Read Time:3 Second
“Dark Angels” hacking group targets Andrade Gutierrez
Yearly Archives: 2023
mingw-python-werkzeug-2.2.3-1.fc37
Read Time:7 Second
FEDORA-2023-af75e27098
Packages in this update:
mingw-python-werkzeug-2.2.3-1.fc37
Update description:
Update to python-werkzeug-2.2.3.
mingw-python-werkzeug-2.2.3-1.fc38
Read Time:7 Second
FEDORA-2023-8d94dccc7e
Packages in this update:
mingw-python-werkzeug-2.2.3-1.fc38
Update description:
Update to python-werkzeug-2.2.3.
What is zero trust? A model for more effective security
Read Time:43 Second
Security leaders are embracing zero trust, with the vast majority of organizations either implementing or planning to adopt the strategy. The 2022 State of Zero-Trust Security report found that 97% of those surveyed either have or plan to have a zero-trust initiative in place within 18 months.
In fact, the percentage of organizations with zero trust already in place more than doubled in just one year, jumping from 24% in 2021 to 55% in the 2022 survey issued by identity and access management technology provider Okta.
And that 55% is more than three times the figure it was four years ago; when Okta first asked security leaders whether they had a zero-trust initiative in place or were planning one within the following 18 months for its 2018 report, only 16% answered yes.
Two-Thirds of European Firms Have Started Zero Trust
mingw-binutils-2.38-7.fc37
Read Time:6 Second
FEDORA-2023-a86258ed64
Packages in this update:
mingw-binutils-2.38-7.fc37
Update description:
Backport patch for CVE-2023-25587.
mingw-binutils-2.39-5.fc38
Read Time:6 Second
FEDORA-2023-dbba9e7218
Packages in this update:
mingw-binutils-2.39-5.fc38
Update description:
Backport patch for CVE-2023-25587.
mingw-binutils-2.37-7.fc36
Read Time:6 Second
FEDORA-2023-d044484038
Packages in this update:
mingw-binutils-2.37-7.fc36
Update description:
Backport patch for CVE-2023-25587.
USN-5928-1: systemd vulnerabilities
Read Time:47 Second
It was discovered that systemd did not properly validate the time and
accuracy values provided to the format_timespan() function. An attacker
could possibly use this issue to cause a buffer overrun, leading to a
denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu
16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-3821)
It was discovered that systemd did not properly manage the fs.suid_dumpable
kernel configurations. A local attacker could possibly use this issue to
expose sensitive information. This issue only affected Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-4415)
It was discovered that systemd did not properly manage a crash with long
backtrace data. A local attacker could possibly use this issue to cause a
deadlock, leading to a denial of service attack. This issue only affected
Ubuntu 22.10. (CVE-2022-45873)
ZDI-23-213: SolarWinds Network Performance Monitor WorkerControllerWCFProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability.