Crypto firms say digital currency unlikely to be used to evade sanctions
Yearly Archives: 2022
Scores of US Critical Infrastructure Firms Hit by Ransomware
Strangest social engineering attacks of 2021
New research has highlighted the creative and occasionally unusual lengths fraudsters take to carry out social engineering attacks. Proofpoint has listed what it describes as the five strangest social engineering scams it detected last year, with campaigns including the spoofing of soccer coaches and scholars to trick victims into parting with data and money.
As organizations continue to struggle to defend information, devices, and systems against socially engineered attacks, experts say the most successful social engineering groups are usually the most imaginative. “Social engineering is inherently people-centric, and regardless of whether threat actors are targeting businesses or individuals, they’re responding in real time to the events and themes that have the attention of the wider world,” Lucia Milică, global resident CISO at Proofpoint, tells CSO.
Clearview AI commercialization of facial recognition raises concerns, risks
The year is 2054 and a man walks into a Gap store. The virtual salesperson greets him by name, “Hello Mr. Yakomoto. Welcome back to the Gap,” from the life-size video monitor. This famous scene is cribbed from the film Minority Report. The prescience displayed in the 2002 film has actually short-changed the advances of science and technology between then and now. Indeed, some may argue that today we are well beyond the fictional capabilities of the Minority Report. The moral dilemma posed in the film, however, remains.
Today many sensors and cameras are in constant search-and-connect mode. Recently, Clearview AI has announced that it is taking its advanced facial recognition technologies beyond the already controversial government/law enforcement usage into the commercial sector. The company, according to the Washington Post, has accumulated over 100 billion facial photos and is adding to the total at a rate of 1.5 billion images per month, which it wishes to monetize.
Dirty Pipe Exploit Rings Alarm Bells in the Linux Community
expat-2.4.7-1.fc35
FEDORA-2022-10be3957a4
Packages in this update:
expat-2.4.7-1.fc35
Update description:
Rebase to version 2.4.7
Rebase to version 2.4.6
USN-5316-1: Redis vulnerability
Reginaldo Silva discovered that due to a packaging issue, a remote attacker
with the ability to execute arbitrary Lua scripts could possibly escape the
Lua sandbox and execute arbitrary code on the host.
nbd-3.24-1.el7
FEDORA-EPEL-2022-db09048bde
Packages in this update:
nbd-3.24-1.el7
Update description:
Update to 3.24: fix CVE-2022-26495, CVE-2022-26496
nbd-3.24-1.fc35
FEDORA-2022-807e431d5f
Packages in this update:
nbd-3.24-1.fc35
Update description:
Update to 3.24: fix CVE-2022-26495, CVE-2022-26496
nbd-3.24-1.fc34
FEDORA-2022-62adf9a1e0
Packages in this update:
nbd-3.24-1.fc34
Update description:
Update to 3.24: fix CVE-2022-26495, CVE-2022-26496