USN-6579-1: Xerces-C++ vulnerability
It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error....
USN-6560-2: OpenSSH vulnerabilities
USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Fabian Bäumer,...
USN-6578-1: .NET vulnerabilities
Vishal Mishra and Anita Gaud discovered that .NET did not properly validate X.509 certificates with malformed signatures. An attacker could possibly use this issue to...
CIS Benchmarks January 2024 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for January 2024. Read More
1.3 Million FNF Customers’ Data Potentially Exposed in Ransomware Attack
Fidelity National Financial revealed that the ransomware attack last year potentially impacted 1.3 million customers data in an updated SEC filing Read More
Mandiant’s X Account Was Hacked in Brute-Force Password Attack
Mandiant has shared its findings following X account hijacking, firm blames misconfigured 2FA and X's policy change Read More
Pharmacies Giving Patient Records to Police without Warrants
Add pharmacies to the list of industries that are giving private data to the police without a warrant. Read More
Security firm Mandiant says it didn’t have 2FA enabled on its hacked Twitter account
Anyone who works in computer security knows that they should have two-factor authentication (2FA) enabled on their accounts. 2FA provides an additional layer of security....
Stories from the SOC: BlackCat on the prowl
This blog was co-authored with Josue Gomez and Ofer Caspi. Executive summary BlackCat is and has been one of the more prolific malware strains in...
NCSC Publishes Practical Security Guidance For SMBs
The UK’s National Cyber Security Centre has launched a new online security guide to help smaller organizations better manage risk Read More