php-8.0.25-1.fc35

Read Time:30 Second

FEDORA-2022-f2a5082860

Packages in this update:

php-8.0.25-1.fc35

Update description:

PHP version 8.0.25 (27 Oct 2022)

GD:

Fixed bug php#81739: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630) (cmb)

Hash:

Fixed bug php#81738: buffer overflow in hash_update() on long parameter. (CVE-2022-37454) (nicky at mouha dot be)

Session:

Fixed bug GH-9583 (session_create_id() fails with user defined save handler that doesn’t have a validateId() method). (Girgias)

Streams:

Fixed bug GH-9590 (stream_select does not abort upon exception or empty valid fd set). (Arnaud)

Read More

Akamai to boost network-layer DDoS protection with new scrubbing centers

Read Time:33 Second

Content delivery network (CDN) provider Akamai said Tuesday that its Prolexic DDoS protection service will become able to handle DDoS attacks of up to 20Tbps, thanks to a new wave of construction of so-called scrubbing centers.

The company’s announcement said that this will effectively double its current capacity to handle network-level DDoS attacks, with rollouts planned for “all major regions,” which includes US East and West, Canada, Italy, Spain, Switzerland, India, Japan, Hong Kong and the Middle East. The first new centers will come online in the third quarter of this year, and will continue through 2023.

To read this article in full, please click here

Read More

Blockchain security companies tackle cryptocurrency theft, ransom tracing

Read Time:46 Second

According to data from the Rekt leaderboard, cybercriminals have stolen as much as $3 billion of investor funds through 141 various cryptocurrency exploits since January, putting 2022 on track to top 2021 levels of digital currency malfeasance. Comparitech’s cryptocurrency heists tracker indicates that since 2011, hackers have stolen $7.9 billion in cryptocurrency worth about $45.5 billion in today’s value.

Along with the increased dollar amounts of cryptocurrency thefts, the scams, hacks, and exploits of cryptocurrency, Web3 (a decentralized view of the web that incorporates blockchain technologies and token-based economics), and blockchain-related organizations are growing bolder and more lucrative for malicious hackers even as the value of cryptocurrencies stagnates. This month alone, Binance saw its BNB chain drained of $586 million, close to the all-time most significant cryptocurrency theft of $624 million from the Ronin Network in March 2022.

To read this article in full, please click here

Read More

8 hallmarks of a proactive security strategy

Read Time:40 Second

CISOs have long been tasked with building response and recovery capabilities, the objective being to have teams that can react to a security incident as quickly as possible and can restore business functions with as little damage as possible.

The need for those activities is certainly not going to go away, but many security chiefs are seeking to take more proactive steps to balance out reactive ones.

“On the proactive side, you’re trying to predict what kind of attack can occur in your environment and find your vulnerabilities before others do, so you reduce risk before it materializes,” says Pierre-Martin Tardif, cybersecurity professor at Université de Sherbrooke and member of the Emerging Trends Working Group with the professional IT governance association ISACA.

To read this article in full, please click here

Read More