drupal7-link-1.11-1.el7
https://www.drupal.org/project/link/releases/7.x-1.11
SA-CONTRIB-2022-034
https://www.drupal.org/project/link/releases/7.x-1.10
https://www.drupal.org/project/link/releases/7.x-1.9
https://www.drupal.org/project/link/releases/7.x-1.8
Backup and data management vendor Cohesity has started to preview a new ransomware protection SaaS product called Datahawk, which leverages AI and a host of other capabilities to help companies defend their data against bad actors.
There are three core components to Datahawk, according to Cohesity. The first is a ransomware detection engine that uses deep learning to quickly scan for anomalous behavior, potential threats and other indicators of possible ransomware attacks. This system works via a preset list of indicators of concern, which, the company said, will be updated daily.
In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the image-relocator module.
In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.
USN-5625-1 fixed a vulnerability in Mako. This update provides the corresponding update for
Ubuntu 22.10.
Original advisory details:
It was discovered that Mako incorrectly handled certain regular expressions.
An attacker could possibly use this issue to cause a denial of service.
grub2-2.06-63.fc37
Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see upstream’s disclosure or the patches themselves.
grub2-2.06-55.fc36
Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see upstream’s disclosure or the patches themselves.
grub2-2.06-12.fc35
Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see upstream’s disclosure or the patches themselves.
Authored by Oliver Devane
It hasn’t taken malicious actors long to take advantage of the recent bankruptcy filing of FTX, McAfee has discovered several phishing sites targeting FTX users.
One of the sites discovered was registered on the 15th of November and asks users to submit their crypto wallet phrase to receive a refund. After entering this phrase, the creators of the site would gain access to the victim’s crypto wallet and they would likely transfer all the funds out of it.
Upon analyzing the website code used to create the phishing sites, we noticed that they were extremely similar to previous sites targeting WalletConnect customers, so it appears that they likely just modified a previous phishing kit to target FTX users.
The image below shows a code comparison between a website from June 2022, and it shows that the FTX phishing site shares most of its code with it.
McAfee urges anyone who was using FTX to be weary of any unsolicited emails or social media messages they receive and to double-check the authenticity before accessing them. If you are unsure of the signs to look for, please check out the McAfee Scam education portal (https://www.mcafee.com/consumer/en-us/landing-page/retention/scammer-education.html)
McAfee customers are protected against the sites mentioned in this blog
Type
Value
Product
Detected
URL
ftx-users-refund[.]com
McAfee WebAdvisor
Blocked
URL
ftx-refund[.]com
McAfee WebAdvisor
Blocked
The post Threat Actors Taking Advantage of FTX Bankruptcy appeared first on McAfee Blog.
According to Symantec, the targeting of a certificate authority was notable
