneling to enhance optimization processes.    The efficiency of these systems is crucial for tasks involving complex computations like those needed for breaking RSA encryption. 

image for Millions at Risk: Je ...

 Firewall Daily

The Jetpack WordPress plugin, developed by Automattic, has recently rolled out a crucial security update to address a vulnerability that impacts approximately 27 million websites. This Jetpack vulnerability allows logged-in users to access submitted forms on sites utilizing the plugin, posing potential privacy risks   show more ...

for users and site owners.   Jetpack, an all-in-one plugin designed to enhance website performance, safety, and traffic growth, was initially flagged for this vulnerability during an internal security audit. This issue has been traced back to version 3.9.9, released in 2016.   According to the official announcement from Jetpack, “Earlier today we released a new version of Jetpack, 13.9.1. This release contains a critical security update. While we have no evidence that this vulnerability has been exploited yet, please update your version of Jetpack as soon as possible to ensure the security of your site.”   Understanding the Jetpack Vulnerability   The vulnerability in Jetpack specifically affects the Contact Form feature, which has been present since version 3.9.9. Any logged-in user could potentially read the forms submitted by other visitors on the same site. The security team at Jetpack has collaborated closely with the WordPress.org Security Team to ensure that all versions of Jetpack since 3.9.9 have been patched. This comprehensive approach aims to minimize risks for users and enhance the overall security framework of the plugin.   To make the update process seamless, most websites utilizing the Jetpack plugin have been or will soon be automatically updated to a secure version. The Jetpack team provided a detailed list of 101 versions of the plugin that have been updated, including:   13.9.1   13.8.2   13.7.1   Continuing all the way back to 3.9.10   If a site is operating on any of these versions, it is now secure against this specific vulnerability in the WordPress plugin.   Community Response and Precautionary Measures   While Jetpack maintains that there is currently no evidence suggesting this WordPress plugin vulnerability has been exploited in the wild, the nature of security flaws means that potential threats can emerge swiftly after an update is released. The Jetpack team urges users to take immediate action to ensure their sites are running the most up-to-date version of the plugin.   They also emphasized, “We apologize for any extra workload this may put on your shoulders today. We will continue to regularly audit all aspects of our codebase to ensure that your Jetpack site remains safe.” This statement underscores their commitment to ongoing vigilance and improvement, reassuring users that the Jetpack vulnerability is being taken seriously.   The Importance of Regular Updates   The recent Jetpack vulnerability highlights the critical importance of keeping WordPress plugins updated. Failure to do so can leave websites susceptible to unauthorized access and data breaches, which can lead to significant repercussions for both site owners and users. Users are encouraged to not only update their Jetpack installations but also to remain proactive about monitoring all plugins in use on their WordPress sites. Regular updates, coupled with best cybersecurity practices, can greatly reduce the risk of vulnerabilities in WordPress plugins and other website components.

image for Patch Now: GitLab Fi ...

 Firewall Daily

GitLab has announced the release of critical patches for its Community Edition (CE) and Enterprise Edition (EE) with versions 17.4.2, 17.3.5, and 17.2.9. These GitLab critical patches are essential for all self-managed GitLab installations, as they address a series of vulnerabilities and bugs that could potentially   show more ...

