USN-6484-1: OpenVPN vulnerabilities
It was discovered that OpenVPN incorrectly handled the --fragment option in certain configurations. A remote attacker could possibly use this issue to cause OpenVPN to...
Black Friday: Malwarebytes Warns of Credit Card Skimming Surge
Skimming threat actors ramp up their activity just in time for the holiday season Read More
Leaving Authentication Credentials in Public Code
Seth Godin wrote an article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security...
Stories from the SOC: Proactive steps to protect customers from misconfigured MFA
Executive summary Multifactor authentication, or MFA, provides users with an added layer of security when logging into web applications. Surpassing its predecessor, two-factor authentication, in...
Half of Ransomware Groups Operating in 2023 Are New
WithSecure report highlights widespread code reuse Read More
BlackCat Ransomware Group Reports Victim to SEC
ALPHV/BlackCat tries unusual extortion technique Read More
European Police Take Down $9m Vishing Gang
Fraudsters operated from Ukrainian call centers Read More
dnsx-1.1.6-1.fc40
FEDORA-2023-2e09477fbc Packages in this update: dnsx-1.1.6-1.fc40 Update description: Automatic update for dnsx-1.1.6-1.fc40. Changelog * Thu Nov 16 2023 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 1.1.6-1 -...
ZDI-23-1716: Luxion KeyShot Viewer KSP File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in...
Smashing Security podcast #348: Hacking for chimp change, and AI chatbot birthday
Who's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots....