August 24, 2023 - Cyber Security News

USN-6307-1: JOSE for C/C++ vulnerability

It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE....

August 24, 2023

Advisories

kubernetes-1.27.5-1.fc39

FEDORA-2023-8f8ddb2428 Packages in this update: kubernetes-1.27.5-1.fc39 Update description: Updates to Kubernetes for F38 and F39. Security fixes for CVE-2023-3955 and CVE-2023-3676. Related update for rawhide...

August 24, 2023

Advisories

kubernetes-1.26.8-1.fc38

FEDORA-2023-a3fcc0751f Packages in this update: kubernetes-1.26.8-1.fc38 Update description: Updates to Kubernetes for F38 and F39. Security fixes for CVE-2023-3955 and CVE-2023-3676. Related update for rawhide...

August 24, 2023

Advisories

WinRAR ZIP Arbitrary Code Execution Vulnerability (CVE-2023-38831)

What is WinRAR? WinRAR is a popular utility tool for file compression/decompression and archive management. What is the Attack? CVE-2023-38831 is an arbitrary code execution...

August 24, 2023

Advisories

Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities (CVE-2023-26359, CVE-2023-26360)

What is Adobe ColdFusion? Adobe ColdFusion is a commercial rapid web-application and mobile applications development platform. What is the Attack? CVE-2023-26359 and CVE-2023-26360 are deserialization...

August 24, 2023

Advisories

Citrix Content Collaboration ShareFile Improper Access Control Vulnerability (CVE-2023-24489)

What is Citrix Content Collaboration? Citrix Content Collaboration is a security-focused collaboration, content sharing and synchronization service from Citrix for the enterprise. What is the...

August 24, 2023

News

Court finds autistic members of LAPSUS$ gang responsible for GTA 6 hack and other high profile breaches

A London court has found two British teens responsible for a spree of high profile hacks, including one that saw the leaking of source code...

August 24, 2023

Advisories

USN-6306-1: Fast DDS vulnerabilities

It was discovered that Fast DDS incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service and...

August 24, 2023

News

FBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers

Between Monday and Tuesday, the FBI has traced approximately 1580 stolen Bitcoins Read More

August 24, 2023

News

North Korea ready to cash out more than $40 million in Bitcoin after summer of hacks, warns FBI

After a series of high-profile cryptocurrency hacks, the state-sponsored North Korean Lazarus Group is poised to cash out millions of dollars. Read more in my...

August 24, 2023

Bank of England U-turns on Vulnerability Disclosure Rules

LevelBlue Cybersecurity Awareness Month Recap

Smashing Security podcast #393: Who needs a laptop to hack when you have a Firestick?

Hive0145 Targets Europe with Advanced Strela Stealer Campaigns

AI Threat to Escalate in 2025, Google Cloud Warns

Lazarus Group Uses Extended Attributes for Code Smuggling in macOS

Mapping License Plate Scanners in the US

Amazon MOVEit Leaker Claims to Be Ethical Hacker

Microsoft Fixes Four More Zero-Days in November Patch Tuesday

Day: August 24, 2023

USN-6307-1: JOSE for C/C++ vulnerability

kubernetes-1.27.5-1.fc39

kubernetes-1.26.8-1.fc38

WinRAR ZIP Arbitrary Code Execution Vulnerability (CVE-2023-38831)

Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities (CVE-2023-26359, CVE-2023-26360)

Citrix Content Collaboration ShareFile Improper Access Control Vulnerability (CVE-2023-24489)

Court finds autistic members of LAPSUS$ gang responsible for GTA 6 hack and other high profile breaches

USN-6306-1: Fast DDS vulnerabilities

FBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers

North Korea ready to cash out more than $40 million in Bitcoin after summer of hacks, warns FBI