compromise the integrity of user data and system security.    GitLab.com is already operating on the patched versions, while GitLab Dedicated customers are advised that no immediate action is necessary on their part.   Latest GitLab Critical Patches The GitLab critical patches contain crucial fixes for vulnerabilities in GitLab, and the company strongly urges all users to upgrade their installations without delay. Maintaining the latest version not only protects user data but also ensures compliance with GitLab's commitment to security. For those who rely on self-managed instances, the upgrades are not merely recommended; they are critical for operational integrity.   GitLab follows a structured release schedule that includes both planned and ad-hoc critical patches. Scheduled releases occur twice a month, specifically on the second and fourth Wednesdays, while critical patches address high-severity vulnerabilities as they arise. For additional information on release schedules, users can refer to GitLab's release handbook and security FAQ.   As part of GitLab’s transparent approach, details about each vulnerability are made publicly available on their issue tracker 30 days after the patch is released. This allows users to stay informed about potential threats and the measures taken to mitigate them.   Key Vulnerabilities Addressed   The latest GitLab critical patches contain multiple fixes for vulnerabilities in GitLab, categorized by severity. Here are some notable issues that have been patched:   Critical Vulnerability: Running Pipelines on Arbitrary Branches (CVE-2024-9164) This critical vulnerability allowed attackers to run pipelines on arbitrary branches across versions from 12.5 up to the latest release prior to the patches. The severity rating for this issue is CVSS 9.6, indicating a substantial threat level. High Severity: Impersonating Arbitrary Users (CVE-2024-8970) Another significant vulnerability allowed an attacker to trigger a pipeline as another user under specific conditions. This issue affected versions starting from 11.6 up to 17.4.2 and was also rated high with a CVSS score of 8.2.  High Severity: SSRF in Analytics Dashboard (CVE-2024-8977) Instances with Product Analytics Dashboard enabled were found vulnerable to Server-Side Request Forgery (SSRF) attacks. This issue, affecting versions starting from 15.10, was rated high with a CVSS score of 8.2. Again, thanks to community vigilance, this vulnerability has been patched.   High Severity: Slow Diffs of Merge Requests with Conflicts (CVE-2024-9631) Viewing diffs of merge requests (MR) that contain conflicts was notably slow due to inefficiencies in processing. This issue impacted versions starting from 13.6, and although it does not compromise security per se, it can hinder productivity. This vulnerability also received a high severity rating of 7.5.   High Severity: HTML Injection in OAuth Page (CVE-2024-6530) A cross-site scripting (XSS) vulnerability was identified, allowing unauthorized HTML rendering when authorizing new applications. This vulnerability was patched in all versions prior to the latest releases and carries a severity rating of 7.3.   Medium Severity: Deploy Keys Pushing Changes to Archived Repositories (CVE-2024-9623) A medium severity issue was discovered where deploy keys could push changes to archived repositories. This vulnerability affects versions starting from 8.16 and poses risks if not addressed.   Low Severity: GitLab Instance Version Disclosure (CVE-2024-9596) A low-severity issue allowed unauthenticated attackers to discover the version number of a GitLab instance, which could lead to targeted attacks. This vulnerability highlights the importance of safeguarding even seemingly minor details in system configurations.  Recommended Actions for Users   Given the critical nature of these GitLab vulnerabilities, the organization strongly advises all users running affected versions to upgrade to the latest patch releases as soon as possible. The GitLab community, which includes both self-managed and cloud users, can significantly benefit from these updates.   For users looking to update their GitLab installations, guidance is available on the GitLab Update page. Additionally, instructions for updating GitLab Runner can be found on a separate page dedicated to the runner's updates.  

image for Cyber Resilience Act ...

 Cyber News

The European Union has officially adopted the Cyber Resilience Act, a new law that establishes stringent cybersecurity requirements for products with digital components. This regulation aims to safeguard consumers and businesses by ensuring that a wide range of products—ranging from home cameras and fridges to   show more ...

