pesign-115-4.fc36
FEDORA-2023-5399953e3b Packages in this update: pesign-115-4.fc36 Update description: Fix CVE-2022-3560 This is a privilege escalation in the pesign-authorize script, which is now deprecated. There is...
Privacera connects to Dremio’s data lakehouse to aid data governance
The integration of open-source based Privacera into Dremio’s data lakehouse is designed to allow joint customer enterprises to manage and organize secure data access. Read...
USN-5835-3: Nova vulnerability
Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially...
USN-5834-1: Apache HTTP Server vulnerabilities
It was discovered that the Apache HTTP Server mod_dav module did not properly handle specially crafted request headers. A remote attacker could possibly use this...
USN-5835-1: Cinder vulnerability
Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially...
USN-5835-2: OpenStack Glance vulnerability
Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a...
Trulioo launches end-to-end identity platform
Identity verification firm Trulioo on Tuesday launched a new global identity platform for “person” and “business” verification. Trulioo so far sold multiple identity products, each operating...
Ransomware Payments Are Down
Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million...
Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges
Researchers from cybersecurity firm Proofpoint claim to have discovered a new threat campaign involving malicious third-party OAuth apps that are used to infiltrate organizations’ cloud...
Stories from the SOC – RapperBot, Mirai Botnet – C2, CDIR Drop over SSH
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for...