A former software engineer at Ubiquiti Networks has pleaded guilty to stealing gigabytes of data from the firm, attempting to extort millions of dollars, and damaging the company’s reputation in the media.
Read more in my article on the Hot for Security blog.
A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. Upgrading to version 0.12.12 is able to address this issue. The name of the patch is 9e03f68e46e85ca9c9694a6971859b3ee66f0240. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220211.
Microsoft’s Digital Threat Analysis Center shared the findings last Friday in a blog post
It was discovered that tmux incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
syslog-ng-3.35.1-4.fc36
Security fix for CVE-2022-38725
The Tallahassee Memorial HealthCare hospital is following protocols for system downtime
Vesuvius, the London Stock Exchange-listed molten metal flow engineering company, says it has shut down some of its IT systems after being hit by a cyber attack.
syslog-ng-3.37.1-2.fc37
Security fix for CVE-2022-38725
Cybersecurity insurance firm Coalition has predicted that there will be 1,900 average monthly critical Common Vulnerabilities and Exposures (CVEs) in 2023, a 13% increase over 2022.
The predictions are a part of the company’s Cyber Threat Index, which was compiled using data gathered by the company’s active risk management and reduction technology, combining data from underwriting and claims, internet scans, its global network of honeypot sensors, and scanning over 5.2 billion IP addresses.
Cyber insurance firm Coalition has predicted that there will be 1,900 average monthly critical Common Vulnerabilities and Exposures (CVEs) in 2023, a 13% increase over 2022.
The predictions are a part of the company’s Cyber Threat Index, which was compiled using data gathered by the company’s active risk management and reduction technology, combining data from underwriting and claims, internet scans, its global network of honeypot sensors, and scanning over 5.2 billion IP addresses.
