USN-5651-2: strongSwan vulnerability
USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Lahav Schlesinger...
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers. Microsoft confirmed the flaws late last week and published mitigation advice...
USN-5651-1: strongSwan vulnerability
Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points (CDP) in certificates. A remote attacker could possibly use this...
USN-5614-2: Wayland vulnerability
USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Wayland incorrectly...
Student data leaked after LA school district says it won’t pay ransom
Hackers have leaked data stolen from the United States's second-largest school district, after the Los Angeles Unified School District (LAUSD) announced it would not be...
There’s good and bad news about the Microsoft Exchange server zero-day exploit
Yay, Microsoft has told us how to mitigate against the recently-discovered zero-day attacks. Boo, the mitigations can be bypassed... Read More
Ex-NSA Employee Charged For Trying to Sell US Secrets
Dalke reportedly requested $85,000 in return for additional information in his possession Read More
USN-5652-1: Linux kernel (Azure) vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an...
6 Questions for Building and Scaling a Cybersecurity Plan
Here are six essential questions that organizations should continually ask themselves to build and scale an effective, sustainable cybersecurity plan. […] Read More
CVE-2022-33882 (autodesk_desktop)
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA)....