Lace Tempest looks to spread Clop malware to victims
Yearly Archives: 2023
ICBC and Allen & Overy Hit By Ransomware
openvpn-2.6.7-1.fc39
FEDORA-2023-5facb6e061
Packages in this update:
openvpn-2.6.7-1.fc39
Update description:
Updates to upstream OpenVPN 2.6.7 which includes security fixes for CVE-2023-46849 and CVE-2023-46850. Two packaging related issues are also included in this update.
openvpn-2.6.7-1.fc38
FEDORA-2023-6846ec6920
Packages in this update:
openvpn-2.6.7-1.fc38
Update description:
Updates to upstream OpenVPN 2.6.7 which includes security fixes for CVE-2023-46849 and CVE-2023-46850. Two packaging related issues are also included in this update.
F5 BIG-IP Configuration Utility Authentication Bypass (CVE-2023-46747)
What is the Attack?
The vulnerability allows an unauthenticated attacker to exploit an authentication bypass vulnerability in F5 BIG-IP system. The exploit requires a network access through the management port to execute arbitrary system commands. F5 has warned their customers that threat actors are actively exploiting the vulnerability.
What is the Vendor Solution?
F5 has released relevant firmware updates for the affected products. For more information, visit here.
What FortiGuard Coverage is available?
FortiGuard Labs has an IPS signature “F5.BIG-IP.TMUI.AJP.Smuggling.Authentication.Bypass” to detect and block any attack targeting the vulnerability.
FortiGuard Labs also advises users to install the latest available patches as soon as possible.
Signature Techniques of Asian APT Groups Revealed
Kaspersky said the primary focus of these actors is cyber-espionage and information gathering
New Kamran Spyware Targets Urdu-Speaking Users in Pakistan
ESET said the attack affects Android users accessing the Urdu version of the Hunza News website
Iran-Affiliated Group Targets Israeli Firms Amid Israel-Hamas Conflict
CrowdStrike has attributed recent attacks on Israeli organizations in the transportation, logistics, and technology sectors to Iran-affiliated threat actor Imperial Kitten
syncthing-1.26.0-1.el9
FEDORA-EPEL-2023-e8c3b64ce1
Packages in this update:
syncthing-1.26.0-1.el9
Update description:
Update to version 1.26.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.26.0
syncthing-1.26.0-1.fc37
FEDORA-2023-fa2d7b25d9
Packages in this update:
syncthing-1.26.0-1.fc37
Update description:
Update to version 1.26.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.26.0