oneVPL-2023.3.1-1.fc39
oneVPL-intel-gpu-23.3.4-2.fc39
Update oneVPL and oneVPL-intel-gpu to latest releases. Fixes CVE-2023-22338 and CVE-2023-22840. No ABI changes.
oneVPL-2023.3.1-1.el9
Update oneVPL and oneVPL-intel-gpu to latest releases. Fixes CVE-2023-22338 and CVE-2023-22840. No ABI changes.
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.
In today’s increasingly complex threat landscape, small and medium-sized businesses (SMBs) face significant challenges in protecting their assets and reputation from cyber threats. We will explore the benefits of SOAR, its role in enhancing security operations, and its ability to mitigate risks, streamline incident response, and protect valuable business assets.
SMBs often encounter resource constraints, limited budgets, and a shortage of skilled cybersecurity professionals. Cybercriminals recognize these vulnerabilities and actively target SMBs, seeking to exploit weaknesses in their security defenses. A successful cyber-attack can lead to financial losses, reputational damage, and even business disruption. It is crucial for SMBs to adopt robust cybersecurity strategies that enable efficient incident detection, response, and mitigation.
SOAR platforms empower SMBs to automate and orchestrate their security operations, bringing together people, processes, and technology to enhance their cybersecurity posture. The following are key reasons why SOAR is vital for SMBs:
SOAR enables the integration of various security tools, centralizing security events and alerts in a single console. By automating the analysis and correlation of these alerts, SMBs can detect and respond to potential threats in real-time. With SOAR, security teams can efficiently investigate incidents, triage alerts, and orchestrate response actions, reducing response times and minimizing the impact of security incidents.
SMBs often face resource limitations, making it challenging to maintain round-the-clock security monitoring and response capabilities. SOAR helps alleviate this burden by automating routine and repetitive tasks, freeing up security personnel to focus on more strategic activities. By streamlining workflows, SOAR enhances operational efficiency and optimizes resource utilization, even with limited staff and budgets.
SOAR platforms enable SMBs to develop standardized and automated incident response playbooks. These playbooks define predefined response actions based on the type and severity of security incidents. With automated incident response, SMBs can rapidly contain threats, mitigate risks, and minimize the potential damage caused by cyber-attacks. This capability is crucial in preventing breaches from escalating and safeguarding business assets.
SMBs often experience growth and evolving security needs. SOAR provides scalability by integrating with a wide range of security tools and technologies. As the SMB expands, the SOAR platform can accommodate new systems and adapt to changing security requirements, ensuring ongoing protection and flexibility.
SMBs operating in regulated industries must meet specific compliance requirements. SOAR platforms simplify compliance management by automating data collection, generating audit reports, and ensuring adherence to industry regulations. This capability enables SMBs to demonstrate compliance and streamline their reporting processes, saving valuable time and effort.
In the face of escalating cyber threats, SMBs must prioritize their cybersecurity defenses. Security Orchestration, Automation, and Response (SOAR) offers SMBs a comprehensive and proactive approach to protect their assets and reputation. By integrating security tools, automating workflows, and streamlining incident response, SOAR empowers SMBs to detect, respond to, and mitigate cyber threats effectively. Embracing SOAR technology allows SMBs to maximize their limited resources, optimize operational efficiency, and maintain a strong cybersecurity posture, ensuring their long-term success and resilience in the digital landscape.
The authors of this blog are from Vertek Corporation, a Master AT&T Cybersecurity USM Anywhere MSSP.
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-4057, CVE-2023-4577,
CVE-2023-4578, CVE-2023-4583, CVE-2023-4585, CVE-2023-5169, CVE-2023-5171,
CVE-2023-5176)
Andrew McCreight discovered that Thunderbird did not properly manage during
the worker lifecycle. An attacker could potentially exploit this issue to
cause a denial of service. (CVE-2023-3600)
Harveer Singh discovered that Thunderbird did not store push notifications
in private browsing mode in encrypted form. An attacker could potentially
exploit this issue to obtain sensitive information. (CVE-2023-4580)
Clément Lecigne discovered that Thunderbird did not properly manage memory
when handling VP8 media stream. An attacker-controlled VP8 media stream
could lead to a heap buffer overflow in the content process, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2023-5217)
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2023-5169,
CVE-2023-5170, CVE-2023-5171, CVE-2023-5172, CVE-2023-5175, CVE-2023-5176)
Ronald Crane discovered that Firefox did not properly manage memory when
non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled. An
attacker could potentially exploit this issue to cause a denial of service.
(CVE-2023-5173)
Clément Lecigne discovered that Firefox did not properly manage memory when
handling VP8 media stream. An attacker-controlled VP8 media stream could
lead to a heap buffer overflow in the content process, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2023-5217)
Improper Access to the VM resource manager can lead to Memory Corruption.
Posted by Apple Product Security via Fulldisclosure on Oct 02
APPLE-SA-09-26-2023-9 tvOS 17
tvOS 17 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213936.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Airport
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to read sensitive location information…
Posted by Apple Product Security via Fulldisclosure on Oct 02
APPLE-SA-09-26-2023-8 watchOS 10
watchOS 10 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213937.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
App Store
Available for: Apple Watch Series 4 and later
Impact: A remote attacker may be able to break out of Web Content
sandbox…
