Up to 35% more CVEs published so far this year compared to 2021

Read Time:30 Second

A new report from Trustwave SpiderLabs has revealed that the number of CVEs published so far this year could be as much as 35% higher than in the same period in 2021. The findings come from the security firm’s 2022 Telemetry Report. While organizations appear to be exhibiting greater awareness of effective patch management compared to last year, if current trends continue, the total number of CVEs published in 2022 will exceed that of 2021. The report also examined several high severity vulnerabilities and the extent to which they remain prevalent.

To read this article in full, please click here

Read More

DNS data indicates increased malicious domain activity, phishing toolkit reuse

Read Time:55 Second

New research from cybersecurity vendor Akamai has revealed that 12.3% of monitored devices communicated with domains associated with malware or ransomware at least once during the second quarter of 2022. This represented a 3% increase compared to Q1 2022, the firm stated, with phishing toolkits playing a key role in malicious domain-related activity. The findings are based on DNS data and Akamai’s visibility into carrier and enterprise traffic across different industries and geographies.

Increased malware, phishing, C2 domain activity detected in Q2 2022

In a blog post detailing its research, Akamai stated that, in addition to the devices it detected communicating with domains associated with malware/ransomware, a further 6.2% of devices accessed phishing domains with 0.8% accessing command-and-control (C2)-associated domains (both small increases on Q1 2022). “While this number might seem insignificant, the scale here is in the millions of devices,” the firm wrote. “When this is considered, with C2 being the most malignant of threats, this is not only significant, it’s cardinal.”

To read this article in full, please click here

Read More

webkit2gtk3-2.36.7-1.fc35

Read Time:21 Second

FEDORA-2022-ddfeee50c9

Packages in this update:

webkit2gtk3-2.36.7-1.fc35

Update description:

Update to 2.36.7:

Fix several crashes and rendering issues.
Security fixes: CVE-2022-32793

Add provides for webkit2gtk4.0

webkit2gtk3 is getting renamed to webkit2gtk4.0 in F37+. Add provides for the new names to make it easier for other packages to depend on webkitgtk without having to conditionalize their spec files.

Read More