Read Time:9 Second
FEDORA-2022-c1e107f37f
Packages in this update:
python-bottle-0.12.21-2.fc35
Update description:
Cookie test fix backported from upstream (0.12)
Security fix for CVE-2022-31799
Monthly Archives: June 2022
Googler Suspended After Claiming AI Became Sentient
python-bottle-0.12.21-2.fc36
Read Time:9 Second
FEDORA-2022-cc9a173168
Packages in this update:
python-bottle-0.12.21-2.fc36
Update description:
Cookie test fix backported from upstream (0.12)
Security fix for CVE-2022-3179
9 ways hackers will use machine learning to launch attacks
Read Time:37 Second
Machine learning and artificial intelligence (AI) are becoming a core technology for some threat detection and response tools. The ability to learn on the fly and automatically adapt to changing cyberthreats give security teams an advantage.
However, some threat actors are also using machine learning and AI a to scale up their cyberattacks, evade security controls, and find new vulnerabilities all at an unprecedented pace and to devastating results. Here are the nine most common ways attackers leverage these technologies.
1. Spam, spam, spam, spam
Defenders have been using machine learning to detect spam for decades, says Fernando Montenegro, analyst at Omdia. “Spam prevention is the best initial use case for machine learning,” he says.
Web3 and IAM: Marching toward disruption
Read Time:32 Second
Identity and access management (IAM) embraces a broad swath of IT practice. This practice is subject to two forces pushing it towards greater prominence: increasing threat actor activity and increasing infrastructure complexity. In response, we see increasing sophistication of the tools used to deal with both.
Web3 technology has unique characteristics that lend it to dealing with IAM. To begin with, Web3 is built upon cryptography, with an unprecedented level of inherent privacy. The validity of the blockchain is predicated on encryption; every piece of on-chain data is by its nature protected to a degree.
Two Convicted in Major Drugs Bust After Cops Read Encrypted Chats
Eight Zero Days Could Open Doors for Hackers
CVE-2017-20045
Read Time:21 Second
A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2017-20044
Read Time:18 Second
A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to basic cross site scripting (Reflected). It is possible to initiate the attack remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2017-20043
Read Time:18 Second
A vulnerability was found in Navetti PricePoint 4.6.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting (Persistent). The attack may be launched remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.