An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.
The humble USB drive—the workhorse of students, professionals, and everyday computer users. No wonder hackers put USB drives in their crosshairs.
Why such a target? All the things that make USB drives attractive to us make them attractive to hackers. They’re inexpensive, portable, and often swap between users. Taken together, that creates the perfect medium for hosting and distributing malware.
Likewise, USB drives can get lost or stolen quite easily. An absentminded or careless moment could put sensitive information at risk.
However, that’s not to say you should avoid using USB drives. Not at all. In fact, you can use them securely by taking a few straightforward steps.
Encryption gives you huge peace of mind in the event you lose your USB drive. It prevents others from accessing the data and files on it by scrambling them. Only a person with the password can access them. Windows users can check out this “how to” article on encryption—Apple users can learn about encryption on their support site as well.
If you’d rather skip those steps, you can purchase a USB drive that uses hardware-based encryption built in. These drives cost a little more, yet they more than make up for that in the protection that they offer.
Physical security is important too. You can prevent loss and theft by toting around your drive in your pocket, bag, or purse. Locking it away in a secure location while you’re not using it stands as a solid option as well.
You never know what malware might be lurking on someone else’s device. Sharing a USB drive with someone else can help malware make the jump from their device to yours. Think twice before sharing.
Don’t put it past hackers to load a USB drive with malware in the hopes that someone will pick it up. In fact, several large malware campaigns got their start by mailing “free” USB drives to thousands and thousands of households, businesses, and government agencies.
On Windows computers, you can prevent USB drives from automatically running any files. Some malware will run when the drive gets inserted into the device. Head to Settings > Devices > AutoPlay to disable that feature.
Deleting a file doesn’t erase data from a drive. It makes space available on a drive, so that old data might still be there—and recoverable. Comprehensive online protection like ours includes a file shredder that will completely erase old data and files.
Malware can easily make its way onto a USB drive. Comprehensive online protection can spot, block, and remove malware before it can do any harm.
The post USB Drives – Protecting Your Humble Workhorse from Malware and Loss appeared first on McAfee Blog.
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a project member can leak credentials stored in site profile.
ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.
A Brazilian spyware app vendor was hacked by activists:
In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases. By exploiting other flaws in the spyware maker’s web dashboard—used by abusers to access the stolen phone data of their victims—the hackers said they enumerated and downloaded every dashboard record, including every customer’s email address.
The hackers said that dashboard access also allowed them to delete victim devices from the spyware network altogether, effectively severing the connection at the server level to prevent the device from uploading new data. “Which we definitely did. Because we could. Because #fuckstalkerware,” the hackers wrote in the note.
The note was included in a cache containing more than 1.5 gigabytes of data scraped from the spyware’s web dashboard. That data included information about each customer, such as the IP address they logged in from and their purchase history. The data also listed every device that each customer had compromised, which version of the spyware the phone was running, and the types of data that the spyware was collecting from the victim’s phone.
NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross Site Scripting (XSS).
Although the patches for these vulnerabilities have already been released, public attacks are still occurring
xrdp-0.9.23-1.fc38
Release notes for xrdp v0.9.23 (2023/08/31)
General announcements
Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.
Security fixes
CVE-2023-40184: Improper handling of session establishment errors allows bypassing OS-level session restrictions (Reported by @gafusss)
Bug fixes
Environment variables set by PAM modules are no longer restricted to around 250 characters (#2712)
X11 clipboard clients now no longer hang when requesting a clipboard format which isn’t available (#2767)
New features
No new features in this release.
Internal changes
Introduce release tarball generation script (#2703)
cppcheck version used for CI bumped to 2.11 (#2738)
Known issues
On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)
xrdp-0.9.23-1.fc37
Release notes for xrdp v0.9.23 (2023/08/31)
General announcements
Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.
Security fixes
CVE-2023-40184: Improper handling of session establishment errors allows bypassing OS-level session restrictions (Reported by @gafusss)
Bug fixes
Environment variables set by PAM modules are no longer restricted to around 250 characters (#2712)
X11 clipboard clients now no longer hang when requesting a clipboard format which isn’t available (#2767)
New features
No new features in this release.
Internal changes
Introduce release tarball generation script (#2703)
cppcheck version used for CI bumped to 2.11 (#2738)
Known issues
On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)
xrdp-0.9.23-1.fc39
Release notes for xrdp v0.9.23 (2023/08/31)
General announcements
Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.
Security fixes
CVE-2023-40184: Improper handling of session establishment errors allows bypassing OS-level session restrictions (Reported by @gafusss)
Bug fixes
Environment variables set by PAM modules are no longer restricted to around 250 characters (#2712)
X11 clipboard clients now no longer hang when requesting a clipboard format which isn’t available (#2767)
New features
No new features in this release.
Internal changes
Introduce release tarball generation script (#2703)
cppcheck version used for CI bumped to 2.11 (#2738)
Known issues
On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)
