Microsoft Issues Report of Russian Cyberattacks against Ukraine

Read Time:53 Second

Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war:

At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set of priorities or actively coordinating. However, collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military functions and undermine the public’s trust in those same institutions.

[…]

Threat groups with known or suspected ties to the GRU have continuously developed and used destructive wiper malware or similarly destructive tools on targeted Ukrainian networks at a pace of two to three incidents a week since the eve of invasion. From February 23 to April 8, we saw evidence of nearly 40 discrete destructive attacks that permanently destroyed files in hundreds of systems across dozens of organizations in Ukraine.

Read More

Researchers break Azure PostgreSQL database-as-a-service isolation with cross-tenant attack

Read Time:27 Second

A team of researchers found two vulnerabilities in Microsoft’s Azure PostgreSQL Flexible Server that when chained together allowed them to access the PostgreSQL databases of other cloud tenants. The attack, dubbed ExtraReplica because it abused functionality related to database replication, combines a privilege escalation vulnerability that gave them the ability to execute code inside the container hosting their own database and another authentication bypass issue that allowed them to abuse the system’s replication service to access other users’ databases.

To read this article in full, please click here

Read More

USN-5394-1: WebKitGTK vulnerabilities

Read Time:16 Second

A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

Read More

Jamf beefs up enterprise security software for Mac

Read Time:31 Second

A maker of enterprise software for Apple’s ecosystem announced a half-dozen new products and enhancements at an online event Tuesday. Jamf maintained the new offerings would help organizations create an enterprise-secure, consumer-simple environment that protects personal privacy.

Three new features were added to the company’s endpoint and network security platform, Jamf Protect. They include network threat protection, which allows endpoints to report network-based indicators of compromise, comprehensive logging of endpoint and network security events, and removable storage controls to ensure that sensitive data is written to USB mass media drives.

To read this article in full, please click here

Read More

curl-7.82.0-3.fc36

Read Time:16 Second

FEDORA-2022-3517572083

Packages in this update:

curl-7.82.0-3.fc36

Update description:

fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)

Read More

curl-7.79.1-2.fc35

Read Time:16 Second

FEDORA-2022-411f088574

Packages in this update:

curl-7.79.1-2.fc35

Update description:

fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)

Read More

curl-7.76.1-14.fc34

Read Time:16 Second

FEDORA-2022-fc5776b142

Packages in this update:

curl-7.76.1-14.fc34

Update description:

fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)

Read More