July 21, 2023 - Cyber Security News

Friday Squid Blogging: Chromatophores

Neat: Chromatophores are tiny color-changing cells in cephalopods. Watch them blink back and forth from purple to white on this squid’s skin in an Instagram...

July 21, 2023

Advisories

Multiple Vulnerabilities in Mozilla Thunderbird Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Thunderbird is a free and...

July 21, 2023

Advisories

CVE-2021-35391

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL. Read More

July 21, 2023

News

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list...

July 21, 2023

Advisories

JumpCloud Supply-Chain Attack

What is JumpCloud? JumpCloud is a U.S. based IT service provider that offers central access control and device management centralized user, device and application management...

July 21, 2023

Advisories

Active Exploitation of WooCommerce Payments Improper Authentication Vulnerability (CVE-2023-28121)

What is WooCommerce Payments? WooCommerce Payments is a popular e-commerce payment plugin for WordPress designed for small to large-sized online merchants using WordPress. According to...

July 21, 2023

Advisories

openssh-9.0p1-16.fc38

FEDORA-2023-878e04f4ae Packages in this update: openssh-9.0p1-16.fc38 Update description: Security fix for CVE-2023-38408 Read More

July 21, 2023

Advisories

openssh-8.8p1-11.fc37

FEDORA-2023-79a18e1725 Packages in this update: openssh-8.8p1-11.fc37 Update description: Security fix for [PUT CVEs HERE] Read More

July 21, 2023

News

US DoJ Announces Plan to Shakeup Cybercrime Investigations

In a speech, the DoJ’s Nicole M. Argentieri announced the merger of the NCET into the CCIPS Read More

July 21, 2023

Advisories

[SYSS-2023-006]: Omnis Studio – Expected Behavior Violation (CWE-440) (CVE-2023-38334)

Posted by Matthias Deeg via Fulldisclosure on Jul 21 Advisory ID: SYSS-2023-006 Product: Omnis Studio Manufacturer: Omnis Software Ltd. Affected Version(s): 10.22.00 Tested Version(s): 10.22.00...

July 21, 2023

Hive0145 Targets Europe with Advanced Strela Stealer Campaigns

AI Threat to Escalate in 2025, Google Cloud Warns

Lazarus Group Uses Extended Attributes for Code Smuggling in macOS

Mapping License Plate Scanners in the US

Amazon MOVEit Leaker Claims to Be Ethical Hacker

Microsoft Fixes Four More Zero-Days in November Patch Tuesday

Fake Job Ads and Fake Identities: How North Korea Gets Its Hands on Our Data

Microsoft Patch Tuesday, November 2024 Edition

The AI Fix #24: Where are the alien AIs, and are we being softened up for superintelligence?

Day: July 21, 2023

Friday Squid Blogging: Chromatophores

Multiple Vulnerabilities in Mozilla Thunderbird Could Allow for Arbitrary Code Execution

CVE-2021-35391

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

JumpCloud Supply-Chain Attack

Active Exploitation of WooCommerce Payments Improper Authentication Vulnerability (CVE-2023-28121)

openssh-9.0p1-16.fc38

openssh-8.8p1-11.fc37

US DoJ Announces Plan to Shakeup Cybercrime Investigations

[SYSS-2023-006]: Omnis Studio – Expected Behavior Violation (CWE-440) (CVE-2023-38334)