Russian Hackers Take Aim at Kremlin Targets: Report
National Republican Army wants to overthrow Putin regime Read More
8 strange ways employees can (accidently) expose data
Employees are often warned about the data exposure risks associated with the likes of phishing emails, credential theft, and using weak passwords. However, they can...
Kardashian Charged by SEC After Crypto Post
Star failed to disclose payment for promotional content Read More
ZDI-22-1327: Apache Batik DefaultScriptSecurity Server-Side Request Forgery Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache Batik. Interaction with this library is required to exploit this vulnerability...
ZDI-22-1328: Apache Batik DefaultExternalResourceSecurity Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apache Batik. Interaction with this library is required to exploit this vulnerability...
DSA-5248 php-twig – security update
Marlon Starkloff discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This would allow a malicious user to execute arbitrary code....
DSA-5246 mediawiki – security update
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in restriction bypass, information leaks, cross-site scripting or denial...
DSA-5247 barbican – security update
Douglas Mendizabal discovered that Barbican, the OpenStack Key Management Service, incorrectly parsed requests which could allow an authenticated user to bypass Barbican access policies. Read...
USN-5651-2: strongSwan vulnerability
USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Lahav Schlesinger...
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers. Microsoft confirmed the flaws late last week and published mitigation advice...