Read Time:5 Second
There is significant disconnect between consumer expectations and organizations’ approaches around privacy, a new report has found
Daily Archives: January 24, 2023
Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery
Read Time:4 Second
The tech giant confirmed it intends to implement these plans by March 2023
P-to-P fraud most concerning cyber threat in 2023: CSI
Read Time:35 Second
US financial institutions see peer-to-peer fraud and other digital fraud as the biggest cybersecurity concern in 2023.
It was cited by 29% of respondents in a survey by Computer Systems Inc. (CSI), followed by data breaches (23%), ransomware (20%) and a breach at a third party (15%).
Industry respondents also expressed concerns over identity theft at 4%, unavailable or unaffordable cyber insurance at 4%, geopolitical risks at 3%, DDoS attacks at 2% and website defacement at 0.9%, according to CSI’s annual survey of the financial sector. It received responses from 228 banking executives, 171 of them at vice-president level or above.
mingw-opusfile-0.12-6.fc36
Read Time:6 Second
FEDORA-2023-528f07b5af
Packages in this update:
mingw-opusfile-0.12-6.fc36
Update description:
Fix CVE-2022-47021
mingw-opusfile-0.12-9.fc37
Read Time:6 Second
FEDORA-2023-9cdfc21898
Packages in this update:
mingw-opusfile-0.12-9.fc37
Update description:
Fix CVE-2022-47021
USN-5821-2: wheel vulnerability
Read Time:15 Second
USN-5821-1 fixed a vulnerability in wheel. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Sebastian Chnelik discovered that wheel incorrectly handled
certain file names when validated against a regex expression.
An attacker could possibly use this issue to cause a
denial of service.
ServiceNow to detect open source security vulnerabilities with Snyk integration
Read Time:28 Second
ServiceNow Vulnerability Response users will now have access to Snyk Open Source. This will represent the Israeli-US vendor’s advanced software composition analysis (SCA) backed by Snyk’s security intelligence—a combination of public sources, data from the developer community, proprietary expert research, machine learning, and human-in-the-loop AI.
ServiceNow Vulnerability Response is part of ServiceNow Security Operations and connects the workflow and automation capabilities of the ServiceNow platform with vulnerability scan data from other vendors which now includes Snyk’s intelligence.
USN-5822-1: Samba vulnerabilities
Read Time:1 Minute, 20 Second
It was discovered that Samba incorrectly handled the bad password count
logic. A remote attacker could possibly use this issue to bypass bad
passwords lockouts. This issue was only addressed in Ubuntu 22.10.
(CVE-2021-20251)
Evgeny Legerov discovered that Samba incorrectly handled buffers in
certain GSSAPI routines of Heimdal. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-3437)
Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos
keys. A remote attacker could possibly use this issue to elevate
privileges. (CVE-2022-37966, CVE-2022-37967)
It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure
Channel. A remote attacker could possibly use this issue to elevate
privileges. (CVE-2022-38023)
Greg Hudson discovered that Samba incorrectly handled PAC parsing. On
32-bit systems, a remote attacker could use this issue to escalate
privileges, or possibly execute arbitrary code. (CVE-2022-42898)
Joseph Sutton discovered that Samba could be forced to issue rc4-hmac
encrypted Kerberos tickets. A remote attacker could possibly use this issue
to escalate privileges. This issue only affected Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2022-45141)
WARNING: The fixes included in these updates introduce several important
behavior changes which may cause compatibility problems interacting with
systems still expecting the former behavior. Please see the following
upstream advisories for more information:
https://www.samba.org/samba/security/CVE-2022-37966.html
https://www.samba.org/samba/security/CVE-2022-37967.html
https://www.samba.org/samba/security/CVE-2022-38023.html
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Read Time:54 Second
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution.
Safari is a graphical web browser developed by Apple.
iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch.
macOS Monterey is the 18th and release of macOS.
macOS Big Sur is the 17th release of macOS.
watchOS is the mobile operating system for Apple Watch and is based on the iOS operating system.
iPadOS is the successor to iOS 12 and is a mobile operating system for iPads.
macOS Ventura is the 19th and current major release of macOS
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Bulk Surveillance of Money Transfers
Read Time:1 Minute, 9 Second
Just another obscure warrantless surveillance program.
US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. A database stored at a nonprofit, the Transaction Record Analysis Center (TRAC), provides full names and amounts for larger transfers (above $500) sent between the US, Mexico and 22 other regions through services like Western Union, MoneyGram and Viamericas. The program covers data for numerous Caribbean and Latin American countries in addition to Canada, China, France, Malaysia, Spain, Thailand, Ukraine and the US Virgin Islands. Some domestic transfers also enter the data set.
[…]
You need to be a member of law enforcement with an active government email account to use the database, which is available through a publicly visible web portal. Leber told The Journal that there haven’t been any known breaches or instances of law enforcement misuse. However, Wyden noted that the surveillance program included more states and countries than previously mentioned in briefings. There have also been subpoenas for bulk money transfer data from Homeland Security Investigations (which withdrew its request after Wyden’s inquiry), the DEA and the FBI.
How is it that Arizona can be in charge of this?
Wall Street Journal podcast—with transcript—on the program. I think the original reporting was from last March, but I missed it back then.