Read Time:6 Second
In November 2022, the Top 10 Malware list remained consistent with October’s Top 10 malware except for three malware additions.
Yearly Archives: 2023
uriparser-0.9.7-1.el8
Read Time:7 Second
FEDORA-EPEL-2023-d9589cec98
Packages in this update:
uriparser-0.9.7-1.el8
Update description:
Update to uriparser-0.9.7.
rust-1.66.1-1.fc36
Read Time:13 Second
FEDORA-2023-575fcaf4bf
Packages in this update:
rust-1.66.1-1.fc36
Update description:
Security fix for CVE-2022-46176: Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. For more details, see the upstream security advisory.
rust-1.66.1-1.fc37
Read Time:13 Second
FEDORA-2023-19bcafe341
Packages in this update:
rust-1.66.1-1.fc37
Update description:
Security fix for CVE-2022-46176: Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. For more details, see the upstream security advisory.
CVE-2014-125076
Read Time:18 Second
A vulnerability was found in NoxxieNl Criminals. It has been classified as critical. Affected is an unknown function of the file ingame/roulette.php. The manipulation of the argument gambleMoney leads to sql injection. The name of the patch is 0a60b31271d4cbf8babe4be993d2a3a1617f0897. It is recommended to apply a patch to fix this issue. VDB-218022 is the identifier assigned to this vulnerability.
CVE-2014-125075
Read Time:17 Second
A vulnerability was found in gmail-servlet and classified as critical. This issue affects the function search of the file src/Model.java. The manipulation leads to sql injection. The name of the patch is 5d72753c2e95bb373aa86824939397dc25f679ea. It is recommended to apply a patch to fix this issue. The identifier VDB-218021 was assigned to this vulnerability.
Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams
Read Time:36 Second
Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off.
The study, by researchers with security firm WithSecure, demonstrates that not only can attackers generate unique variations of the same phishing lure with grammatically correct and human-like written text, but they can build entire email chains to make their emails more convincing and can even generate messages using the writing style of real people based on provided samples of their communications.
New APT Dark Pink Hits Asia-Pacific, Europe With Spear Phishing Tactics
Read Time:6 Second
The group began operations as early as mid-2021, but its activity increased in mid-to-late 2022
Multiple Danish Banks Disrupted By DDoS Cyber-Attack
Read Time:3 Second
The attack also affected IT financial industry solutions developer Bankdata
CVE-2013-10010
Read Time:20 Second
A vulnerability classified as problematic has been found in zerochplus. This affects the function PrintResList of the file test/mordor/thread.res.pl. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 9ddf9ecca8565341d8d26a3b2f64540bde4fa273. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218007.