The ‘Z’ symbol was displayed on multiple Ukrainian news sites, allegedly perpetrated by Russian hackers
Daily Archives: March 18, 2022
Arkansas Sues Health System for Abandoning Patient Files
Suit alleges Eastern Ozarks Regional Health System failed to protect patient and employee data
Netflix to Charge Password Sharers
Streaming service to charge Latin American users who share password with non-householders
bind-9.16.27-1.fc36 bind-dyndb-ldap-11.9-14.fc36
FEDORA-2022-14e36aac0c
Packages in this update:
bind-9.16.27-1.fc36
bind-dyndb-ldap-11.9-14.fc36
Update description:
Upstream release notes
Fixed issue since bind 9.16.25 with broken bind-dyndb-ldap.
libtiff-4.3.0-6.fc36
FEDORA-2022-c39720a0ed
Packages in this update:
libtiff-4.3.0-6.fc36
Update description:
Security fixes for:
CVE-2022-0865
CVE-2022-0891
CVE-2022-0907
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
libtiff-4.3.0-6.fc35
FEDORA-2022-e2996202a0
Packages in this update:
libtiff-4.3.0-6.fc35
Update description:
Security fixes for:
CVE-2022-0865
CVE-2022-0891
CVE-2022-0907
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
libtiff-4.3.0-5.fc36
FEDORA-2022-449d7a2368
Packages in this update:
libtiff-4.3.0-5.fc36
Update description:
Security fixes for:
CVE-2022-0865
CVE-2022-0891
CVE-2022-0907
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
flatpak-runtime-f35-3520220317211532.1 flatpak-sdk-f35-3520220318110037.1
FEDORA-FLATPAK-2022-09295bb97d
Packages in this update:
flatpak-runtime-f35-3520220317211532.1
flatpak-sdk-f35-3520220318110037.1
Update description:
This updates the Flatpak runtime and SDK for F35 to current packages, including numerous security fixes and bug fixes.
How to Protect Yourself from March Madness Scams
It’s the month of top seeds, big upsets, and Cinderella runs by the underdogs. With March Madness basketball cranking up, a fair share of online betting will sure to follow—along with online betting scams.
Since a U.S. Supreme Court ruling in 2018, individual states can determine their own laws for sports betting. Soon after, states leaped at the opportunity to legalize it in some form or other. Today, 30 states and the District of Columbia have “live and legal” sports betting, meaning that people can bet on single-game sports through a retail or online sportsbook or combination of the two in their state.
If you’re a sports fan, this news has probably been hard to miss. Or at least the outcome of it all has been hard to miss. Commercials and signage in and around games promote several major online betting platforms. Ads have naturally made their way online too, complete with all kinds of promo offers to encourage people to get in on the action. However, that’s also opened the door for scammers who’re looking to take advantage of people looking to make a bet online, according to the Better Business Bureau (BBB). Often through shady or outright phony betting sites.
Let’s take a look at the online sports betting landscape, some of the scams that are cropping up, and some things you can do to make a safer bet this March or any time.
Can I bet on sports in my state, and how?
Among the 30 states that have “live and legal” sports betting, 19 offer online betting, a number that will likely grow given various state legislation that’s either been introduced or will be introduced soon.
Source: www.americangaming.org
If you’re curious about what’s available in your state, this interactive map shows the status of sports betting on a state-by-state level. Further, clicking on an individual state on the map will give you yet more specifics, such as the names of retail sportsbooks and online betting services that are legal in the state. For anyone looking to place a bet, this is a good place to start. This is further helpful for people who’re looking to get into online sports betting for the first time and is the sort of homework that the BBB advises people to do before placing a sports bet online. In their words, you can consider these sportsbooks to be “white-labeled” by your state’s gaming commission.
Source: www.americangaming.org
However, the BBB stresses that people should be aware that the terms and conditions associated with online sports betting will vary from service to service, as will the promotions that they offer. The BBB accordingly advises people to closely read these terms, conditions and offers. For one, “Gambling companies can restrict a user’s activity,” meaning that they can freeze accounts and the funds associated with them based on their terms and conditions. Also, the BBB cautions people about those promo offers that are often heavily advertised, “[L]ike any sales pitch, these can be deceptive. Be sure to read the fine print carefully.”
