December 2023 - Page 30 of 59 - Cyber Security News

Ten Years Later, New Clues in the Target Breach

On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million...

December 14, 2023

Advisories

USN-6557-1: Vim vulnerabilities

It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service....

December 14, 2023

Advisories

USN-6233-2: YAJL vulnerabilities

USN-6233-1 fixed vulnerabilities in YAJL. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It...

December 14, 2023

Advisories

USN-6558-1: audiofile vulnerabilities

It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially...

December 14, 2023

News

Surveillance Cameras Disguised as Clothes Hooks

This seems like a bad idea. And there are ongoing lawsuits against Amazon for selling them. Read More

December 14, 2023

Advisories

USN-6556-1: Budgie Extras vulnerabilities

It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny...

December 14, 2023

News

Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign

The FBI and CISA detected that hackers linked to the Russian foreign intelligence service (SVR) have been targeting a JetBrains TeamCity vulnerability since September 2023...

December 14, 2023

Advisories

opensc-0.24.0-1.fc39

FEDORA-2023-a854153d7a Packages in this update: opensc-0.24.0-1.fc39 Update description: New upstream release (#2240701) with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661 Read More

December 14, 2023

News

Hackers exploit Google Forms to trick users into falling for call-back phishing attack

Security researchers have discovered the latest evolution in call-back phishing campaigns. Read more in my article on the Tripwire State of Security blog. Read More

December 14, 2023

Advisories

opensc-0.24.0-1.fc38

FEDORA-2023-c7e4c9af51 Packages in this update: opensc-0.24.0-1.fc38 Update description: New upstream release (#2240701) with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661 Read More

December 14, 2023

Friday Squid Blogging: Female Gonatus Onyx Squid Carrying Her Eggs

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Safeguarding Healthcare Organizations from IoMT Risks

An Interview With the Target & Home Depot Hacker

Month: December 2023

Ten Years Later, New Clues in the Target Breach

USN-6557-1: Vim vulnerabilities

USN-6233-2: YAJL vulnerabilities

USN-6558-1: audiofile vulnerabilities

Surveillance Cameras Disguised as Clothes Hooks

USN-6556-1: Budgie Extras vulnerabilities

Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign

opensc-0.24.0-1.fc39

Hackers exploit Google Forms to trick users into falling for call-back phishing attack

opensc-0.24.0-1.fc38