Read Time:4 Second
Agency says it has seized hundreds of assets in month-long operation
Monthly Archives: March 2023
DXC Technology says global network is not compromised following Latitude Financial breach
Read Time:40 Second
Soon after Latitude Financial revealed it suffered a cyber attack, DXC Technology quietly published a note on its website stating its global network and customer support networks were not compromised.
When Latitude Financial, which is listed in the Australian Securities Exchange (ASX), first published about the attack it said the activity was believed to have “originated from a major vendor used” by the company. According to Latitude, the attacker obtained login credentials from an employee using it to “steal personal information that was held by two other services providers”.
Latitude provides loans, credit cards and insurance in Australia, New Zealand, Canada and Singapore. Some of its services includes interest free instalments for JB Hi-Fi, The Good Guys and David Jones customers when shopping online.
Thieves Steal $9m from Crypto Liquidity Pool
US sends million-dollar scammer to prison for four years
Read Time:16 Second
31-year-old Solomon Ekunke Okpe, of Lagos, was a member of a gang that devised and executed a variety of scams – including business email compromise (BEC), romance scams, working-from-home scams, and more – between December 2011 and January 2017.
Read more in my article on the Hot for Security blog.
Smashing Security podcast #315: Crypto hacker hijinks, government spyware, and Utah social media shocker
Read Time:18 Second
A cryptocurrency hack leads us down a mazze of twisty little passages, Joe Biden’s commercial spyware bill, and Utah gets tough on social media sites.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register’s Iain Thomson.
thunderbird-102.9.1-1.fc36
Read Time:20 Second
FEDORA-2023-0e1ae0d5f6
Packages in this update:
thunderbird-102.9.1-1.fc36
Update description:
Update to 102.9.1 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/
Update to 102.9.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.0/releasenotes/
thunderbird-102.9.1-1.fc37
Read Time:12 Second
FEDORA-2023-d093c0cd27
Packages in this update:
thunderbird-102.9.1-1.fc37
Update description:
Update to 102.9.1 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/
thunderbird-102.9.1-1.fc38
Read Time:12 Second
FEDORA-2023-a9c17dff60
Packages in this update:
thunderbird-102.9.1-1.fc38
Update description:
Update to 102.9.1 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/
USN-5988-1: Xcftools vulnerabilities
Read Time:10 Second
It was discovered that integer overflows vulnerabilities existed in Xcftools.
An attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2019-5086, CVE-2019-5087)
CVE-2022-1274
Read Time:12 Second
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.