FEDORA-2023-8cc61c8b14
Packages in this update:
pgadmin4-6.21-3.fc38
Update description:
Backport fix for CVE-2023-5002.
pgadmin4-6.21-3.fc38
Backport fix for CVE-2023-5002.
USN-6361-1 fixed a vulnerability in CUPS. This update provides the
corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that CUPS incorrectly authenticated certain remote
requests. A remote attacker could possibly use this issue to obtain
recently printed documents.
Almost half of organizations have failed to report cyber-attacks to the appropriate authorities in 2023
golang-github-cncf-xds-0-0.10.20230912gite9ce688.fc38
golang-github-envoyproxy-control-plane-0.11.1-1.fc38
golang-github-hashicorp-msgpack-2.1.0-1.fc38
golang-github-minio-highwayhash-1.0.2-2.fc38
golang-github-nats-io-1.30.1-3.fc38
golang-github-nats-io-jwt-2-2.5.2-1.fc38
golang-github-nats-io-nkeys-0.4.5-2.fc38
golang-github-nats-io-streaming-server-0.25.5-1.fc38
golang-github-protobuf-1.5.3-3.fc38
golang-google-protobuf-1.31.0-4.fc38
nats-server-2.10.1-4.fc38
Contains updates to address CVE-2022-{28357,41717}
Totally expected, but still good to hear:
Onstage at TechCrunch Disrupt 2023, Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country’s recently passed Online Safety Bill forced Signal to build “backdoors” into its end-to-end encryption.
“We would leave the U.K. or any jurisdiction if it came down to the choice between backdooring our encryption and betraying the people who count on us for privacy, or leaving,” Whittaker said. “And that’s never not true.”
gdb-13.2-9.fc39
Security fix for CVE-2022-48064, Backport upstream commit 8f2c64de86b which fixes RHBZ 2233961,
gdb-13.2-5.fc38
Security fix for CVE-2022-48064
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.
In our increasingly interconnected world, wireless networks have become the lifeblood of modern communication and productivity. However, this convenience comes with a price – the heightened risk of wireless attacks. In this in-depth blog, we will delve into the technical intricacies of safeguarding your network against wireless threats. Armed with this knowledge, you can confidently defend your wireless infrastructure against potential attackers.
Before we embark on a journey to strengthen our defenses, it’s crucial to comprehend the various forms of wireless attacks that pose a threat:
Rogue access points (APs):
Malicious actors may set up rogue APs to mimic legitimate networks, luring unsuspecting users into connecting to them.
Man-in-the-Middle (MitM) attacks:
In MitM attacks, attackers intercept and manipulate communications between two parties, often operating undetected.
Evil twin attacks:
Evil twin attacks are akin to rogue APs but more sinister. Attackers create duplicate networks to deceive users, potentially leading to data theft or credential compromise.
Password cracking:
Cybercriminals employ various techniques, including brute force and dictionary attacks, to crack Wi-Fi passwords.
Deauthentication attacks:
These attacks forcefully disconnect users from a Wi-Fi network, causing disruption and creating opportunities for data capture.
WPA3 security: Implement the latest WPA3 security protocol, which offers robust encryption and protection against brute-force attacks.
AES encryption: Embrace AES (Advanced Encryption Standard) for data encryption, steering clear of weaker protocols like WEP (Wired Equivalent Privacy).
Secure authentication:
Strong passwords: Enforce complex, lengthy passwords for your Wi-Fi network.
Two-factor authentication (2FA): Enable 2FA for network access to add an extra layer of security.
Divide your network into segments, each with its security controls, to contain potential breaches and restrict lateral movement within your infrastructure.
Guest networks: Isolate guest devices from the primary network, limiting access to sensitive resources.
VLANs (Virtual LANs): Deploy VLANs to segment network traffic, preventing lateral movement by attackers.
Keep your router and wireless devices’ firmware up to date to patch vulnerabilities and enhance overall security.
Intrusion detection systems (IDS) and intrusion prevention systems (IPS):
Deploy IDS/IPS to monitor network traffic for suspicious activity and block potential threats.
Employ specialized tools to detect rogue access points and take appropriate action when identified.
Wireless intrusion prevention system (WIPS):
Invest in WIPS solutions to actively defend against unauthorized access and attacks.
Wi-Fi protected setup (WPS):
Disable WPS, as it is susceptible to brute-force attacks.
Although not foolproof, MAC address filtering can add an extra layer of protection by allowing only trusted devices to connect.
Implement EAP-TLS (Extensible Authentication Protocol-Transport Layer Security) for enterprise-grade authentication.
Utilize RADIUS servers for centralized authentication and access control.
Wireless intrusion detection and prevention systems (WIDPS):
WIDPS solutions offer real-time monitoring and protection against a wide range of wireless attacks, including rogue APs and MitM threats.
Honeypots:
Introduce honeypots within your network to attract potential attackers, gather valuable information, and divert them away from genuine targets.
Behavioral analysis:
Employ behavioral analysis tools to detect anomalies in wireless traffic patterns, such as unexpected deviations in user behavior or data transfer.
Regular security audits:
Conduct periodic security audits to identify vulnerabilities and weaknesses in your wireless infrastructure proactively.
Penetration testing:
Engage ethical hackers to perform penetration testing, simulating real-world attacks to uncover vulnerabilities before malicious actors do.
Building an impenetrable fortress for wireless security:
In an era where connectivity is paramount, the security of wireless networks is non-negotiable. To protect your network against potential threats, you must adopt a multifaceted approach. This includes embracing encryption, deploying secure authentication mechanisms, implementing network segmentation, and leveraging advanced defense strategies. Regular updates, audits, and penetration testing are crucial for maintaining a robust defense posture. In the dynamic realm of wireless security, vigilance and proactive measures are your most potent allies against potential threats.
golang-github-cncf-xds-0-0.10.20230912gite9ce688.fc39
golang-github-envoyproxy-control-plane-0.11.1-1.fc39
golang-github-nats-io-1.30.1-1.fc39
golang-github-nats-io-jwt-2-2.5.2-1.fc39
golang-github-nats-io-nkeys-0.4.5-2.fc39
golang-github-nats-io-streaming-server-0.25.5-1.fc39
golang-github-protobuf-1.5.3-3.fc39
golang-google-protobuf-1.31.0-4.fc39
nats-server-2.10.1-3.fc39
Contains updates to address CVE-2022-{28357,41717}