televisions and toys—meet stringent cybersecurity standards before being placed on the market. With the rapid growth of the Internet of Things (IoT) and connected devices, this law seeks to address critical gaps in the existing legislative framework and ensure that digital products across the EU are secure throughout their entire lifecycle. A Comprehensive Approach to Cybersecurity The Cyber Resilience Act was officially adopted by the Council of the European Union with the primary goal of ensuring that products with digital elements are safe and secure before reaching consumers. By introducing EU-wide cybersecurity requirements, the new law covers all aspects of the digital product lifecycle, from design and development to production and market availability. The new regulation targets both hardware and software products, aiming to streamline cybersecurity measures across member states and eliminate the confusion that arises from overlapping national laws. One of the key features of the Cyber Resilience Act is the CE marking requirement, which will apply to products that meet the new cybersecurity standards. This well-known label, currently used to signify compliance with safety, health, and environmental regulations, will now also indicate that a product has met the EU’s rigorous cybersecurity requirements. The CE marking will be mandatory for all products traded within the European Economic Area (EEA) that are connected directly or indirectly to another device or a network. This broad scope of coverage means that devices such as smart home appliances, IoT devices, and digital toys will be subjected to the same cybersecurity scrutiny, ensuring that consumers are better protected from the growing risk of cyberattacks. However, some exceptions will apply to specific product categories that already fall under existing EU rules, such as medical devices, aeronautical products, and cars, where cybersecurity requirements are already in place. Empowering Consumers with Cybersecurity Insights One of the key objectives of the Cyber Resilience Act is to empower consumers by making cybersecurity a central factor in their purchasing decisions. The regulation ensures that consumers can easily identify products that adhere to strict cybersecurity standards, making it easier for them to select safe and secure devices. By increasing transparency, the EU aims to build consumer trust in the digital market and mitigate risks such as data breaches, hacking, and unauthorized access to personal devices. In the context of rising cybercrime and increasingly sophisticated cyber espionage attacks, the Cyber Resilience Act represents a proactive step toward protecting not only consumers but also the broader digital ecosystem. Simplifying Cybersecurity Compliance for Businesses For businesses operating within the EU, the Cyber Resilience Act provides much-needed clarity by consolidating cybersecurity requirements into a single, coherent legislative framework. By eliminating the confusion caused by varying national regulations, the law simplifies compliance for companies that design, develop, and manufacture digital products. The introduction of the CE marking for cybersecurity will serve as a clear indicator that products comply with EU standards, helping businesses avoid penalties and ensuring that their products can be traded freely within the EU’s single market. Additionally, the act takes into account the entire supply chain, requiring manufacturers to consider cybersecurity risks not only in the final product but also throughout the various stages of production. This comprehensive approach ensures that vulnerabilities are addressed early, reducing the likelihood of exploits being introduced during the manufacturing process. Next Steps for the Cyber Resilience Act Now that the Cyber Resilience Act has been adopted by the Council, the legislative process is nearing its final stages. The act will soon be signed by the presidents of the Council and the European Parliament, and it is expected to be published in the EU’s official journal in the coming weeks. Following its publication, the regulation will come into force 20 days later. However, businesses and consumers will have a transition period before the law fully takes effect. The Cyber Resilience Act will apply 36 months after its entry into force, giving companies ample time to adjust their practices and ensure compliance. Some provisions of the law will apply earlier, though, providing an incremental approach to its implementation. The EU’s Cybersecurity Evolution The Cyber Resilience Act is part of a broader push by the EU to enhance its cybersecurity framework in response to growing threats. First proposed by European Commission President Ursula von der Leyen in her State of the Union address in 2021, the act complements existing EU laws, including the NIS Directive (Network and Information Security), the NIS 2 Directive, and the EU Cybersecurity Act. Together, these legislative measures aim to create a robust and resilient digital ecosystem that can withstand the growing number of cyberattacks. The Cyber Resilience Act also reflects the EU’s commitment to strengthening its cyber posture, as outlined in the Council conclusions from May 2022. Following extensive interinstitutional negotiations, a provisional agreement on the act was reached on 30 November 2023, signaling the EU’s determination to lead the charge in global cybersecurity efforts.

image for China Says Volt Typh ...

 Espionage

Washington's narrative - corroborated by Microsoft’s findings - of the China-linked Volt Typhoon group is just a cover for U.S. intelligence hacking into Chinese infrastructure, a 60-page report from Beijing's top cyber defense agency charged. The report, released on Monday by the National Computer Virus   show more ...

