FEDORA-2023-734aa51998
Packages in this update:
traceroute-2.1.3-1.fc37
Update description:
Update to 2.1.3
traceroute-2.1.3-1.fc37
Update to 2.1.3
traceroute-2.1.3-1.fc38
Update to 2.1.3
traceroute-2.1.3-1.fc39
Update to 2.1.3
An information leak was found in OpenStack’s undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials.
In certain scenarios, Drupal’s JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading to privilege escalation.
This vulnerability only affects sites with the JSON:API module enabled, and can be mitigated by uninstalling JSON:API.
The core REST and contributed GraphQL modules are not affected.
Drupal Steward partners have been made aware of this issue. Some platforms may provide mitigations. However, not all WAF configurations can mitigate the issue, so it is still recommended to update promptly to this security release if your site uses JSON:API.
Install the latest version:
If you are using Drupal 10.1, update to Drupal 10.1.4.
If you are using Drupal 10.0, update to Drupal 10.0.11.
If you are using Drupal 9.5, update to Drupal 9.5.11.
All versions of Drupal 9 prior to 9.5 are end-of-life and do not receive security coverage. Note that Drupal 8 has reached its end of life.
Drupal 7 is not affected.
Albert Network Monitoring is an intrusion detection system (IDS) designed to help SLTTs protect their networks against cyber threats. Here’s how.
libppd-2.0~rc2-4.fc38
CVE-2023-4504 libppd: Postscript Parsing Heap Overflow
libppd-2.0~rc2-4.fc39
CVE-2023-4504 libppd: Postscript Parsing Heap Overflow
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
The tables have turned. Now you can use AI to spot and block scam texts before they do you harm.
You might have heard how scammers have tapped into the power of AI. It provides them with powerful tools to create convincing-looking scams on a massive scale, which can flood your phone with annoying and malicious texts.
The good news is that we use AI too. And we have for some time to keep you safe. Now, we’ve put AI to use in another powerful way—to put an end to scam texts on your phone.
Our new McAfee Scam Protection automatically identifies and alerts you if it detects a dangerous URL in your texts. No more wondering if a package delivery message or bank notification is real or not. Our patented AI technology instantaneously detects malicious links to stop you before you click by sending an alert. And as a second line of defense, it can block risky sites if you accidentally follow a scam link in a text, email, social media, and more.
The time couldn’t be more right for this kind of protection. Last year, Americans lost $330 million to text scams alone, more than double the previous year, with an average reported loss of $1,000, according to the Federal Trade Commission. The deluge of these new sophisticated AI-generated scams is making it harder than ever to tell what’s real from what’s fake.
Which is where our use of AI comes in. With it, you can turn the table on scammers and their AI tools.
Here’s a closer look at how McAfee Scam Protection works:
Proactive and automatic protection: Get notifications about a scam text before you even open the message. After you grant permission to scan the URLs in your texts, McAfee Scam Protection takes charge and will let you know which texts aren’t safe and shouldn’t be opened.
Patented and powerful AI: McAfee’s AI runs in real-time and is constantly analyzing and processing millions of malicious links from around the world to provide better detection. This means McAfee Scam Protection can protect you from advanced threats including new zero-day threats that haven’t been seen before. McAfee’s AI continually gets smarter to stay ahead of cybercriminals to protect you even better.
Simple and easy to use: When you’re set up, McAfee Scam Protection goes to work immediately. No copying or pasting or checking whether a text or email is a scam. We do the work for you and the feature will alert you if it detects a dangerous link and blocks risky sites in real time if you accidentally click.
McAfee Scam Protection is free for most existing customers, and free to try for new customers.
Most McAfee customers now have McAfee Scam Protection available. Simply update your app. There’s no need to purchase or download anything separately. Set up McAfee Scam Protection in your mobile app, then enable Safe Browsing for extra protection or download our web protection extension for your PC or Mac from the McAfee Protection Center. Some exclusions apply¹.
For new customers, McAfee Scam Protection is available as part of a free seven-day trial of McAfee Mobile Security. After the trial period, McAfee Mobile Security is $2.99 a month or $29.99 annually for a one-year subscription.
As part of our new Scam Protection, you can benefit from McAfee’s risky link identification on any platform you use. It can block dangerous links should you accidentally click on one, whether that’s through texts, emails, social media, or a browser. It’s powered by AI as well, and you’ll get it by setting up Safe Browsing on your iOS² or Android device—and by using the WebAdvisor extension on PCs, Macs and iOS.
Scan the QR code to download McAfee Scam Protection from the Google App store
AI works in your favor. Just as it has for some time now if you’ve used McAfee for your online protection. McAfee Scam Protection takes it to a new level. As scammers use AI to create increasingly sophisticated attacks, McAfee Scam Protection can help you tell what’s real and what’s fake.
Customers currently with McAfee+, McAfee Total Protection, McAfee LiveSafe, and McAfee Mobile Security plans have McAfee Scam Protection included in their subscription.
Scam text filtering is coming to iOS devices in October.
The post Get Yourself AI-powered Scam Protection That Spots and Block Scams in Real Time appeared first on McAfee Blog.