USN-6373-1: gawk vulnerability
It was discovered that gawk could be made to read out of bounds when processing certain inputs. If a user or an automated system were...
USN-6372-1: DBus vulnerability
It was discovered that DBus incorrectly handled certain invalid messages. A local attacker could possibly use this issue to cause DBus to crash, resulting in...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at swampUP 2023 in San Jose, California, on September...
CVE-2021-28485
Ericsson Mobile Switching Center Server (MSC-S) BC 18A and IS 3.1 releases before IS 3.1 CP22 allows Directory Traversal. Read More
BLASTPASS: Government agencies told to secure iPhones against spyware attacks
CISA, the United States's Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part...
Greater Manchester Police latest force to suffer serious data breach
Uh-oh, yet another UK police force has suffered a serious data breach. After the incidents involving Cumbria Police, Norfolk and Suffolk Police, and – perhaps...
USN-6371-1: libssh2 vulnerability
It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash. Read More
Manchester Police Officers’ Data Breached in Third-Party Attack
Officers working undercover or in sensitive roles like intelligence could be exposed Read More
Automation is key to effective and efficient pentest reporting
Graham Cluley Security News is sponsored this week by the folks at PlexTrac. Thanks to the great team there for their support! Getting high-quality, actionable...