A new report from ENISA, the European Union Agency for Cybersecurity, looking at cyberattacks targeting the European transport network over a period of almost two years, has identified that ransomware has become the prominent threat.
Read more in my article on the Tripwire State of Security blog.
Intel has introduced its 13th Generation Core processor line, which the company claims is the first to build threat detection into hardware. In combination with endpoint detection and response (EDR) platforms from Intel partners, the new vPro processors promise a 70% reduction in attack surface compared to four-year-old PCs. Windows 11 systems can also take advantage of vPro’s memory encryption to provide better virtualization-based security.
In tests conducted by SE Labs and commissioned by Intel, the vPro platform had 93% efficacy at detecting top ransomware attacks, a 24% improvement over software alone. Other tests conducted by IDC showed that vPro’s virtualization security could result in a 26% decline in “major” security breaches and 21% fewer impactful security events while improving security team efficiency by 17%.
USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced
a regression in GNUTAR-based backups. This update reverts all of the
changes in amanda until a better fix is provided.
We apologize for the inconvenience.
Original advisory details:
Maher Azzouzi discovered an information disclosure vulnerability in the
calcsize binary within amanda. calcsize is a suid binary owned by root that
could possibly be used by a malicious local attacker to expose sensitive
file system information. (CVE-2022-37703)
Maher Azzouzi discovered a privilege escalation vulnerability in the
rundump binary within amanda. rundump is a suid binary owned by root that
did not perform adequate sanitization of environment variables or
commandline options and could possibly be used by a malicious local
attacker to escalate privileges. (CVE-2022-37704)
Maher Azzouzi discovered a privilege escalation vulnerability in the runtar
binary within amanda. runtar is a suid binary owned by root that did not
perform adequate sanitization of commandline options and could possibly be
used by a malicious local attacker to escalate privileges. (CVE-2022-37705)
Fix missing epoch in ImageMagick-heic requires (#2181176)
Update ImageMagick to 7.1.1.4 (#2176749)
Add support to libheif and add html docs
Rebuild rubygem-rmagick
MLflow, an open-source framework that’s used by many organizations to manage their machine-learning tests and record results, received a patch for a critical vulnerability that could allow attackers to extract sensitive information from servers such as SSH keys and AWS credentials. The attacks can be executed remotely without authentication because MLflow doesn’t implement authentication by default and an increasing number of MLflow deployments are directly exposed to the internet.
“Basically, every organization that uses this tool is at risk of losing their AI models, having an internal server compromised, and having their AWS account compromised,” Dan McInerney, a senior security engineer with cybersecurity startup Protect AI, told CSO. “It’s pretty brutal.”
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories on 49 vulnerabilities in eight industrial control systems (ICS) this week, which are used across multiple critical infrastructure sectors.
The vulnerabilities identified by CISA were tracked in products from ICS providers including Siemens, Hitachi, Rockwell, Delta Electronics, VISAM, and Keysight.
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.