Emergency Response Center (CVERC), accused the U.S. government of meticulously crafting a disinformation campaign aimed at both misdirecting attention and maintaining dominance in the global cyber arena. The allegations point to deep-rooted strategies used by the U.S. to perpetuate its cyber espionage activities while blaming adversaries like China and Russia. But behind the noise lies a much more intricate revelation of cyber warfare tactics, including the use of False Flag operations and stealth tools designed to mask the true origins of these attacks, the report alleges. The 'Marble' Toolkit and False Flag Tactics At the center of the accusations is a U.S. intelligence toolkit that China calls "Marble." This tool allegedly helps cloak the true source of cyberattacks by obfuscating the coding signatures typically used to trace attackers. What makes Marble particularly dangerous, according to China's report, is its ability to insert foreign language strings into the malware code—languages like Mandarin and Russian—to mislead investigators and pin the blame on foreign actors. False Flag operations, a tactic where one country carries out attacks disguised as another, have become central to modern cyber warfare, China said. In the digital realm, this tactic aims to confuse attribution, the process by which investigators link a cyberattack to its origin. With attribution often serving as the basis for geopolitical decisions, misdirection on this scale could have serious consequences. Influence Operations and Cyber Dominance The allegations don’t stop at cyberattacks alone. According to CVERC’s investigation, the U.S. has woven these tactics into a broader strategy of influence operations. These operations aim to shape perceptions, spread disinformation, and destabilize target nations. They go beyond the battlefield of bits and bytes, extending into media and public discourse. The report claims the U.S. employs a framework of 4D principles—deny, disrupt, degrade, deceive—to maintain control over the narrative in cyberspace. These principles, seen in disinformation campaigns like Volt Typhoon, are designed to manipulate how cyberattacks are perceived, allowing the U.S. to downplay its own activities while amplifying those of its adversaries. China also came down heavily on the usage of naming conventions like "Panda" and "Dragon" used in the attribution of China-linked threat actors, claiming it is geopolitically motivated and equivalent to racial targeting. Some U.S. companies, such as Microsoft and CrowdStrike, for their commercial interest and without sufficient evidence and rigorous technical analysis, have been keen on coining various absurd codenames with obvious geopolitical overtones for hacker groups, such as 'typhoon,' 'panda,' and 'dragon,' instead of 'Anglo-Saxon,' 'hurricane,' and 'koala,'" the CVERC report said. Global Surveillance: The 'UpStream' and 'Prism' Projects The core of the accusations against the U.S. is its alleged use of mass surveillance projects, known as "UpStream" and "Prism," which work together to siphon vast amounts of data from global internet traffic. UpStream, according to the report, is designed to capture raw communication data passing through key internet infrastructure like submarine fiber optic cables, while Prism allows U.S. intelligence agencies to access user data from major tech companies like Microsoft, Google, and Facebook. By combining these two systems, the U.S. allegedly maintains the ability to monitor vast quantities of data in real-time. This capability provides actionable intelligence for military, diplomatic, and economic purposes, making the U.S. a formidable player in the world of cyber espionage. But it’s not just foreign adversaries that are affected. The report suggests that U.S. citizens, despite legal protections like FISA Section 702, also fall under the watchful eye of these surveillance programs. The Foreign Intelligence Surveillance Court itself has acknowledged several violations, pointing to instances where U.S. intelligence agencies allegedly overstepped their bounds, the report suggests. Backdoor Implants and Supply Chain Attacks Another concerning element is the claim that U.S. intelligence agencies conduct supply chain attacks, where they insert backdoors into hardware and software products sold to foreign targets. Once compromised, these products can act as entry points for further espionage. The National Security Agency’s (NSA) Office of Tailored Access Operations (TAO) allegedly plays a key role in these activities. By intercepting shipments of network equipment, disassembling them, and implanting malicious backdoors, the NSA ensures long-term access to compromised systems. These supply chain attacks represent one of the most covert and effective ways to infiltrate secure networks, posing significant risks to critical infrastructure across the globe, China said. Global Fallout: Targeting Allies and Adversaries Alike China added that U.S.' espionage activities haven’t been limited to adversaries. It said, allies such as Germany, France, and Japan have also found themselves under the surveillance lens, with high-level communications reportedly intercepted as part of broader intelligence-gathering efforts. For instance, German Chancellor Angela Merkel’s communications were allegedly monitored by U.S. intelligence, causing a diplomatic rift between the two nations when the operation was exposed, CVERC reported. Similar accusations have surfaced regarding France, with the NSA reportedly eavesdropping on phone calls from French government officials and business leaders. U.S. Companies' Role in Espionage Microsoft, one of the largest cloud and enterprise software providers globally, has found itself entangled in these accusations. According to the report, Microsoft’s tools and platforms may be integral to U.S. intelligence operations, providing both the infrastructure and capabilities for data collection. The report also alleges that Microsoft has been developing tools specifically for U.S. intelligence, further deepening its collaboration with the federal government. This relationship, the report suggests, raises serious questions about privacy and the ethical implications of corporate cooperation in state-led surveillance activities. Interestingly, both Microsoft and the U.S. government have time and again placed the same accusations on Volt Typhoon, which China has disputed.

