DSA-5299 openexr – security update
Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound reads could lead...
Friday Squid Blogging: China Bans Taiwanese Squid Imports
Today I have some squid geopolitical news. As usual, you can also use this squid post to talk about the security stories in the news...
Hacking Trespass Law
This article talks about public land in the US that is completely surrounded by private land, which in some cases makes it inaccessible to the...
CVE-2022-23477 (xrdp)
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a...
CVE-2022-23468 (xrdp)
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a...
Truebot Malware Activity Increases With Possible Evil Corp Connections
The campaigns observed by Cisco Talos have resulted in the creation of two botnets Read More
BEC Attacks Expand Beyond Email and Toward Mobile Devices
Scammers typically obtain mobile numbers from data breaches, social media and data brokers Read More
Rackspace customers rage following ransomware attack, as class-action lawsuits filed
As ever, what matters most is not so much whether an organisation gets hit or not by a ransomware attack, but how well it handles...
Cobalt Mirage Affiliate Uses GitHub to Relay Drokbk Malware Instructions
Secureworks said the malicious code is written in .NET and comprises a dropper and a payload Read More
Software Supply Chain Attacks Leveraging Open-Sources Repos Growing
ReversingLabs found an increasing number of malicious packages in three popular repositories Read More