Read Time:2 Second
SafeMoon claims exploited vulnerability was to blame
Yearly Archives: 2023
US sends million-dollar scammer to prison for four years
Read Time:16 Second
31-year-old Solomon Ekunke Okpe, of Lagos, was a member of a gang that devised and executed a variety of scams – including business email compromise (BEC), romance scams, working-from-home scams, and more – between December 2011 and January 2017.
Read more in my article on the Hot for Security blog.
Smashing Security podcast #315: Crypto hacker hijinks, government spyware, and Utah social media shocker
Read Time:18 Second
A cryptocurrency hack leads us down a mazze of twisty little passages, Joe Biden’s commercial spyware bill, and Utah gets tough on social media sites.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register’s Iain Thomson.
thunderbird-102.9.1-1.fc36
Read Time:20 Second
FEDORA-2023-0e1ae0d5f6
Packages in this update:
thunderbird-102.9.1-1.fc36
Update description:
Update to 102.9.1 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/
Update to 102.9.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.0/releasenotes/
thunderbird-102.9.1-1.fc37
Read Time:12 Second
FEDORA-2023-d093c0cd27
Packages in this update:
thunderbird-102.9.1-1.fc37
Update description:
Update to 102.9.1 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/
thunderbird-102.9.1-1.fc38
Read Time:12 Second
FEDORA-2023-a9c17dff60
Packages in this update:
thunderbird-102.9.1-1.fc38
Update description:
Update to 102.9.1 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/ ;
https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/
USN-5988-1: Xcftools vulnerabilities
Read Time:10 Second
It was discovered that integer overflows vulnerabilities existed in Xcftools.
An attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2019-5086, CVE-2019-5087)
CVE-2022-1274
Read Time:12 Second
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
CVE-2021-41526
Read Time:10 Second
A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action.
CVE-2019-8963
Read Time:9 Second
A Denial of Service (DoS) vulnerability was discovered in FlexNet Publisher’s lmadmin 11.16.5, when doing a crafted POST request on lmadmin using the web-based tool.