image for What to do if you re ...

 Threats

Sextortion — a portmanteau of sex and extortion — originally referred to blackmail using compromising photos or videos obtained either by hacking a victims device or voluntarily from the victim themselves. While this form of crime still exists, todays sextortioners are far less likely to be in the possession of   show more ...

any juicy material. Some varieties of sextortion work even when the victim knows for certain that no compromising material featuring them could possibly exist. Lets get to the bottom (so to speak) of all the latest sextortion scams, and ways to counter them. Your spouse is cheating on you This fresh sextortion tactic preys on jealousy instead of shame. A spouse receives an email from a security company saying it has gained access to (read: hacked) their other halfs personal devices and found proof of infidelity. For details, including a downloaded data archive, the recipient is invited to follow the link kindly provided. Of course, the attackers have no data at all other than the names and email addresses of the couple, and the link is there to extract money. I recorded you on video This is the classic sextortion scheme. The victim receives an email claiming that the sender hacked their computer or smartphone and recorded them through the webcam while they were browsing porn sites. To stop friends and family from seeing the video, the hackers demand an urgent payment in cryptocurrency. To make it more convincing, they may address the victim by name and insert in the email an actual password the recipient has used for some accounts. In reality, the sextortioners simply buy databases of stolen credentials, thousands of which are available on the dark web, and then fire out standard emails with passwords from this database to the corresponding addresses. You have a beautiful home To target those unfazed by cybervillains knowing their password, a new scheme was invented. The perpetrator mentions that if the victim fails to contact the attackers about the hush payment, theyll come to discuss the matter in person. To add weight to the threat, the email includes a photo of the victims home taken from Google Maps. Obviously, for this trick to work, the attackers need databases that contain not only emails and passwords but also home addresses, which they can get from online-store data leaks. I recorded you on video, see for yourself Another popular sextortion scam doesnt demand a cryptocurrency payment but instead tries to install malware on the victims computer. An email invites the recipient to watch a video to see how serious the threat is, but to do so they need to visit a website and install a special player — infected, of course. Youve been deepfaked This relatively new version of the scam works quite well on people who are sure that no compromising videos of them exist. After all, deepfake videos and deepfake porn with celebrities faces superimposed on porn actors bodies have been widely reported in the media. The scam comes in two flavors: in one, the attackers simply claim to have made a deepfake; in the other, they actually have. Its easy to tell them apart: in the latter, the deepfake is immediately presented to the victim — sometimes even in the form of a physical letter delivered to their work address. To make such a deepfake, of course, good-quality photos and videos of the victim are needed. You can reduce your chances of being attacked in this way by not posting countless selfies and other clear shots of your face on social media. Youre going to jail Another variety of sextortion is a scam email accusing the recipient of possessing child pornography. The sender claims to be work for law enforcement and is preparing a list of pedophiles for mass arrest. The recipient is among them, states the email. To get their name removed from the list, the victim is invited to pay a ransom. Criminals can be quite creative with their threats, so some variants of the scheme are even more outlandish: the sender may work for the CIA, manage a website for hiring hitmen, or even have planted a bomb under your house. What to do if you receive a sextortion email Dont panic. Nearly all sextortion scams are just empty threats. Scammers send out millions of identical emails and do nothing to those who ignore them (since thats all they can do). Therefore, the best response is to mark the email as spam and delete it. By the way, Kaspersky Plus and Kaspersky Premium users are protected against the vast majority of spam, as well as malicious websites and apps that are distributed under the guise of such spam. The exception is when you know the sender personally, or there are real incriminating photos and videos attached to the email. In this case, you could be dealing not only with sextortion but also with defamatory deepfakes — two very serious crimes in most countries. Put all embarrassment aside and contact the police immediately. How to guard against intimate photo leaks If youve ever taken a nude, sent it to someone, or saved it on a device, read our detailed guide on how to safely store intimate photos and videos, and what to do if they still leak online (spoiler: they can still be removed even from the internet!)

 Feed

Debian Linux Security Advisory 5792-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Hafiizh and YoKo Kho discovered that visiting a malicious website may lead to address bar spoofing. Narendra Bhati discovered that a malicious website may exfiltrate data cross-origin.

 Feed

Ubuntu Security Notice 7068-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The vulnerabilities included memory leaks, buffer overflows, and improper handling of pixel data.

 Feed

Ubuntu Security Notice 7014-3 - USN-7014-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service.

 Feed

Ubuntu Security Notice 7040-2 - USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service.

 Feed

Ubuntu Security Notice 6968-3 - USN-6968-1 fixedCVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16. This update provides the corresponding updates for PostgreSQL-9.3 in Ubuntu 14.04 LTS and PostgreSQL-10 in Ubuntu 18.04 LTS. Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.

 Feed

Ubuntu Security Notice 7067-1 - It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service.

 Feed

Red Hat Security Advisory 2024-8131-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.

 Feed

Red Hat Security Advisory 2024-8113-03 - Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.

 Feed

Red Hat Security Advisory 2024-8105-03 - An update for python-gevent is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a privilege escalation vulnerability.

 Feed

Red Hat Security Advisory 2024-8102-03 - An update for python-gevent is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a privilege escalation vulnerability.

 Feed

Red Hat Security Advisory 2024-8083-03 - An update for grafana is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

 Feed

Red Hat Security Advisory 2024-8082-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, and Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2024-8080-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for   show more ...

each vulnerability from the CVE link in the References section. Issues addressed include cross site scripting and denial of service vulnerabilities.

 Feed

Red Hat Security Advisory 2024-8077-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed   show more ...

severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include cross site scripting and denial of service vulnerabilities.

 Feed

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week. First spotted in the wild in 2019, TrickMo is so named for

 Feed

Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload. "DarkVision RAT communicates with its command-and-control (C2) server using a custom network

 Feed

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security researcher who goes by HaxRob said.

 Feed

In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented, making zero-days a potent weapon for

 Feed

China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies, and Five Eyes countries of

 Feed

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an information stealer known as Lumma. Hijack Loader, also known as DOILoader, IDAT Loader, and

 Feed

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site. Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive suite of tools to improve site safety, performance, and traffic growth. It's used on 27 million

 ChatGPT

In episode 20 of "The AI Fix", Mark asks an AI to make a very important decision, the Nobel academy finds a bandwagon, Graham gets a new nickname, a pair of robots prove that AI can't do humour, and our hosts find out why emotional support insects haven't taken off. Graham introduces Mark to Optimus,   show more ...

the robot that can't be trusted to fold a t-shirt, and Mark introduces Graham to an AI Fix super fan. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.

2024-10
Aggregator history
Tuesday, October 15
TUE
WED
THU
FRI
SAT
SUN
MON
OctoberNovemberDecember