DSA-5377 chromium – security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Read More
Google Suspends Chinese E-Commerce App Pinduoduo Over Malware
Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes...
The hidden danger to zero trust: Excessive cloud permissions
Graham Cluley Security News is sponsored this week by the folks at Sysdig. Thanks to the great team there for their support! What is one...
Splunk adds new security and observability features
New security and observability features will be added to Splunk Mission Control and its Observability Cloud to identify threats and incidents more efficiently, the company...
55 zero-day flaws exploited last year show the importance of security risk management
Deploying security patches as quickly as possible remains one of the best ways to prevent most security breaches, as attackers usually rely on exploits for...
USN-5942-2: Apache HTTP Server vulnerability
USN-5942-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding update for CVE-2023-25690 for Ubuntu 16.04 ESM. Original advisory details: Lars Krapf discovered...
BreachForums Shuts Down After Admin’s Arrest
The forum's admin said the move might be temporary and that they will set up a new Telegram group Read More
New Android Banking Trojan ‘Nexus’ Promoted As MaaS
Nexus offers overlay attacks and keylogging activities designed to steal victims' credentials Read More
CISA and NSA Enhance Security Framework With New IAM Guide
Guidance includes best practices for identity governance, environmental hardening, SSO, MFA and IAM auditing Read More
USN-5968-1: GitPython vulnerability
It was discovered that GitPython did not properly sanitize user inputs for remote URLs in the clone command. By injecting a maliciously crafted remote URL,...