Read Time:5 Second
The infostealer Vidar has returned to the top 10 after an increase in ‘brandjacking’ attacks
Yearly Archives: 2023
USN-5869-1: HAProxy vulnerability
Read Time:12 Second
Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg,
and Harvey Tuch discovered that HAProxy incorrectly handled empty header
names. A remote attacker could possibly use this issue to manipulate
headers and bypass certain authentication checks and restrictions.
Chinese Hackers Infiltrate South American Diplomatic Networks
Read Time:4 Second
The group previously targeted government agencies and think tanks in Asia and Europe
Upcoming Speaking Engagements
Read Time:25 Second
This is a current list of where and when I am scheduled to speak:
I’m speaking at Mobile World Congress 2023 in Barcelona, Spain, on March 1, 2023 at 1:00 PM CET.
I’m speaking on “How to Reclaim Power in the Digital World” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM.
I’m speaking at IT-S Now 2023 in Vienna, Austria, on June 1-2, 2023.
The list is maintained on this page.
CVE-2022-22564
Read Time:11 Second
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
CVE-2021-46023
Read Time:8 Second
An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash.
Hackers Breach Pepsi Bottling Ventures’ Network
Read Time:4 Second
Experts say the delay in notifying customers left data potentially open to compromise
vim-9.0.1307-1.fc36
Read Time:11 Second
FEDORA-2023-93fb5b08eb
Packages in this update:
vim-9.0.1307-1.fc36
Update description:
2169641 – Syntax highlight for sh files broken
The newest upstream commit
Security fixes for CVE-2022-47024, CVE-2023-0433
EnterpriseDB adds Transparent Data Encryption to PostgreSQL
Read Time:6 Second
The new Transparent Data Encryption (TDE) feature will be shipped along with the company’s enterprise version of its database.
USN-5868-1: Django vulnerability
Read Time:9 Second
Jakob Ackermann discovered that Django incorrectly handled certain file
uploads. A remote attacker could possibly use this issue to cause Django to
consume resources, leading to a denial of service.