Scammers and online betting
Where do scammers enter the mix? The BBB points to the rise of consumer complaints around bogus betting sites:
“You place a bet, and, at first, everything seems normal. But as soon as you try to cash out your winnings, you find you can’t withdraw a cent. Scammers will make up various excuses. For example, they may claim technical issues or insist on additional identity verification. In other cases, they may require you to deposit even more money before you can withdraw your winnings. Whatever you do, you’ll never be able to get your money off the site. And any personal information you shared is now in the hands of scam artists.”
If there’s a good reason you should stick to the “white labeled” sites that are approved by your state’s gaming commission, this is it. Take a pass on any online ads that promote betting sites, particularly if they roll out big and almost too-good-to-be-true offers. These may lead you to shady or bogus sites. Instead, visit the ones that are approved in your state by typing in their address directly into your browser.
Ready to place your bet? Keep these things in mind.
In addition to what we mentioned above, there are several other things you can do to make your betting safer.
1) Check the rep of the service.
In addition to choosing a state-approved option, check out the organization’s BBB listing at BBB.org. Here you can get a snapshot of customer ratings, complaints registered against the organization, and the organization’s response to the complaints, along with its BBB rating, if it has one. Doing a little reading here can be enlightening, giving you a sense of what issues arise and how the organization has historically addressed them. For example, you may see a common complaint and how it’s commonly resolved. You may also see where the organization has simply chosen not to respond, all of which can shape your decision whether to bet with them or not.
2) Use a secure payment method other than your debit card.
Credit cards are a good way to go. One reason why is the Fair Credit Billing Act, which offers protection against fraudulent charges on credit cards by giving you the right to dispute charges over $50 for goods and services that were never delivered or otherwise billed incorrectly. Your credit card companies may have their own policies that improve upon the Fair Credit Billing Act as well. Debit cards don’t get the same protection under the Act.
3) Get online protection.
Comprehensive online protection software will defend you against the latest virus, malware, spyware, and ransomware attacks plus further protect your privacy and identity. In addition to this, it can also provide strong password protection by generating and automatically storing complex passwords to keep your credentials safer from hackers and crooks who may try to force their way into your accounts. And, specific to betting sites, online protection can help prevent you from clicking links to known or suspected malicious sites.
Make the safe(r) bet
With online betting cropping up in more and more states for more and more people, awareness of how it works and how scammers have set up their presence within it becomes increasingly important. Research is key, such as knowing who the state-approved sportsbooks and services are, what types of betting are allowed, and where. By sticking to these white-label offerings and reading the fine print in terms, conditions, and promo offers, people can make online betting safer and more enjoyable.
Editor’s Note:
If gambling is a problem for you or someone you know, you can seek assistance from a qualified service or professional. Several states have their own helplines, and nationally you can reach out to resources like http://www.gamblersanonymous.org/ or https://www.ncpgambling.org/help-treatment/.
The post How to Protect Yourself from March Madness Scams appeared first on McAfee Blog.
USN-5335-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain values
when processing XPM image data or large images. If a user or automated
system using ImageMagick were tricked into opening a specially crafted
image, an attacker could exploit this to cause a denial of service or
possibly execute code with the privileges of the user invoking the program.
(CVE-2020-19667, CVE-2017-13144)
Suhwan Song discovered that ImageMagick incorrectly handled memory
when processing PNG,PALM,MIFF image data. If a user or automated system
using ImageMagick were tricked into opening a specially crafted image,
an attacker could exploit this to cause a denial of service or possibly
execute code with the privileges of the user invoking the program.
(CVE-2020-25664, CVE-2020-25665, CVE-2020-25674, CVE-2020-27753)
Suhwan Song discovered that ImageMagick incorrectly handled certain values
when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service.
(CVE-2020-25676, CVE-2020-27750, CVE-2020-27760, CVE-2020-27762,
CVE-2020-27766, CVE-2020-27770)
Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values
when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service.
(CVE-2021-20176, CVE-2021-20241, CVE-2021-20243)