USN-6301-1: Linux kernel vulnerabilities
It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could...
Karma Catches Up to Global Phishing Service 16Shop
You’ve probably never heard of “16Shop,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple...
USN-6300-1: Linux kernel vulnerabilities
William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local...
KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit
Posted by KoreLogic Disclosures via Fulldisclosure on Aug 17 KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit Title: Cisco ThousandEyes Enterprise...
KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump
Posted by KoreLogic Disclosures via Fulldisclosure on Aug 17 KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump Title: Cisco ThousandEyes Enterprise Agent...
KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig
Posted by KoreLogic Disclosures via Fulldisclosure on Aug 17 KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig Title: Cisco ThousandEyes...
USN-6299-1: poppler vulnerabilities
It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted...
LinkedIn under attack, hackers seize accounts
Security researchers have identified that a widespread LinkedIn hacking campaign has seen many users locked out of their accounts worldwide. Read more in my article...
CISA Launches Joint Initiative to Secure RMM Software
It was created with industry and government stakeholders via the Joint Cyber Defense Collaborative Read More
Critical Flaws in PowerShell Gallery Enable Malicious Exploits
Aqua Nautilus exposed naming policy, ownership verification and module exposure vulnerabilities Read More