pesign-116-1.fc37

Read Time:15 Second

FEDORA-2023-e77628f240

Packages in this update:

pesign-116-1.fc37

Update description:

New upstream release (116)
Fix CVE-2022-3560
This is a privilege escalation in the pesign-authorize script, which is now deprecated. There is no impact unless you are using pesign as a daemon in a signing server.

Read More

pesign-115-4.fc36

Read Time:14 Second

FEDORA-2023-5399953e3b

Packages in this update:

pesign-115-4.fc36

Update description:

Fix CVE-2022-3560
This is a privilege escalation in the pesign-authorize script, which is now deprecated. There is no impact unless you are using pesign as a daemon in a signing server.

Read More

USN-5835-3: Nova vulnerability

Read Time:12 Second

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou
discovered that Nova incorrectly handled VMDK image processing. An
authenticated attacker could possibly supply a specially crafted VMDK flat
image and obtain arbitrary files from the server containing sensitive
information.

Read More

USN-5834-1: Apache HTTP Server vulnerabilities

Read Time:24 Second

It was discovered that the Apache HTTP Server mod_dav module did not
properly handle specially crafted request headers. A remote attacker
could possibly use this issue to cause the process to crash, leading
to a denial of service. (CVE-2006-20001)

It was discovered that the Apache HTTP Server mod_proxy_ajp module did not
properly handle certain invalid Transfer-Encoding headers. A remote attacker
could possibly use this issue to perform an HTTP Request Smuggling attack.
(CVE-2022-36760)

Read More

USN-5835-1: Cinder vulnerability

Read Time:12 Second

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou
discovered that Cinder incorrectly handled VMDK image processing. An
authenticated attacker could possibly supply a specially crafted VMDK flat
image and obtain arbitrary files from the server containing sensitive
information.

Read More

USN-5835-2: OpenStack Glance vulnerability

Read Time:12 Second

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou
discovered that OpenStack Glance incorrectly handled VMDK image processing.
An authenticated attacker could possibly supply a specially crafted VMDK
flat image and obtain arbitrary files from the server containing sensitive
information.

Read More

Trulioo launches end-to-end identity platform

Read Time:31 Second

Identity verification firm Trulioo on Tuesday launched a new global identity platform for “person” and “business” verification. Trulioo so far sold multiple identity products, each operating in their own silos. Their products and services range from person and business verification, to no-code workflow building, low-code integrations, and anti-fraud measures. The new platform combines all these solutions into a single contract for clients who can use the platform to access information matching, identity document verification, proof of address through utility data, in-depth business verification, and watchlist screening with ongoing monitoring.

To read this article in full, please click here

Read More

Ransomware Payments Are Down

Read Time:44 Second

Chainalysis reports that worldwide ransomware payments were down in 2022.

Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before.

As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that have yet to be identified on the blockchain and incorporated into our data. When we published last year’s version of this report, for example, we had only identified $602 million in ransomware payments in 2021. Still, the trend is clear: Ransomware payments are significantly down.

However, that doesn’t mean attacks are down, or at least not as much as the drastic drop-off in payments would suggest. Instead, we believe that much of the decline is due to victim organizations increasingly refusing to pay ransomware attackers.

Read More

Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

Read Time:24 Second

Researchers from cybersecurity firm Proofpoint claim to have discovered a new threat campaign involving malicious third-party OAuth apps that are used to infiltrate organizations’ cloud environments. According to a blog on the company’s website, threat actors satisfied Microsoft’s requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.

To read this article in full, please click here

Read More