USN-6155-1 fixed a vulnerability in Requests. This update provides
the corresponding update for Ubuntu 16.04 ESM and 18.04 ESM.
Original advisory details:
Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly
leaked Proxy-Authorization headers. A remote attacker could possibly use
this issue to obtain sensitive information.
UK business leaders believe inflation is driving negligence and malicious behavior
When organizations consider application programming interface (API) security, they typically focus on securing APIs that are written in-house. However, not all the APIs that companies use are developed internally, rather some are designed and developed by other organizations. The problem is that many companies don’t realize that using third-party APIs can expose their applications to security issues, such as malware, data breaches, and unauthorized access.
Third-party APIs are software interfaces that allow organizations to leverage third-party functionality or data on their own websites or applications. These third-party APIs enable developers to integrate their applications or systems with external services, data, or functionality, says Phil Quitugua, director of cybersecurity at technology research and advisory firm ISG.
The vast majority of CISOs have observed positive security culture gains in their organizations in the last year despite a perceived dip in the quality of overall security posture, according to the 10th annual Information Security Maturity Report published by ClubCISO and Telstra Purple. The research surveyed 182 members of ClubCISO, a global community of information security leaders working in public and private sector companies. The paper paints an optimistic picture of organizational security with CISOs reporting a drop in reported material breaches compared to the year before, while 60% state that leadership endorsement has been a major influence in improving organizational security culture.
mingw-dbus-1.14.8-1.fc38
Backport fix for CVE-2023-34969.
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITYSYSTEM which writes log files to a writable directory (C:UsersPublicnetSkope) for a standard user. The files are created and written with a SYSTEM account except one file (logplaceholder) which inherits permission giving all users full access control list. Netskope client restricts access to this file by allowing only read permissions as a standard user. Whenever the Netskope client service restarts, it deletes the logplaceholder and recreates, creating a race condition, which can be exploited by a malicious local user to create the file and set ACL permissions on the file. Once the file is created by a malicious user with proper ACL permissions, all files within C:UsersPublicnetSkope becomes modifiable by the unprivileged user. By using Windows pseudo-symlink, these files can be pointed to other places in the system and thus malicious users will be able to elevate privileges.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
